Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
inject vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2018-14055
ZNC before 1.7.1-rc1 does not properly validate untrusted lines coming from the network, allowing a non-admin user to escalate his privilege and inject rogue values into znc.conf....
Znc Znc
Debian Debian Linux 9.0
9
CVSSv2
CVE-2019-12629
A vulnerability in the WebUI of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject and execute arbitrary commands with vmanage user privileges on an affected system. The vulnerability is due to insufficient input validation of data parameters for...
Cisco Sd-wan Firmware
6.5
CVSSv2
CVE-2018-12561
An issue was discovered in the cantata-mounter D-Bus service in Cantata through 2.3.1. A regular user can inject additional mount options such as file_mode= by manipulating (for example) the domain parameter of the samba URL....
Cantata Project Cantata
5
CVSSv2
CVE-2017-7848
RSS fields can inject new lines into the created email structure, modifying the message body. This vulnerability affects Thunderbird < 52.5.2....
Mozilla Thunderbird
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Workstation 7.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
1 Article available
7.5
CVSSv2
CVE-2018-1132
A flaw was found in Opendaylight's SDNInterfaceapp (SDNI). Attackers can SQL inject the component's database (SQLite) without authenticating to the controller or SDNInterfaceapp. SDNInterface has been deprecated in OpenDayLight since it was last used in the final...
Opendaylight Sdninterfaceapp
4.3
CVSSv2
CVE-2020-3117
A vulnerability in the API Framework of Cisco AsyncOS for Cisco Web Security Appliance (WSA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to inject crafted HTTP headers in the web server's response. The vulnerability...
Cisco Content Security Management Appliance
Cisco Web Security Appliance 11.8.0-382
Cisco Web Security Appliance 12.0.1-268
6.5
CVSSv2
CVE-2018-0344
A vulnerability in the vManage dashboard for the configuration and management service of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject and execute arbitrary commands with vmanage user privileges on an affected system. The vulnerability is due...
Cisco Vbond Orchestrator -
Cisco Vedge-plus -
Cisco Vedge-pro -
Cisco Vmanage Network Management -
Cisco Vsmart Controller -
Cisco Vedge-100 Firmware
Cisco Vedge 100b Firmware
Cisco Vedge 100m Firmware
Cisco Vedge 100wm Firmware
Cisco Vedge-1000 Firmware
Cisco Vedge-2000 Firmware
Cisco Vedge-5000 Firmware
4.3
CVSSv2
CVE-2014-6439
Cross-site scripting (XSS) vulnerability in the CORS functionality in Elasticsearch before 1.4.0.Beta1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors....
Elasticsearch Elasticsearch
4.3
CVSSv2
CVE-2015-5654
Cross-site scripting (XSS) vulnerability in Dojo Toolkit before 1.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors....
Dojotoolkit Dojo
4.3
CVSSv2
CVE-2016-3113
Cross-site scripting (XSS) vulnerability in ovirt-engine allows remote attackers to inject arbitrary web script or HTML....
Redhat Ovirt-engine -
1 Github repository available
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-29997
CVE-2021-29943
cross-site request forgery
malicious code
CVE-2021-26411
CVE-2021-29627
ibm
CVE-2021-23281
collaborative lifecycle management
CVE-2021-25253
SSTI
Get Started
1
2
3
4
5
NEXT »