Vulnerabilities > Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-12 | CVE-2013-7378 | Injection vulnerability in Hubot Scripts Project Hubot Scripts scripts/email.coffee in the Hubot Scripts module before 2.4.4 for Node.js allows remote attackers to execute arbitrary commands. | 7.5 |
| 2020-02-11 | CVE-2020-5821 | Injection vulnerability in Symantec Endpoint Protection Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a DLL injection vulnerability, which is a type of issue whereby an individual attempts to execute their own code in place of legitimate code as a means to perform an exploit. | 4.6 |
| 2020-02-10 | CVE-2014-5086 | Injection vulnerability in multiple products A Command Execution vulnerability exists in Sphider Pro, and Sphider Plus 3.2 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. | 6.5 |
| 2020-02-10 | CVE-2014-5085 | Injection vulnerability in Sphider-Plus 3.2 A Command Execution vulnerability exists in Sphider Plus 3.2 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. | 6.5 |
| 2020-02-10 | CVE-2014-5084 | Injection vulnerability in Sphiderpro Sphider PRO 3.2 A Command Execution vulnerability exists in Sphider Pro 3.2 due to insufficient sanitization of fwrite, which could let a remote malicious user execute arbitrary code. | 6.5 |
| 2020-02-10 | CVE-2014-5083 | Injection vulnerability in Sphider A Command Execution vulnerability exists in Sphider before 1.3.6 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. | 6.5 |
| 2020-02-07 | CVE-2010-4658 | Injection vulnerability in Status Statusnet 2010 statusnet through 2010 allows attackers to spoof syslog messages via newline injection attacks. | 5.0 |
| 2020-02-07 | CVE-2013-3628 | Injection vulnerability in Zabbix 2.0.9 Zabbix 2.0.9 has an Arbitrary Command Execution Vulnerability | 6.5 |
| 2020-02-04 | CVE-2019-15616 | Injection vulnerability in Nextcloud Server Dangling remote share attempts in Nextcloud 16 allow a DNS pollution when running long. | 4.0 |
| 2020-02-04 | CVE-2013-2678 | Injection vulnerability in Cisco Linksys E4200 Firmware 1.0.05 Cisco Linksys E4200 1.0.05 Build 7 routers contain a Local File Include Vulnerability which could allow remote attackers to obtain sensitive information or execute arbitrary code by sending a crafted URL request to the apply.cgi script using the submit_type parameter. | 6.8 |