CWE-74— Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection)
The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.— MITRE CWE catalog
5,079 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-74page 12 of 102
- CVE-2020-9688HIGHCVSS 7.8EG 7.82020-07-17
Adobe Download Manager version 2.0.0.518 have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.
- CVE-2020-9757CRITICALCVSS 9.8EG 9.82020-03-04
The SEOmatic component before 3.3.0 for Craft CMS allows Server-Side Template Injection that leads to RCE via malformed data to the metacontainers controller.
- CVE-2021-0268HIGHCVSS 8.8EG 9.32021-04-22
An Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') weakness in J-web of Juniper Networks Junos OS leads to buffer overflows, segment faults, or other impacts, which allows an attacker to modify the int…
- CVE-2021-0551MEDIUMCVSS 6.5EG 6.52021-06-22
In bind of MediaControlPanel.java, there is a possible way to lock up the system UI using a malicious media file due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. …
- CVE-2021-0553HIGHCVSS 7.3EG 7.32021-06-22
In onBindViewHolder of AppSwitchPreference.java, there is a possible bypass of device admin setttings due to unclear UI. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for…
- CVE-2021-0567HIGHCVSS 7.8EG 7.82021-06-22
In isRestricted of RemoteViews.java, there is a possible way to inject font files due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed …
- CVE-2021-0594HIGHCVSS 8.0EG 8.02021-07-14
In onCreate of ConfirmConnectActivity, there is a possible remote bypass of user consent due to improper input validation. This could lead to remote (proximal, NFC) escalation of privilege allowing an attacker to deceive a user into allowi…
- CVE-2021-1221MEDIUMCVSS 4.1EG 4.12021-02-04
A vulnerability in the user interface of Cisco Webex Meetings and Cisco Webex Meetings Server Software could allow an authenticated, remote attacker to inject a hyperlink into a meeting invitation email. The vulnerability is due to insuffi…
- CVE-2021-1359MEDIUMCVSS 6.3EG 6.32021-07-08
A vulnerability in the configuration management of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to perform command injection and elevate privileges to root. This vulnerability is due to…
- CVE-2021-1432HIGHCVSS 7.3EG 7.32021-03-24
A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as the root user. The attacker must be authenticated on the affected d…
- CVE-2021-20101MEDIUMCVSS 6.1EG 6.12021-06-29
Machform prior to version 16 is vulnerable to HTTP host header injection due to improperly validated host headers. This could cause a victim to receive malformed content.
- CVE-2021-20509CRITICALCVSS 9.8EG 9.82021-08-12
IBM Maximo Asset Management 7.6.0 and 7.6.1 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 198243.
- CVE-2021-20543MEDIUMCVSS 5.4EG 5.42022-06-24
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of…
- CVE-2021-20574HIGHCVSS 8.8EG 8.82021-06-28
IBM Security Identity Manager Adapters 6.0 and 7.0 could allow a remote authenticated attacker to conduct an LDAP injection. By using a specially crafted request, an attacker could exploit this vulnerability and takeover other accounts. IB…
- CVE-2021-20644MEDIUMCVSS 6.1EG 6.12021-02-12
ELECOM WRC-1467GHBK-A allows arbitrary scripts to be executed on the user's web browser by displaying a specially crafted SSID on the web setup page.
- CVE-2021-20736CRITICALCVSS 9.1EG 9.12021-06-22
NoSQL injection vulnerability in GROWI versions prior to v4.2.20 allows a remote attacker to obtain and/or alter the information stored in the database via unspecified vectors.
- CVE-2021-20802MEDIUMCVSS 5.3EG 5.32021-10-13
HTTP header injection vulnerability in Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote attacker to alter the information stored in the product.
- CVE-2021-21137MEDIUMCVSS 6.5EG 6.52021-02-09
Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page.
- CVE-2021-21141MEDIUMCVSS 6.5EG 6.52021-02-09
Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass file extension policy via a crafted HTML page.
- CVE-2021-21242CRITICALCVSS 10.0EG 10.02021-01-15
OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, there is a critical vulnerability which can lead to pre-auth remote code execution. AttachmentUploadServlet deserializes untrusted data from the `Attachment-Support` …
- CVE-2021-21243CRITICALCVSS 10.0EG 10.02021-01-15
OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, a Kubernetes REST endpoint exposes two methods that deserialize untrusted data from the request body. These endpoints do not enforce any authentication or authorizati…
- CVE-2021-21244CRITICALCVSS 10.0EG 10.02021-01-15
OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, There is a vulnerability that enabled pre-auth server side template injection via Bean validation message tampering. Full details in the reference GHSA. This issue wa…
- CVE-2021-21247CRITICALCVSS 9.6EG 9.62021-01-15
OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, the application's BasePage registers an AJAX event listener (`AbstractPostAjaxBehavior`) in all pages other than the login page. This listener decodes and deserialize…
- CVE-2021-21248CRITICALCVSS 9.6EG 9.62021-01-15
OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, there is a critical vulnerability involving the build endpoint parameters. InputSpec is used to define parameters of a Build spec. It does so by using dynamically gen…
- CVE-2021-21249CRITICALCVSS 9.6EG 9.62021-01-15
OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, there is an issue involving YAML parsing which can lead to post-auth remote code execution. In order to parse and process YAML files, OneDev uses SnakeYaml which by d…
- CVE-2021-21261HIGHCVSS 7.3EG 7.32021-01-14
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. A bug was discovered in the `flatpak-portal` service that can allow sandboxed applications to execute arbitrary code on the host system (a…
- CVE-2021-21263HIGHCVSS 7.2EG 7.22021-01-19
Laravel is a web application framework. Versions of Laravel before 6.20.11, 7.30.2 and 8.22.1 contain a query binding exploitation. This same exploit applies to the illuminate/database package which is used by Laravel. If a request is craf…
- CVE-2021-21277HIGHCVSS 8.5EG 8.52021-02-01
angular-expressions is "angular's nicest part extracted as a standalone module for the browser and node". In angular-expressions before version 1.1.2 there is a vulnerability which allows Remote Code Execution if you call "expressions.comp…
- CVE-2021-21278HIGHCVSS 8.6EG 8.62021-01-26
RSSHub is an open source, easy to use, and extensible RSS feed generator. In RSSHub before version 7f1c430 (non-semantic versioning) there is a risk of code injection. Some routes use `eval` or `Function constructor`, which may be injected…
- CVE-2021-21303MEDIUMCVSS 5.9EG 5.92021-02-05
Helm is open-source software which is essentially "The Kubernetes Package Manager". Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. In Helm from version 3.0 and before version 3.5.2, there a …
- CVE-2021-21305HIGHCVSS 7.4EG 7.42021-02-08
CarrierWave is an open-source RubyGem which provides a simple and flexible way to upload files from Ruby applications. In CarrierWave before versions 1.3.2 and 2.1.1, there is a code injection vulnerability. The "#manipulate!" method inapp…
- CVE-2021-21313MEDIUMCVSS 4.9EG 4.92021-03-03
GLPI is open source software which stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package. In GLPI before verison 9.5.4, there is a vulnerability in the /ajax/common.tabs.php endpoint, …
- CVE-2021-21316MEDIUMCVSS 6.3EG 6.32021-02-16
less-openui5 is an npm package which enables building OpenUI5 themes with Less.js. In less-openui5 before version 0.10., when processing theming resources (i.e. `*.less` files) with less-openui5 that originate from an untrusted source, tho…
- CVE-2021-21333MEDIUMCVSS 6.1EG 6.12021-03-26
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.27.0, the notification emails sent for notification…
- CVE-2021-21353MEDIUMCVSS 6.8EG 6.82021-03-03
Pug is an npm package which is a high-performance template engine. In pug before version 3.0.1, if a remote attacker was able to control the `pretty` option of the pug compiler, e.g. if you spread a user provided object such as the query …
- CVE-2021-21372HIGHCVSS 8.3EG 8.32021-03-26
Nimble is a package manager for the Nim programming language. In Nim release version before versions 1.2.10 and 1.4.4, Nimble doCmd is used in different places and can be leveraged to execute arbitrary commands. An attacker can craft a mal…
- CVE-2021-21381HIGHCVSS 7.1EG 7.12021-03-11
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In Flatpack since version 0.9.4 and before version 1.10.2 has a vulnerability in the "file forwarding" feature which can be used by an att…
- CVE-2021-21420HIGHCVSS 7.5EG 7.52021-04-01
vscode-stripe is an extension for Visual Studio Code. A vulnerability in Stripe for Visual Studio Code extension exists when it loads an untrusted source-code repository containing malicious settings. An attacker who successfully exploited…
- CVE-2021-21479CRITICALCVSS 9.1EG 9.12021-02-09
In SCIMono before 0.0.19, it is possible for an attacker to inject and execute java expression compromising the availability and integrity of the system.
- CVE-2021-21510MEDIUMCVSS 6.1EG 6.12021-03-08
Dell iDRAC8 versions prior to 2.75.100.75 contain a host header injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by injecting arbitrary ‘Host’ header values to poison a web-cache or …
- CVE-2021-21580MEDIUMCVSS 4.3EG 4.32021-08-03
Dell EMC iDRAC8 versions prior to 2.80.80.80 & Dell EMC iDRAC9 versions prior to 5.00.00.00 contain a Content spoofing / Text injection, where a malicious URL can inject text to present a customized message on the application that can phis…
- CVE-2021-21743MEDIUMCVSS 4.3EG 4.32021-10-20
ZTE MF971R product has a CRLF injection vulnerability. An attacker could exploit the vulnerability to modify the HTTP response header information through a specially crafted HTTP request.
- CVE-2021-22035MEDIUMCVSS 4.3EG 4.32021-10-13
VMware vRealize Log Insight (8.x prior to 8.6) contains a CSV(Comma Separated Value) injection vulnerability in interactive analytics export function. An authenticated malicious actor with non-administrative privileges may be able to embed…
- CVE-2021-22055MEDIUMCVSS 5.3EG 5.32022-04-11
The SchedulerServer in Vmware photon allows remote attackers to inject logs through \r in the package parameter. Attackers can also insert malicious data and fake entries.
- CVE-2021-22191MEDIUMCVSS 6.3EG 8.82021-03-15
Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution via via packet injection or crafted capture file.
- CVE-2021-22204MEDIUMCVSS 6.8EG 9.0⚠ KEV2021-04-23
Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image
- CVE-2021-22232LOWCVSS 3.5EG 3.52021-07-06
HTML injection was possible via the full name field before versions 13.11.6, 13.12.6, and 14.0.2 in GitLab CE
- CVE-2021-22331HIGHCVSS 7.5EG 7.52021-04-28
There is a JavaScript injection vulnerability in certain Huawei smartphones. A module does not verify some inputs sufficiently. Attackers can exploit this vulnerability by sending a malicious application request to launch JavaScript inject…
- CVE-2021-22879HIGHCVSS 8.8EG 8.82021-04-14
Nextcloud Desktop Client prior to 3.1.3 is vulnerable to resource injection by way of missing validation of URLs, allowing a malicious server to execute remote commands. User interaction is needed for exploitation.
- CVE-2021-22910CRITICALCVSS 9.8EG 9.82021-08-09
A sanitization vulnerability exists in Rocket.Chat server versions <3.13.2, <3.12.4, <3.11.4 that allowed queries to an endpoint which could result in a NoSQL injection, potentially leading to RCE.
Map vulnerabilities like CWE-74 to your infrastructure
EchelonGraph correlates every CVE — across CWE-74 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →