Vulnerabilities > Improper Encoding or Escaping of Output

DATE CVE VULNERABILITY TITLE RISK
2023-01-13 CVE-2015-10040 Improper Encoding or Escaping of Output vulnerability in Gitlearn Project Gitlearn
A vulnerability was found in gitlearn.
network
low complexity
gitlearn-project CWE-116
6.5
2023-01-02 CVE-2015-10011 Improper Encoding or Escaping of Output vulnerability in Cisco Openresolve
A vulnerability classified as problematic has been found in OpenDNS OpenResolve.
network
low complexity
cisco CWE-116
critical
9.8
2022-12-27 CVE-2020-36567 Improper Encoding or Escaping of Output vulnerability in Gin-Gonic GIN
Unsanitized input in the default logger in github.com/gin-gonic/gin before v1.6.0 allows remote attackers to inject arbitrary log lines.
network
low complexity
gin-gonic CWE-116
7.5
2022-12-12 CVE-2021-38997 Improper Encoding or Escaping of Output vulnerability in IBM API Connect
IBM API Connect V10.0.0.0 through V10.0.5.0, V10.0.1.0 through V10.0.1.7, and V2018.4.1.0 through 2018.4.1.19 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers.
network
low complexity
ibm CWE-116
5.4
2022-11-23 CVE-2022-40870 Improper Encoding or Escaping of Output vulnerability in Parallels Remote Application Server 18.0
The Web Client of Parallels Remote Application Server v18.0 is vulnerable to Host Header Injection attacks.
network
high complexity
parallels CWE-116
8.1
2022-11-14 CVE-2022-34316 Improper Encoding or Escaping of Output vulnerability in IBM Cics TX 11.1
IBM CICS TX 11.1 does not neutralize or incorrectly neutralizes web scripting syntax in HTTP headers that can be used by web browser components that can process raw headers.
network
low complexity
ibm CWE-116
5.3
2022-11-11 CVE-2022-3941 Improper Encoding or Escaping of Output vulnerability in Activity LOG Project Activity LOG
A vulnerability has been found in Activity Log Plugin and classified as critical.
network
low complexity
activity-log-project CWE-116
5.3
2022-10-03 CVE-2022-41443 Improper Encoding or Escaping of Output vulnerability in PHPipam 1.5.0
phpipam v1.5.0 was discovered to contain a header injection vulnerability via the component /admin/subnets/ripe-query.php.
network
low complexity
phpipam CWE-116
critical
9.8
2022-09-29 CVE-2021-40694 Improper Encoding or Escaping of Output vulnerability in Moodle
Insufficient escaping of the LaTeX preamble made it possible for site administrators to read files available to the HTTP server system account.
network
low complexity
moodle CWE-116
4.9
2022-09-23 CVE-2022-41322 Improper Encoding or Escaping of Output vulnerability in multiple products
In Kitty before 0.26.2, insufficient validation in the desktop notification escape sequence can lead to arbitrary code execution.
local
low complexity
kovidgoyal fedoraproject CWE-116
7.8