Vulnerabilities > Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-02 | CVE-2020-28246 | Injection vulnerability in Form Form.Io 2.0.0 A Server-Side Template Injection (SSTI) was discovered in Form.io 2.0.0. | 9.8 |
| 2022-05-11 | CVE-2022-22975 | Injection vulnerability in VMWare Pinniped An issue was discovered in the Pinniped Supervisor with either LADPIdentityProvider or ActiveDirectoryIdentityProvider resources. | 6.6 |
| 2022-05-05 | CVE-2022-29166 | Injection vulnerability in Matrix IRC Bridge matrix-appservice-irc is a Node.js IRC bridge for Matrix. | 8.8 |
| 2022-04-15 | CVE-2022-28345 | Injection vulnerability in Signal The Signal app before 5.34 for iOS allows URI spoofing via RTLO injection. | 7.5 |
| 2022-04-11 | CVE-2022-24838 | Injection vulnerability in Nextcloud Calendar Nextcloud Calendar is a calendar application for the nextcloud framework. | 9.8 |
| 2022-04-11 | CVE-2021-22055 | Injection vulnerability in VMWare Photon OS The SchedulerServer in Vmware photon allows remote attackers to inject logs through \r in the package parameter. | 5.3 |
| 2022-04-09 | CVE-2022-1287 | Injection vulnerability in School Club Application System Project School Club Application System 1.0 A vulnerability classified as critical was found in School Club Application System 1.0. | 9.8 |
| 2022-03-29 | CVE-2022-25420 | Injection vulnerability in Nttr GOO Blog 1.0 NTT Resonant Incorporated goo blog App Web Application 1.0 is vulnerable to CLRF injection. | 9.8 |
| 2022-03-27 | CVE-2022-26205 | Injection vulnerability in Marky Project Marky Marky commit 3686565726c65756e was discovered to contain a remote code execution (RCE) vulnerability via the Display text fields. | 9.8 |
| 2022-03-14 | CVE-2022-22344 | Injection vulnerability in IBM Spectrum Copy Data Management IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. | 6.1 |