Vulnerabilities > Improper Encoding or Escaping of Output
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-12 | CVE-2021-30640 | Improper Encoding or Escaping of Output vulnerability in multiple products A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut Realm. | 6.5 |
| 2021-06-11 | CVE-2021-23205 | Improper Encoding or Escaping of Output vulnerability in Gallagher Command Centre Improper Encoding or Escaping in Gallagher Command Centre Server allows a Command Centre Operator to alter the configuration of Controllers and other hardware items beyond their privilege. | 8.1 |
| 2021-05-28 | CVE-2021-20195 | Improper Encoding or Escaping of Output vulnerability in Redhat Keycloak A flaw was found in keycloak in versions before 13.0.0. | 9.6 |
| 2021-05-27 | CVE-2021-31806 | Improper Encoding or Escaping of Output vulnerability in multiple products An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. | 6.5 |
| 2021-05-27 | CVE-2021-28662 | Improper Encoding or Escaping of Output vulnerability in multiple products An issue was discovered in Squid 4.x before 4.15 and 5.x before 5.0.6. | 6.5 |
| 2021-05-20 | CVE-2020-4850 | Improper Encoding or Escaping of Output vulnerability in IBM Gpfs.Tct.Server IBM Spectrum Scale 1.1.1.0 through 1.1.8.4 Transparent Cloud Tiering could allow a remote attacker to obtain sensitive information, caused by the leftover files after configuration. | 7.5 |
| 2021-04-02 | CVE-2021-28940 | Improper Encoding or Escaping of Output vulnerability in Magpierss Project Magpierss 0.72 Because of a incorrect escaped exec command in MagpieRSS in 0.72 in the /extlib/Snoopy.class.inc file, it is possible to add a extra command to the curl binary. | 9.8 |
| 2021-02-16 | CVE-2020-29023 | Improper Encoding or Escaping of Output vulnerability in Secomea products Improper Encoding or Escaping of Output from CSV Report Generator of Secomea GateManager allows an authenticated administrator to generate a CSV file that may run arbitrary commands on a victim's computer when opened in a spreadsheet program (like Excel). | 3.5 |
| 2021-02-11 | CVE-2021-20405 | Improper Encoding or Escaping of Output vulnerability in IBM Security Verify Information Queue 1.0.6/1.0.7 IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a user to perform unauthorized activities due to improper encoding of output. | 7.5 |
| 2021-01-06 | CVE-2020-36173 | Improper Encoding or Escaping of Output vulnerability in Ninjaforms Ninja Forms The Ninja Forms plugin before 3.4.28 for WordPress lacks escaping for submissions-table fields. | 5.3 |