Vulnerabilities > Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-03-21 | CVE-2013-7487 | Injection vulnerability in Swann products On Swann DVR04B, DVR08B, DVR-16CIF, and DVR16B devices, raysharpdvr application has a vulnerable call to “system”, which allows remote attackers to execute arbitrary code via TCP port 9000. | 6.8 |
2020-03-20 | CVE-2019-18860 | Injection vulnerability in multiple products Squid before 4.9, when certain web browsers are used, mishandles HTML in the host (aka hostname) parameter to cachemgr.cgi. | 6.1 |
2020-03-19 | CVE-2019-12416 | Injection vulnerability in Apache Deltaspike we got reports for 2 injection attacks against the DeltaSpike windowhandler.js. | 6.1 |
2020-03-18 | CVE-2020-8468 | Injection vulnerability in Trendmicro Apex One, Officescan and Worry-Free Business Security Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) agents are affected by a content validation escape vulnerability which could allow an attacker to manipulate certain agent client components. | 6.5 |
2020-03-16 | CVE-2019-11073 | Injection vulnerability in Paessler Prtg Network Monitor A Remote Code Execution vulnerability exists in PRTG Network Monitor before 19.4.54.1506 that allows attackers to execute code due to insufficient sanitization when passing arguments to the HttpTransactionSensor.exe binary. | 9.0 |
2020-03-15 | CVE-2020-7607 | Injection vulnerability in Gulp-Styledocco Project Gulp-Styledocco 0.0.1/0.0.2/0.0.3 gulp-styledocco through 0.0.3 allows execution of arbitrary commands. | 7.5 |
2020-03-15 | CVE-2020-7606 | Injection vulnerability in Docker-Compose-Remote-Api Project Docker-Compose-Remote-Api docker-compose-remote-api through 0.1.4 allows execution of arbitrary commands. | 7.5 |
2020-03-15 | CVE-2020-7605 | Injection vulnerability in Gulp-Tape Project Gulp-Tape gulp-tape through 1.0.0 allows execution of arbitrary commands. | 7.5 |
2020-03-15 | CVE-2020-7604 | Injection vulnerability in Pulverizr Project Pulverizr 0.5.0/0.5.1/0.7.0 pulverizr through 0.7.0 allows execution of arbitrary commands. | 7.5 |
2020-03-15 | CVE-2020-7603 | Injection vulnerability in Closure-Compiler-Stream Project Closure-Compiler-Stream closure-compiler-stream through 0.1.15 allows execution of arbitrary commands. | 7.5 |