Vulnerabilities > Encoding Error

DATE CVE VULNERABILITY TITLE RISK
2018-08-03 CVE-2018-3777 Encoding Error vulnerability in Restforce
Insufficient URI encoding in restforce before 3.0.0 allows attacker to inject arbitrary parameters into Salesforce API requests.
network
low complexity
restforce CWE-172
critical
9.8
2018-05-09 CVE-2018-2415 Encoding Error vulnerability in SAP products
SAP NetWeaver Application Server Java Web Container and HTTP Service (Engine API, from 7.10 to 7.11, 7.30, 7.31, 7.40, 7.50; J2EE Engine Server Core 7.11, 7.30, 7.31, 7.40, 7.50) do not sufficiently encode user controlled inputs, resulting in a content spoofing vulnerability when error pages are displayed.
network
low complexity
sap CWE-172
4.7
2018-02-21 CVE-2018-7289 Encoding Error vulnerability in Teclib-Edition Armadito Antivirus 0.12.7.2
An issue was discovered in armadito-windows-driver/src/communication.c in Armadito 0.12.7.2.
local
low complexity
teclib-edition CWE-172
3.3
2018-02-15 CVE-2018-7173 Encoding Error vulnerability in Xpdfreader Xpdf 4.00
A large loop in JBIG2Stream::readSymbolDictSeg in xpdf 4.00 allows an attacker to cause denial of service via a specific file due to inappropriate decoding.
local
low complexity
xpdfreader CWE-172
5.5
2016-10-10 CVE-2016-6691 Encoding Error vulnerability in Google Android
service/jni/com_android_server_wifi_Gbk2Utf.cpp in the Qualcomm Wi-Fi gbk2utf module in Android before 2016-10-05 allows remote attackers to cause a denial of service (framework crash) or possibly have unspecified other impact via an access point that has a malformed SSID with GBK encoding, aka Qualcomm internal bug CR 978452.
network
low complexity
google CWE-172
critical
9.8
2016-08-05 CVE-2016-3829 Encoding Error vulnerability in Google Android 6.0/6.0.1
The ih264d decoder in mediaserver in Android 6.x before 2016-08-01 does not initialize certain structure members, which allows remote attackers to cause a denial of service (device hang or reboot) via a crafted media file, aka internal bug 29023649.
local
low complexity
google CWE-172
5.5
2016-08-05 CVE-2016-3828 Encoding Error vulnerability in Google Android 6.0/6.0.1
decoder/ih264d_api.c in mediaserver in Android 6.x before 2016-08-01 mishandles invalid PPS and SPS NAL units, which allows remote attackers to cause a denial of service (device hang or reboot) via a crafted media file, aka internal bug 28835995.
local
low complexity
google CWE-172
5.5
2016-08-05 CVE-2016-3827 Encoding Error vulnerability in Google Android
codecs/hevcdec/SoftHEVC.cpp in libstagefright in mediaserver in Android 6.0.1 before 2016-08-01 mishandles decoder errors, which allows remote attackers to cause a denial of service (device hang or reboot) via a crafted media file, aka internal bug 28816956.
local
low complexity
google CWE-172
5.5