Vulnerabilities > Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-08 | CVE-2021-30777 | Injection vulnerability in Apple mac OS X and Macos An injection issue was addressed with improved validation. | 7.8 |
| 2021-09-07 | CVE-2021-40143 | Injection vulnerability in Sonatype Nexus Repository Manager 3 Sonatype Nexus Repository 3.x through 3.33.1-01 is vulnerable to an HTTP header injection. | 8.2 |
| 2021-08-18 | CVE-2020-18875 | Injection vulnerability in Dotcms Incorrect Access Control in DotCMS versions before 5.1 allows remote attackers to gain privileges by injecting client configurations via vtl (velocity) files. | 8.8 |
| 2021-08-12 | CVE-2021-20509 | Injection vulnerability in IBM Maximo Asset Management IBM Maximo Asset Management 7.6.0 and 7.6.1 is potentially vulnerable to CSV Injection. | 9.8 |
| 2021-08-10 | CVE-2021-38371 | Injection vulnerability in Exim The STARTTLS feature in Exim through 4.94.2 allows response injection (buffering) during MTA SMTP sending. | 7.5 |
| 2021-08-09 | CVE-2020-23148 | Injection vulnerability in Rconfig 3.9.5 The userLogin parameter in ldap/login.php of rConfig 3.9.5 is unsanitized, allowing attackers to perform a LDAP injection and obtain sensitive information via a crafted POST request. | 7.5 |
| 2021-08-09 | CVE-2021-38290 | Injection vulnerability in Thedaylightstudio Fuel CMS A host header attack vulnerability exists in FUEL CMS 1.5.0 through fuel/modules/fuel/config/fuel_constants.php and fuel/modules/fuel/libraries/Asset.php. | 8.1 |
| 2021-08-04 | CVE-2020-24821 | Injection vulnerability in Libelfin Project Libelfin 0.3 A vulnerability in the dwarf::cursor::skip_form function of Libelfin v0.3 allows attackers to cause a denial of service (DOS) through a segmentation fault via a crafted ELF file. | 5.5 |
| 2021-08-04 | CVE-2020-24822 | Injection vulnerability in Libelfin Project Libelfin 0.3 A vulnerability in the dwarf::cursor::uleb function of Libelfin v0.3 allows attackers to cause a denial of service (DOS) through a segmentation fault via a crafted ELF file. | 5.5 |
| 2021-08-04 | CVE-2020-24823 | Injection vulnerability in Libelfin Project Libelfin 0.3 A vulnerability in the dwarf::to_string function of Libelfin v0.3 allows attackers to cause a denial of service (DOS) through a segmentation fault via a crafted ELF file. | 5.5 |