2418 matches found
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' in github.com/argoproj/argo-workflows...
CVE-2021-22125
An instance of improper neutralization of special elements in the sniffer module of FortiSandbox before 3.2.2 may allow an authenticated administrator to execute commands on the underlying system's shell via altering the content of its configuration file...
The vulnerability of the Dovecot mail server arises from incorrect neutralization of special elements in the output data used by the incoming component, allowing attackers to expose user credentials.
The vulnerability of the Dovecot mail server is related to incorrect neutralization of special elements in the output data used by the incoming component. Exploiting this vulnerability can allow a remote attacker to expose user credentials...
VulnCheck KEV: CVE-2021-20028
SonicWall Secure Remote Access SRA products contain an improper neutralization of a SQL Command leading to SQL injection...
CVE-2021-30187
CODESYS V2 runtime system SP before 2.4.7.55 has Improper Neutralization of Special Elements used in an OS Command...
DEBIAN-CVE-2020-28015
Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. Local users can alter the behavior of root processes because a recipient address can have a newline character...
Design/Logic Flaw
Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. Local users can alter the behavior of root processes because a recipient address can have a newline character...
CVE-2020-28015
Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. Local users can alter the behavior of root processes because a recipient address can have a newline character...
CVE-2020-28015
Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. Local users can alter the behavior of root processes because a recipient address can have a newline character. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
Ubuntu 16.04 ESM : Exim vulnerabilities (USN-4934-2)
The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4934-2 advisory. USN-4934-1 fixed several vulnerabilities in Exim. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. CVE-2020-28026...
CVE-2021-0268
CVE-2021-0268 concerns Juniper Networks Junos OS J-Web, due to an Improper Neutralization of CRLF Sequences in HTTP Headers (HTTP Response Splitting). The weakness can cause buffer overflows or segment faults and, per sources, may enable cross-site scripting (XSS) and cookie manipulation, with th...
Improper neutralization of arguments in freediskspace
This affects all versions of package freediskspace. The vulnerability arises out of improper neutralization of arguments in line 71 of freediskspace.js...
GHSA-4GFQ-6M28-M5MG Improper neutralization of arguments in freediskspace
This affects all versions of package freediskspace. The vulnerability arises out of improper neutralization of arguments in line 71 of freediskspace.js...
The vulnerability of the DhcpClient method in the Bluetooth Blueman manager arises from incorrect neutralization of special elements in the output data. This allows attackers to access confidential data, compromise its integrity, and cause service failures.
The vulnerability of the DhcpClient method in the Bluetooth Blueman manager is related to incorrect elimination of special elements in the output data. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrity, and cause service failures...
CVE-2021-20681
CVE-2021-20681 affects baserCMS prior to 4.4.5. The issue is improper neutralization of JavaScript input in the page editing feature, allowing remote authenticated attackers to inject arbitrary scripts via unspecified vectors. Impact is described as potential script execution in the user’s browse...
JVN#64869876: Multiple vulnerabilities in baserCMS
baserCMS provided by baserCMS Users Community contains multiple vulnerabilities listed below. Improper Neutralization of JavaScript input in the page editing function CWE-79 - CVE-2021-20681 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N| Base Score: 5.4...
CVE-2021-22122
An improper neutralization of input during web page generation in FortiWeb GUI interface 6.3.0 through 6.3.7 and version before 6.2.4 may allow an unauthenticated, remote attacker to perform a reflected cross site scripting attack XSS by injecting malicious payload in different vulnerable API...
CVE-2020-7775
This affects all versions of package freediskspace. The vulnerability arises out of improper neutralization of arguments in line 71 of freediskspace.js...
CVE-2020-7775 Command Injection
This affects all versions of package freediskspace. The vulnerability arises out of improper neutralization of arguments in line 71 of freediskspace.js...
Revive Adserver 5.1.0 Cross Site Scripting
======================================================================== Revive Adserver Security Advisory REVIVE-SA-2021-002 ------------------------------------------------------------------------ https://www.revive-adserver.com/security/revive-sa-2021-002...