Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

injection vulnerabilities and exploits

(subscribe to this query)

5
CVSSv2
CVE-2020-26419
Memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service via packet injection or crafted capture file....
Wireshark Wireshark 3.4.0Fedoraproject Fedora 32Fedoraproject Fedora 33
10
CVSSv2
CVE-2020-24916
CGI implementation in Yaws web server versions 1.81 to 2.0.7 is vulnerable to OS command injection....
Yaws Yaws
9
CVSSv2
CVE-2018-0427
A vulnerability in the CronJob scheduler API of Cisco Digital Network Architecture (DNA) Center could allow an authenticated, remote attacker to perform a command injection attack. The vulnerability is due to incorrect input validation of user-supplied data. An attacker could...
Cisco Application Policy Infrastructure Controller Enterprise Module Dnac1.1
5
CVSSv2
CVE-2017-10919
Xen through 4.8.x mishandles virtual interrupt injection, which allows guest OS users to cause a denial of service (hypervisor crash), aka XSA-223....
Xen Xen
5
CVSSv2
CVE-2019-0188
Apache Camel prior to 2.24.0 contains an XML external entity injection (XXE) vulnerability (CWE-611) due to using an outdated vulnerable JSON-lib library. This affects only the camel-xmljson component, which was removed....
Apache Camel
4.3
CVSSv2
CVE-2019-1680
A vulnerability in Cisco Webex Business Suite could allow an unauthenticated, remote attacker to inject arbitrary text into a user's browser. The vulnerability is due to improper validation of input. An attacker could exploit this vulnerability by convincing a targeted user...
Cisco Webex Business SuiteCisco Webex Meetings Online
7.5
CVSSv2
CVE-2013-4386
Multiple SQL injection vulnerabilities in app/models/concerns/host_common.rb in Foreman before 1.2.3 allow remote attackers to execute arbitrary SQL commands via the (1) fqdn or (2) hostgroup parameter....
Redhat Openstack 3.0Theforeman Foreman 1.2.0Theforeman Foreman 1.2.1Theforeman Foreman
4
CVSSv2
CVE-2021-1282
Multiple vulnerabilities in Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an attacker to conduct path traversal attacks and SQL injection attacks on an affected system. One of the SQL injection vulnerabilities that...
Cisco Unified Communications ManagerCisco Unified Communications Manager Im And Presence Service
4
CVSSv2
CVE-2021-1355
Multiple vulnerabilities in Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an attacker to conduct path traversal attacks and SQL injection attacks on an affected system. One of the SQL injection vulnerabilities that...
Cisco Unified Communications ManagerCisco Unified Communications Manager Im And Presence Service
4
CVSSv2
CVE-2021-1357
Multiple vulnerabilities in Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an attacker to conduct path traversal attacks and SQL injection attacks on an affected system. One of the SQL injection vulnerabilities that...
Cisco Unified Communications ManagerCisco Unified Communications Manager Im And Presence Service
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
byte structXSSCVE-2021-27065byte struct projectquinnNULL pointer dereferenceCVE-2021-25336CVE-2021-27907CVE-2021-26858CVE-2021-25339local usersinternmentCVE-2021-28032