Vulnerabilities > Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-26 | CVE-2017-7459 | Injection vulnerability in Ntop Ntopng ntopng before 3.0 allows HTTP Response Splitting. | 7.5 |
| 2017-05-21 | CVE-2017-9135 | Injection vulnerability in Mimosa Backhaul Radios and Client Radios An issue was discovered on Mimosa Client Radios before 2.2.4 and Mimosa Backhaul Radios before 2.2.4. | 8.8 |
| 2017-05-21 | CVE-2017-9133 | Injection vulnerability in Mimosa Backhaul Radios and Client Radios An issue was discovered on Mimosa Client Radios before 2.2.3 and Mimosa Backhaul Radios before 2.2.3. | 8.8 |
| 2017-05-06 | CVE-2017-6031 | Injection vulnerability in Certec EDV Gmbh Atvise Scada 2.5.10 A Header Injection issue was discovered in Certec EDV GmbH atvise scada prior to Version 3.0. | 8.8 |
| 2017-05-03 | CVE-2017-8458 | Injection vulnerability in Brave 0.12.4 Brave 0.12.4 has a URI Obfuscation issue in which a string such as https://[email protected]/ is displayed without a clear UI indication that it is not a resource on the safe.example.com web site. | 6.5 |
| 2017-04-28 | CVE-2017-2140 | Injection vulnerability in Gaku Tablacus Explorer 17.3.30 Tablacus Explorer 17.3.30 and earlier allows arbitrary scripts to be executed in the context of the application due to specially crafted directory. | 8.8 |
| 2017-04-24 | CVE-2017-3547 | Injection vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.54/8.55 Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: MultiChannel Framework). | 7.4 |
| 2017-04-13 | CVE-2016-8720 | Injection vulnerability in Moxa Awk-3131A Firmware 1.1 An exploitable HTTP Header Injection vulnerability exists in the Web Application functionality of the Moxa AWK-3131A Wireless Access Point running firmware 1.1. | 4.3 |
| 2017-04-13 | CVE-2016-1155 | Injection vulnerability in Google Android HTTP header injection vulnerability in the URLConnection class in Android OS 2.2 through 6.0 allows remote attackers to execute arbitrary scripts or set arbitrary values in cookies. | 9.8 |
| 2017-04-12 | CVE-2017-7703 | Injection vulnerability in multiple products In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the IMAP dissector could crash, triggered by packet injection or a malformed capture file. | 7.5 |