Vulnerabilities > Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-08 | CVE-2020-28468 | Injection vulnerability in Pwntools Project Pwntools This affects the package pwntools before 4.3.1. | 9.8 |
| 2020-12-30 | CVE-2020-10208 | Injection vulnerability in Amino products Command Injection in EntoneWebEngine in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows authenticated remote attackers to execute arbitrary commands with root user privileges. | 9.9 |
| 2020-12-24 | CVE-2020-35669 | Injection vulnerability in Dart Http An issue was discovered in the http package through 0.12.2 for Dart. | 6.1 |
| 2020-12-22 | CVE-2020-35608 | Injection vulnerability in Microsoft Azure Sphere 20.07 A code execution vulnerability exists in the normal world’s signed code execution functionality of Microsoft Azure Sphere 20.07. | 7.8 |
| 2020-12-18 | CVE-2020-27687 | Injection vulnerability in Thingsboard ThingsBoard before v3.2 is vulnerable to Host header injection in password-reset emails. | 8.8 |
| 2020-12-14 | CVE-2020-8177 | Injection vulnerability in multiple products curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used. | 7.8 |
| 2020-12-10 | CVE-2020-25967 | Injection vulnerability in Fastadmin 1.0.0.20200506 The member center function in fastadmin V1.0.0.20200506_beta is vulnerable to a Server-Side Template Injection (SSTI) vulnerability. | 8.8 |
| 2020-12-09 | CVE-2020-26260 | Injection vulnerability in Bookstackapp Bookstack BookStack is a platform for storing and organising information and documentation. | 6.4 |
| 2020-12-09 | CVE-2020-29655 | Injection vulnerability in Asus Rt-Ac88U Firmware 3.0.0.4.386.46061 An injection vulnerability exists in RT-AC88U Download Master before 3.1.0.108. | 7.5 |
| 2020-11-30 | CVE-2020-14193 | Injection vulnerability in Atlassian Automation for Jira Affected versions of Automation for Jira - Server allowed remote attackers to read and render files as mustache templates in files inside the WEB-INF/classes & <jira-installation>/jira/bin directories via a template injection vulnerability in Jira smart values using mustache partials. | 5.4 |