Vulnerabilities > Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-08-05 | CVE-2017-9861 | Injection vulnerability in SMA products An issue was discovered in SMA Solar Technology products. | 9.8 |
2017-07-25 | CVE-2017-6748 | Injection vulnerability in Cisco products A vulnerability in the CLI parser of the Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to perform command injection and elevate privileges to root. | 6.7 |
2017-07-18 | CVE-2017-5246 | Injection vulnerability in Biscom Secure File Transfer Biscom Secure File Transfer is vulnerable to AngularJS expression injection in the Display Name field. | 4.3 |
2017-07-17 | CVE-2017-1000052 | Injection vulnerability in Plug Project Plug Elixir Plug before v1.0.4, v1.1.7, v1.2.3 and v1.3.2 is vulnerable to null byte injection in the Plug.Static component, which may allow users to bypass filetype restrictions. | 7.8 |
2017-06-26 | CVE-2017-7459 | Injection vulnerability in Ntop Ntopng ntopng before 3.0 allows HTTP Response Splitting. | 7.5 |
2017-05-21 | CVE-2017-9135 | Injection vulnerability in Mimosa Backhaul Radios and Client Radios An issue was discovered on Mimosa Client Radios before 2.2.4 and Mimosa Backhaul Radios before 2.2.4. | 8.8 |
2017-05-21 | CVE-2017-9133 | Injection vulnerability in Mimosa Backhaul Radios and Client Radios An issue was discovered on Mimosa Client Radios before 2.2.3 and Mimosa Backhaul Radios before 2.2.3. | 8.8 |
2017-05-06 | CVE-2017-6031 | Injection vulnerability in Certec EDV Gmbh Atvise Scada 2.5.10 A Header Injection issue was discovered in Certec EDV GmbH atvise scada prior to Version 3.0. | 8.8 |
2017-05-03 | CVE-2017-8458 | Injection vulnerability in Brave 0.12.4 Brave 0.12.4 has a URI Obfuscation issue in which a string such as https://[email protected]/ is displayed without a clear UI indication that it is not a resource on the safe.example.com web site. | 6.5 |
2017-04-28 | CVE-2017-2140 | Injection vulnerability in Gaku Tablacus Explorer 17.3.30 Tablacus Explorer 17.3.30 and earlier allows arbitrary scripts to be executed in the context of the application due to specially crafted directory. | 8.8 |