Vulnerabilities > Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-12 | CVE-2023-31025 | Injection vulnerability in Nvidia DGX A100 Firmware 00.19.07 NVIDIA DGX A100 BMC contains a vulnerability where an attacker may cause an LDAP user injection. | 7.5 |
| 2024-01-08 | CVE-2024-21645 | Injection vulnerability in Pyload pyLoad is the free and open-source Download Manager written in pure Python. | 5.3 |
| 2024-01-08 | CVE-2023-29050 | Injection vulnerability in Open-Xchange OX APP Suite 7.10.5/7.10.6/8.16 The optional "LDAP contacts provider" could be abused by privileged users to inject LDAP filter strings that allow to access content outside of the intended hierarchy. | 9.6 |
| 2024-01-03 | CVE-2023-6004 | Injection vulnerability in multiple products A flaw was found in libssh. | 4.8 |
| 2024-01-03 | CVE-2023-50093 | Injection vulnerability in Apiida API Gateway Manager 2023.02.02 APIIDA API Gateway Manager for Broadcom Layer7 v2023.2.2 is vulnerable to Host Header Injection. | 6.1 |
| 2024-01-03 | CVE-2023-39655 | Injection vulnerability in Perfood Couchauth A host header injection vulnerability exists in the NPM package @perfood/couch-auth versions <= 0.20.0. | 9.6 |
| 2024-01-02 | CVE-2024-21623 | Injection vulnerability in Mehah Otclient OTCLient is an alternative tibia client for otserv. | 9.8 |
| 2023-12-28 | CVE-2023-52081 | Injection vulnerability in Ewen-Lbh Firefox CSS 0.1.0/0.1.1/0.1.2 ffcss is a CLI interface to apply and configure Firefox CSS themes. | 5.3 |
| 2023-12-25 | CVE-2023-49328 | Injection vulnerability in Wolterskluwer B.Point 23.70.00 On a Wolters Kluwer B.POINT 23.70.00 server running Linux on premises, during the authentication phase, a validated system user can achieve remote code execution via Argument Injection in the server-to-server module. | 7.2 |
| 2023-12-20 | CVE-2023-35895 | Injection vulnerability in IBM Informix Jdbc 4.10/4.50 IBM Informix JDBC Driver 4.10 and 4.50 is susceptible to remote code execution attack via JNDI injection when passing an unchecked argument to a certain API. | 9.8 |