Vulnerabilities > Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-14 | CVE-2022-38796 | Injection vulnerability in Feehi CMS 2.1.1 A Host Header Injection vulnerability in Feehi CMS 2.1.1 may allow an attacker to spoof a particular header. | 6.1 |
| 2022-09-09 | CVE-2022-34165 | Injection vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.9 are vulnerable to HTTP header injection, caused by improper validation. | 5.4 |
| 2022-09-07 | CVE-2022-37108 | Injection vulnerability in Securonix Snypr 6.4 An injection vulnerability in the syslog-ng configuration wizard in Securonix Snypr 6.4 allows an application user with the "Manage Ingesters" permission to execute arbitrary code on remote ingesters by appending arbitrary text to text files that are executed by the system, such as users' crontab files. | 7.2 |
| 2022-08-25 | CVE-2022-37240 | Injection vulnerability in Altn Security Gateway for Email Servers 8.5.2 MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to HTTP Response splitting via the format parameter. | 9.8 |
| 2022-08-25 | CVE-2022-37242 | Injection vulnerability in Altn Security Gateway for Email Servers 8.5.2 MDaemon Technologies SecurityGateway for Email Servers 8.5.2, is vulnerable to HTTP Response splitting via the data parameter. | 9.8 |
| 2022-08-22 | CVE-2022-34773 | Injection vulnerability in Tabit Tabit - HTTP Method manipulation. | 9.8 |
| 2022-08-18 | CVE-2022-32453 | Injection vulnerability in Cybozu Office HTTP header injection vulnerability in Cybozu Office 10.0.0 to 10.8.5 may allow a remote attacker to obtain and/or alter the data of the product via unspecified vectors. | 6.5 |
| 2022-08-15 | CVE-2022-38357 | Injection vulnerability in Eyeofnetwork Eyes of Network web 5.3 Improper neutralization of special elements leaves the Eyes of Network Web application vulnerable to an iFrame injection attack, via the url parameter of /module/module_frame/index.php. | 8.8 |
| 2022-08-15 | CVE-2022-35954 | Injection vulnerability in Github Toolkit The GitHub Actions ToolKit provides a set of packages to make creating actions easier. | 5.0 |
| 2022-08-05 | CVE-2022-31658 | Injection vulnerability in VMWare products VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a remote code execution vulnerability. | 7.2 |