Vulnerabilities > Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-15 | CVE-2020-35775 | Injection vulnerability in Citsmart CITSmart before 9.1.2.23 allows LDAP Injection. | 9.8 |
| 2021-02-12 | CVE-2021-20644 | Injection vulnerability in Elecom Wrc-1467Ghbk-A Firmware ELECOM WRC-1467GHBK-A allows arbitrary scripts to be executed on the user's web browser by displaying a specially crafted SSID on the web setup page. | 6.1 |
| 2021-02-11 | CVE-2021-23335 | Injection vulnerability in Is-User-Valid Project Is-User-Valid All versions of package is-user-valid are vulnerable to LDAP Injection which can lead to either authentication bypass or information exposure. | 7.5 |
| 2021-02-09 | CVE-2021-21479 | Injection vulnerability in SAP Scimono In SCIMono before 0.0.19, it is possible for an attacker to inject and execute java expression compromising the availability and integrity of the system. | 9.1 |
| 2021-02-09 | CVE-2021-21141 | Injection vulnerability in multiple products Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass file extension policy via a crafted HTML page. | 6.5 |
| 2021-02-09 | CVE-2021-21137 | Injection vulnerability in multiple products Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page. | 6.5 |
| 2021-02-05 | CVE-2021-21303 | Injection vulnerability in Helm Helm is open-source software which is essentially "The Kubernetes Package Manager". | 6.8 |
| 2021-02-04 | CVE-2021-1221 | Injection vulnerability in Cisco Webex Meetings Server A vulnerability in the user interface of Cisco Webex Meetings and Cisco Webex Meetings Server Software could allow an authenticated, remote attacker to inject a hyperlink into a meeting invitation email. | 4.1 |
| 2021-01-30 | CVE-2020-15690 | Injection vulnerability in Nim-Lang NIM In Nim before 1.2.6, the standard library asyncftpclient lacks a check for whether a message contains a newline character. | 9.8 |
| 2021-01-26 | CVE-2021-21278 | Injection vulnerability in Rsshub RSSHub is an open source, easy to use, and extensible RSS feed generator. | 9.8 |