| 2025-05-28 | CVE-2025-25029 | IBM Security Guardium 12.0 could allow a privileged user to download any file on the system due to improper escaping of input. | 4.9 |
| 2025-05-13 | CVE-2025-47280 | Improper Encoding or Escaping of Output vulnerability in Umbraco Forms
Umbraco Forms is a form builder that integrates with the Umbraco content management system. | 6.1 |
| 2025-04-30 | CVE-2025-32974 | Improper Encoding or Escaping of Output vulnerability in Xwiki
XWiki is a generic wiki platform. | 9.0 |
| 2025-04-28 | CVE-2025-23377 | Improper Encoding or Escaping of Output vulnerability in Dell Powerprotect Data Manager 19.17/19.18
Dell PowerProtect Data Manager Reporting, version(s) 19.17, 19.18 contain(s) an Improper Encoding or Escaping of Output vulnerability. | 3.4 |
| 2025-04-09 | CVE-2025-30657 | An Improper Encoding or Escaping of Output vulnerability in the Sampling Route Record Daemon (SRRD) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). When a device configured for flow-monitoring receives a specific BGP update message, it is correctly processed internally by the routing protocol daemon (rpd), but when it's sent to SRRD it's encoded incorrectly which leads to a crash and momentary interruption of jflow processing until it automatically restarts. | 5.3 |
| 2025-02-21 | CVE-2025-27108 | Improper Encoding or Escaping of Output vulnerability in Ryansolid DOM Expressions
dom-expressions is a Fine-Grained Runtime for Performant DOM Rendering. | 6.1 |
| 2024-10-30 | CVE-2024-10006 | Improper Encoding or Escaping of Output vulnerability in Hashicorp Consul
A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using Headers in L7 traffic intentions could bypass HTTP header based access rules. | 5.8 |
| 2024-10-25 | CVE-2024-47549 | Improper Encoding or Escaping of Output vulnerability in multiple products
Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP requests, which may allow contamination of unintended data to HTTP response headers. Accessing a crafted URL which points to an affected product may cause malicious script executed on the web browser. | 6.1 |
| 2024-10-05 | CVE-2024-47845 | Improper Encoding or Escaping of Output vulnerability in Wikimedia Wikimedia-Extensions-Css
Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - CSS Extension allows Code Injection.This issue affects Mediawiki - CSS Extension: from 1.39.X before 1.39.9, from 1.41.X before 1.41.3, from 1.42.X before 1.42.2. | 8.2 |
| 2024-09-30 | CVE-2024-47531 | Improper Encoding or Escaping of Output vulnerability in Clinical-Genomics Scout
Scout is a web-based visualizer for VCF-files. | 3.5 |