WEB APPLICATION VULNERABILITIES Standard & Premium

Oracle HTTP Server Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2021-4181)

Description

Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file

Remediation

References

Related Vulnerabilities

Oracle Application Server CVE-2008-4014 Vulnerability (CVE-2008-4014)

SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-8254)

WordPress Plugin SAML SP Single Sign On-SSO login Cross-Site Scripting (4.8.83)

WordPress Plugin Woody ad snippets-Insert Header Footer Code, AdSense Ads PHP Code Injection (1.3)

MediaWiki Credentials Management Errors Vulnerability (CVE-2015-8009)

Severity

High

Classification

CVE-2021-4181 CWE-138 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities