CWE-74— Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection)
The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.— MITRE CWE catalog
5,082 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-74page 20 of 102
- CVE-2023-26493HIGHCVSS 8.1EG 8.12023-03-27
Cocos Engine is an open-source framework for building 2D & 3D real-time rendering and interactive content. In the github repo for Cocos Engine the `web-interface-check.yml` was subject to command injection. The `web-interface-check.yml` wa…
- CVE-2023-26919HIGHCVSS 7.2EG 7.22023-04-10
delight-nashorn-sandbox 0.2.4 and 0.2.5 is vulnerable to sandbox escape. When allowExitFunctions is set to false, the loadWithNewGlobal function can be used to invoke the exit and quit methods to exit the Java process.
- CVE-2023-27040CRITICALCVSS 9.8EG 9.82023-03-16
Simple Image Gallery v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the username parameter.
- CVE-2023-27479CRITICALCVSS 9.9EG 9.92023-03-07
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions any user with view rights can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access t…
- CVE-2023-27533HIGHCVSS 8.8EG 8.82023-03-30
A vulnerability in input validation exists in curl <8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during server negotiation. The lack of proper input …
- CVE-2023-2760HIGHCVSS 7.6EG 7.62023-07-17
An SQL injection vulnerability exists in TapHome core HandleMessageUpdateDevicePropertiesRequest function before version 2023.2, allowing low privileged users to inject arbitrary SQL directives into an SQL query and execute arbitrary SQL c…
- CVE-2023-27635HIGHCVSS 7.8EG 7.82023-03-05
debmany in debian-goodies 0.88.1 allows attackers to execute arbitrary shell commands (because of an eval call) via a crafted .deb file. (The path is shown to the user before execution.)
- CVE-2023-2797LOWCVSS 3.1EG 3.12023-06-16
Mattermost fails to sanitize code permalinks, allowing an attacker to preview code from private repositories by posting a specially crafted permalink on a channel.
- CVE-2023-28016LOWCVSS 3.1EG 3.12023-06-22
Host Header Injection vulnerability in the HCL BigFix OSD Bare Metal Server version 311.12 or lower allows attacker to supply invalid input to cause the OSD Bare Metal Server to perform a redirect to an attacker-controlled domain.
- CVE-2023-28598HIGHCVSS 7.5EG 7.52023-06-13
Zoom for Linux clients prior to 5.13.10 contain an HTML injection vulnerability. If a victim starts a chat with a malicious user it could result in a Zoom application crash.
- CVE-2023-28599MEDIUMCVSS 4.3EG 4.32023-06-13
Zoom clients prior to 5.13.10 contain an HTML injection vulnerability. A malicious user could inject HTML into their display name potentially leading a victim to a malicious website during meeting creation.
- CVE-2023-28637HIGHCVSS 8.0EG 8.02023-03-28
DataEase is an open source data visualization analysis tool. In Dataease users are normally allowed to modify data and the data sources are expected to properly sanitize data. The AWS redshift data source does not provide data sanitization…
- CVE-2023-28853HIGHCVSS 7.7EG 7.72023-04-04
Mastodon is a free, open-source social network server based on ActivityPub Mastodon allows configuration of LDAP for authentication. Starting in version 2.5.0 and prior to versions 3.5.8, 4.0.4, and 4.1.2, the LDAP query made during login …
- CVE-2023-29007HIGHCVSS 7.0EG 7.02023-04-25
Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, a specially crafted `.gitmodules` file with submodule URLs that are longer than 1024 characters…
- CVE-2023-29050HIGHCVSS 7.6EG 7.62024-01-08
The optional "LDAP contacts provider" could be abused by privileged users to inject LDAP filter strings that allow to access content outside of the intended hierarchy. Unauthorized users could break confidentiality of information in the di…
- CVE-2023-29213CRITICALCVSS 9.0EG 9.02023-04-17
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions of `org.xwiki.platform:xwiki-platform-logging-ui` it is possible to trick a user with programming rights into vis…
- CVE-2023-29374CRITICALCVSS 9.8EG 9.82023-04-05
In LangChain through 0.0.131, the LLMMathChain chain allows prompt injection attacks that can execute arbitrary code via the Python exec method.
- CVE-2023-29383LOWCVSS 3.3EG 3.32023-04-14
In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \n is in the block list)…
- CVE-2023-29389MEDIUMCVSS 6.8EG 6.82023-04-05
Toyota RAV4 2021 vehicles automatically trust messages from other ECUs on a CAN bus, which allows physically proximate attackers to drive a vehicle by accessing the control CAN bus after pulling the bumper away and reaching the headlight c…
- CVE-2023-29400HIGHCVSS 7.3EG 7.32023-05-11
Templates containing actions in unquoted HTML attributes (e.g. "attr={{.}}") executed with empty input can result in output with unexpected results when parsed due to HTML normalization rules. This may allow injection of arbitrary attribut…
- CVE-2023-29405CRITICALCVSS 9.8EG 9.82023-06-08
The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, sp…
- CVE-2023-29510CRITICALCVSS 9.9EG 9.92023-04-19
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In XWiki, every user can add translations that are only applied to the current user. This also allows overriding existing translations…
- CVE-2023-29512CRITICALCVSS 9.9EG 9.92023-04-19
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with edit rights on a page (e.g., it's own user page), can execute arbitrary Groovy, Python or Velocity code in XWiki leading…
- CVE-2023-29514CRITICALCVSS 9.9EG 9.92023-04-19
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with edit rights on any document (e.g., their own user profile) can execute code with programming rights, leading to remote c…
- CVE-2023-29516CRITICALCVSS 9.9EG 9.92023-04-19
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with view rights on `XWiki.AttachmentSelector` can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full…
- CVE-2023-29518CRITICALCVSS 9.9EG 9.92023-04-19
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with view rights can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access to the XWiki installat…
- CVE-2023-29519CRITICALCVSS 9.0EG 9.02023-04-19
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A registered user can perform remote code execution leading to privilege escalation by injecting the proper code in the "property" fie…
- CVE-2023-29521HIGHCVSS 8.4EG 8.42023-04-19
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with view rights can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access to the XWiki installat…
- CVE-2023-29522CRITICALCVSS 9.9EG 9.92023-04-19
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with view rights can execute arbitrary script macros including Groovy and Python macros that allow remote code execution incl…
- CVE-2023-29523CRITICALCVSS 9.9EG 9.92023-04-19
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user who can edit their own user profile can execute arbitrary script macros including Groovy and Python macros that allow remote …
- CVE-2023-29524CRITICALCVSS 9.9EG 9.92023-04-19
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It's possible to execute anything with the right of the Scheduler Application sheet page. A user without script or programming rights,…
- CVE-2023-29525CRITICALCVSS 9.9EG 9.92023-04-19
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Affected versions of xwiki are subject to code injection in the `since` parameter of the `/xwiki/bin/view/XWiki/Notifications/Code/Leg…
- CVE-2023-29526CRITICALCVSS 9.9EG 9.92023-04-19
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions it's possible to display or interact with any page a user cannot access through the combination of the async and …
- CVE-2023-29527CRITICALCVSS 9.9EG 9.92023-04-19
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions a user without script or programming right may edit a user profile (or any other document) with the wiki editor a…
- CVE-2023-2980MEDIUMCVSS 6.3EG 6.32023-05-30
A vulnerability classified as critical was found in Abstrium Pydio Cells 4.2.0. This vulnerability affects unknown code of the component User Creation Handler. The manipulation leads to improper control of resource identifiers. The attack …
- CVE-2023-29827CRITICALCVSS 9.8EG 9.82023-05-04
ejs v3.1.9 is vulnerable to server-side template injection. If the ejs file is controllable, template injection can be implemented through the configuration settings of the closeDelimiter parameter. NOTE: this is disputed by the vendor bec…
- CVE-2023-30547CRITICALCVSS 9.8EG 9.82023-04-17
vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. There exists a vulnerability in exception sanitization of vm2 for versions up to 3.9.16, allowing attackers to raise an unsanitized host exception insid…
- CVE-2023-30575MEDIUMCVSS 6.5EG 6.52023-06-07
Apache Guacamole 1.5.1 and older may incorrectly calculate the lengths of instruction elements sent during the Guacamole protocol handshake, potentially allowing an attacker to inject Guacamole instructions during the handshake through spe…
- CVE-2023-30609MEDIUMCVSS 5.4EG 5.42023-04-25
matrix-react-sdk is a react-based SDK for inserting a Matrix chat/VoIP client into a web page. Prior to version 3.71.0, plain text messages containing HTML tags are rendered as HTML in the search results. To exploit this, an attacker needs…
- CVE-2023-31025MEDIUMCVSS 6.5EG 6.52024-01-12
NVIDIA DGX A100 BMC contains a vulnerability where an attacker may cause an LDAP user injection. A successful exploit of this vulnerability may lead to information disclosure.
- CVE-2023-31209HIGHCVSS 8.8EG 8.82023-08-10
Improper neutralization of active check command arguments in Checkmk < 2.1.0p32, < 2.0.0p38, < 2.2.0p4 leads to arbitrary command execution for authenticated users.
- CVE-2023-32313MEDIUMCVSS 5.3EG 5.32023-05-15
vm2 is a sandbox that can run untrusted code with Node's built-in modules. In versions 3.9.17 and lower of vm2 it was possible to get a read-write reference to the node `inspect` method and edit options for `console.log`. As a result a thr…
- CVE-2023-32314CRITICALCVSS 9.8EG 9.82023-05-15
vm2 is a sandbox that can run untrusted code with Node's built-in modules. A sandbox escape vulnerability exists in vm2 for versions up to and including 3.9.17. It abuses an unexpected creation of a host object based on the specification o…
- CVE-2023-32679HIGHCVSS 7.2EG 7.22023-05-19
Craft CMS is an open source content management system. In affected versions of Craft CMS an unrestricted file extension may lead to Remote Code Execution. If the name parameter value is not empty string('') in the View.php's doesTemplateEx…
- CVE-2023-32786HIGHCVSS 7.5EG 7.52023-10-20
In Langchain through 0.0.155, prompt injection allows an attacker to force the service to retrieve data from an arbitrary URL, essentially providing SSRF and potentially injecting content into downstream tasks.
- CVE-2023-33234HIGHCVSS 7.2EG 7.22023-05-30
Arbitrary code execution in Apache Airflow CNCF Kubernetes provider version 5.0.0 allows user to change xcom sidecar image and resources via Airflow connection. In order to exploit this weakness, a user would already need elevated permiss…
- CVE-2023-33241CRITICALCVSS 9.6EG 9.62023-08-09
Crypto wallets implementing the GG18 or GG20 TSS protocol might allow an attacker to extract a full ECDSA private key by injecting a malicious pallier key and cheating in the range proof. Depending on the Beta parameters chosen in the prot…
- CVE-2023-33242CRITICALCVSS 9.6EG 9.62023-08-09
Crypto wallets implementing the Lindell17 TSS protocol might allow an attacker to extract the full ECDSA private key by exfiltrating a single bit in every signature attempt (256 in total) because of not adhering to the paper's security pro…
- CVE-2023-3380MEDIUMCVSS 4.7EG 4.72023-06-23
A vulnerability classified as critical has been found in Wavlink WN579X3 up to 20230615. Affected is an unknown function of the file /cgi-bin/adm.cgi of the component Ping Test. The manipulation of the argument pingIp leads to injection. I…
- CVE-2023-34203HIGHCVSS 8.8EG 8.82023-06-23
In Progress OpenEdge OEM (OpenEdge Management) and OEE (OpenEdge Explorer) before 12.7, a remote user (who has any OEM or OEE role) could perform a URL injection attack to change identity or role membership, e.g., escalate to admin. This a…
Map vulnerabilities like CWE-74 to your infrastructure
EchelonGraph correlates every CVE — across CWE-74 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →