CWE-74— Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection)
The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.— MITRE CWE catalog
5,081 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-74page 13 of 102
- CVE-2021-23335HIGHCVSS 7.5EG 7.52021-02-11
All versions of package is-user-valid are vulnerable to LDAP Injection which can lead to either authentication bypass or information exposure.
- CVE-2021-23400MEDIUMCVSS 6.3EG 6.32021-06-29
The package nodemailer before 6.6.1 are vulnerable to HTTP Header Injection if unsanitized user input that may contain newlines and carriage returns is passed into an address object.
- CVE-2021-24002HIGHCVSS 8.8EG 8.82021-06-24
When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would have been interpreted as such and allowed arbitrary commands to be sent to the FTP server. This vulnerability affects Firefox ESR < 7…
- CVE-2021-24144HIGHCVSS 7.8EG 7.82021-03-18
Unvalidated input in the Contact Form 7 Database Addon plugin, versions before 1.2.5.6, was prone to a vulnerability that lets remote attackers inject arbitrary formulas into CSV files.
- CVE-2021-24948HIGHCVSS 7.5EG 7.52022-01-10
The Plus Addons for Elementor - Pro WordPress plugin before 5.0.7 does not validate the qvquery parameter of the tp_get_dl_post_info_ajax AJAX action, which could allow unauthenticated users to retrieve sensitive information, such as priva…
- CVE-2021-25682HIGHCVSS 8.8EG 7.82021-06-11
It was discovered that the get_pid_info() function in data/apport did not properly parse the /proc/pid/status file from the kernel.
- CVE-2021-25980HIGHCVSS 8.8EG 8.82021-11-11
In Talkyard, versions v0.04.01 through v0.6.74-WIP-63220cb, v0.2020.22-WIP-b2e97fe0e through v0.2021.02-WIP-879ef3fe1 and tyse-v0.2021.02-879ef3fe1-regular through tyse-v0.2021.28-af66b6905-regular, are vulnerable to Host Header Injection.…
- CVE-2021-25994HIGHCVSS 8.8EG 8.82022-01-03
In Userfrosting, versions v0.3.1 to v4.6.2 are vulnerable to Host Header Injection. By luring a victim application user to click on a link, an unauthenticated attacker can use the “forgot password” functionality to reset the victim’s…
- CVE-2021-26068HIGHCVSS 8.8EG 8.82021-02-22
An endpoint in Atlassian Jira Server for Slack plugin from version 0.0.3 before version 2.0.15 allows remote attackers to execute arbitrary code via a template injection vulnerability.
- CVE-2021-26069MEDIUMCVSS 5.3EG 5.32021-03-22
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to download temporary files and enumerate project keys via an Information Disclosure vulnerability in the /rest/api/1.0/issues/{id}/ActionsAn…
- CVE-2021-26084CRITICALCVSS 9.8EG 9.8⚠ KEV2021-08-30
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions …
- CVE-2021-27132CRITICALCVSS 9.8EG 9.82021-02-27
SerComm AG Combo VD625 AGSOT_2.1.0 devices allow CRLF injection (for HTTP header injection) in the download function via the Content-Disposition header.
- CVE-2021-27182HIGHCVSS 8.8EG 8.82021-04-14
An issue was discovered in MDaemon before 20.0.4. There is an IFRAME injection vulnerability in Webmail (aka WorldClient). It can be exploited via an email message. It allows an attacker to perform any action with the privileges of the att…
- CVE-2021-27493MEDIUMCVSS 6.1EG 6.52022-04-01
Philips Vue PACS versions 12.2.x.x and prior does not ensure or incorrectly ensures structured messages or data are well formed and that certain security properties are met before being read from an upstream component or sent to a downstre…
- CVE-2021-27611MEDIUMCVSS 6.7EG 6.72021-05-11
SAP NetWeaver AS ABAP, versions - 700, 701, 702, 730, 731, allow a high privileged attacker to inject malicious code by executing an ABAP report when the attacker has access to the local SAP system. The attacker could then get access to da…
- CVE-2021-27614HIGHCVSS 7.1EG 7.12021-05-11
SAP Business One Hana Chef Cookbook, versions - 8.82, 9.0, 9.1, 9.2, 9.3, 10.0, used to install SAP Business One on SAP HANA, allows an attacker to inject code that can be executed by the application. An attacker could thereby control the …
- CVE-2021-27730CRITICALCVSS 9.8EG 9.82021-03-02
Accellion FTA 9_12_432 and earlier is affected by argument injection via a crafted POST request to an admin endpoint. The fixed version is FTA_9_12_444 and later.
- CVE-2021-27908MEDIUMCVSS 5.8EG 5.82021-03-23
In all versions prior to Mautic 3.3.2, secret parameters such as database credentials could be exposed publicly by an authorized admin user through leveraging Symfony parameter syntax in any of the free text fields in Mautic’s configurat…
- CVE-2021-27971HIGHCVSS 7.8EG 7.82022-01-31
Alps Alpine Touchpad Driver 10.3201.101.215 is vulnerable to DLL Injection.
- CVE-2021-28829MEDIUMCVSS 6.5EG 6.52021-04-20
The Administration GUI component of TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric, TIBCO Administrato…
- CVE-2021-28963MEDIUMCVSS 5.3EG 5.32021-03-22
Shibboleth Service Provider before 3.2.1 allows content injection because template generation uses attacker-controlled parameters.
- CVE-2021-28979MEDIUMCVSS 6.5EG 6.52021-06-16
SafeNet KeySecure Management Console 8.12.0 is vulnerable to HTTP response splitting attacks. A remote attacker could exploit this vulnerability using specially-crafted URL to cause the server to return a split response, once the URL is cl…
- CVE-2021-29084HIGHCVSS 7.5EG 7.52021-06-23
Improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability in Security Advisor report management component in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attac…
- CVE-2021-29085HIGHCVSS 8.6EG 7.52021-06-23
Improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability in file sharing management component in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attackers to rea…
- CVE-2021-29156HIGHCVSS 7.5EG 9.02021-03-25
ForgeRock OpenAM before 13.5.1 allows LDAP injection via the Webfinger protocol. For example, an unauthenticated attacker can perform character-by-character retrieval of password hashes, or retrieve a session token or a private key.
- CVE-2021-29208MEDIUMCVSS 4.8EG 4.82021-05-25
A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE Si…
- CVE-2021-29209MEDIUMCVSS 4.8EG 4.82021-05-25
A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE Si…
- CVE-2021-29210MEDIUMCVSS 4.8EG 4.82021-05-25
A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE Si…
- CVE-2021-29414MEDIUMCVSS 6.1EG 6.12021-05-21
STMicroelectronics STM32L4 devices through 2021-03-29 have incorrect physical access control.
- CVE-2021-29416MEDIUMCVSS 6.5EG 6.52021-03-29
An issue was discovered in PortSwigger Burp Suite before 2021.2. During viewing of a malicious request, it can be manipulated into issuing a request that does not respect its upstream proxy configuration. This could leak NetNTLM hashes on …
- CVE-2021-29454HIGHCVSS 8.1EG 8.12022-01-10
Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versions 3.1.42 and 4.0.2, template authors could run arbitrary PHP code by crafting a malicious math string. If a…
- CVE-2021-29501HIGHCVSS 8.1EG 8.12021-05-10
Ticketer is a command based ticket system cog (plugin) for the red discord bot. A vulnerability allowing discord users to expose sensitive information has been found in the Ticketer cog. Please upgrade to version 1.0.1 as soon as possible.…
- CVE-2021-29502HIGHCVSS 7.3EG 7.32021-05-10
WarnSystem is a cog (plugin) for the Red discord bot. A vulnerability has been found in the code that allows any user to access sensible informations by setting up a specific template which is not properly sanitized. The problem has been p…
- CVE-2021-29676MEDIUMCVSS 5.4EG 5.42021-06-25
IBM Security Verify (IBM Security Verify Privilege Vault 10.9.66) is vulnerable to link injection. By persuading a victim to click on a specially-crafted URL link, a remote attacker could exploit this vulnerability to conduct various attac…
- CVE-2021-29702HIGHCVSS 7.5EG 7.52021-06-16
Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1.4 and 11.5.5 is vulnerable to a denial of service as the server terminates abnormally when executing a specially crafted SELECT statement. IBM X-Force ID: 200658.
- CVE-2021-29795MEDIUMCVSS 6.0EG 6.02021-09-21
IBM PowerVM Hypervisor FW860, FW930, FW940, and FW950 could allow a local user to create a specially crafted sequence of hypervisor calls from a partition that could crash the system. IBM X-Force ID: 203557.
- CVE-2021-29955MEDIUMCVSS 5.3EG 5.32021-06-24
A transient execution vulnerability, named Floating Point Value Injection (FPVI) allowed an attacker to leak arbitrary memory addresses and may have also enabled JIT type confusion attacks. (A related vulnerability, Speculative Code Store …
- CVE-2021-30057MEDIUMCVSS 4.8EG 4.82021-04-05
A stored HTML injection vulnerability exists in Knowage Suite version 7.1. An attacker can inject arbitrary HTML in "/restful-services/2.0/analyticalDrivers" via the 'LABEL' and 'NAME' parameters.
- CVE-2021-30214MEDIUMCVSS 5.4EG 5.42021-05-12
Knowage Suite 7.3 is vulnerable to Stored Client-Side Template Injection in '/knowage/restful-services/signup/update' via the 'name' parameter.
- CVE-2021-3027MEDIUMCVSS 6.5EG 6.52021-03-26
app/views_mod/user/user.py in LibrIT PaSSHport through 2.5 is affected by LDAP Injection. There is an information leak through the crafting of special queries, escaping the provided search filter because user input gets no sanitization.
- CVE-2021-30506HIGHCVSS 8.8EG 8.82021-06-04
Incorrect security UI in Web App Installs in Google Chrome on Android prior to 90.0.4430.212 allowed an attacker who convinced a user to install a web application to inject scripts or HTML into a privileged page via a crafted HTML page.
- CVE-2021-30540MEDIUMCVSS 6.5EG 6.52021-06-07
Incorrect security UI in payments in Google Chrome on Android prior to 91.0.4472.77 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
- CVE-2021-30653HIGHCVSS 7.8EG 7.82021-09-08
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing a maliciously crafted image may lead to arbitrary code execution.
- CVE-2021-30777HIGHCVSS 7.8EG 7.82021-09-08
An injection issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. A malicious application may be able to gain root privileges.
- CVE-2021-31164HIGHCVSS 7.5EG 7.52021-05-04
Apache Unomi prior to version 1.5.5 allows CRLF log injection because of the lack of escaping in the log statements.
- CVE-2021-31249MEDIUMCVSS 6.5EG 9.02021-06-04
A CRLF injection vulnerability was found on BF-430, BF-431, and BF-450M TCP/IP Converter devices from CHIYU Technology Inc due to a lack of validation on the parameter redirect= available on multiple CGI components.
- CVE-2021-31402HIGHCVSS 7.5EG 7.52021-04-15
The dio package 4.0.0 for Dart allows CRLF injection if the attacker controls the HTTP method string, a different vulnerability than CVE-2020-35669.
- CVE-2021-3154HIGHCVSS 7.5EG 7.52021-05-04
An issue was discovered in SolarWinds Serv-U before 15.2.2. Unauthenticated attackers can retrieve cleartext passwords via macro Injection. NOTE: this had a distinct fix relative to CVE-2020-35481.
- CVE-2021-3169CRITICALCVSS 9.8EG 9.82021-07-23
An issue in Jumpserver before 2.6.2, before 2.5.4, before 2.4.5 allows attackers to create a connection token through an API which does not have access control and use it to access sensitive assets.
- CVE-2021-3197CRITICALCVSS 9.8EG 9.82021-02-27
An issue was discovered in SaltStack Salt before 3002.5. The salt-api's ssh client is vulnerable to a shell injection by including ProxyCommand in an argument, or via ssh_options provided in an API request.
Map vulnerabilities like CWE-74 to your infrastructure
EchelonGraph correlates every CVE — across CWE-74 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →