Vulnerabilities > Improper Encoding or Escaping of Output
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-01 | CVE-2022-23603 | Improper Encoding or Escaping of Output vulnerability in Itunesrpc-Remastered Project Itunesrpc-Remastered iTunesRPC-Remastered is a discord rich presence application for use with iTunes & Apple Music. | 6.1 |
| 2022-01-28 | CVE-2022-22992 | Improper Encoding or Escaping of Output vulnerability in Westerndigital MY Cloud OS A command injection remote code execution vulnerability was discovered on Western Digital My Cloud Devices that could allow an attacker to execute arbitrary system commands on the device. | 9.8 |
| 2022-01-24 | CVE-2021-45226 | Improper Encoding or Escaping of Output vulnerability in Coins-Global Coins Construction Cloud 11.12 An issue was discovered in COINS Construction Cloud 11.12. | 6.5 |
| 2022-01-18 | CVE-2021-29872 | Improper Encoding or Escaping of Output vulnerability in IBM Cloud PAK for Automation IBM Cloud Pak for Automation 21.0.1 and 21.0.2 - Business Automation Studio Component is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. | 5.4 |
| 2022-01-18 | CVE-2022-0124 | Improper Encoding or Escaping of Output vulnerability in Gitlab An issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3, and between 14.6.0 and 14.6.1. | 4.3 |
| 2022-01-18 | CVE-2022-0210 | Improper Encoding or Escaping of Output vulnerability in Buffercode Random Banner The Random Banner WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping via the category parameter found in the ~/include/models/model.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 4.1.4. | 4.8 |
| 2021-12-23 | CVE-2021-4068 | Improper Encoding or Escaping of Output vulnerability in multiple products Insufficient data validation in new tab page in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
| 2021-12-15 | CVE-2021-0933 | Improper Encoding or Escaping of Output vulnerability in Google Android In onCreate of CompanionDeviceActivity.java or DeviceChooserActivity.java, there is a possible way for HTML tags to interfere with a consent dialog due to improper input validation. | 8.0 |
| 2021-12-14 | CVE-2021-44042 | Improper Encoding or Escaping of Output vulnerability in Uipath Assistant 21.4.4 An issue was discovered in UiPath Assistant 21.4.4. | 9.8 |
| 2021-12-14 | CVE-2021-38182 | Improper Encoding or Escaping of Output vulnerability in Kyma-Project Kyma Due to insufficient input validation of Kyma, authenticated users can pass a Header of their choice and escalate privileges which can completely compromise the cluster. | 8.8 |