Vulnerabilities > Improper Encoding or Escaping of Output
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-20 | CVE-2020-4850 | Improper Encoding or Escaping of Output vulnerability in IBM Gpfs.Tct.Server IBM Spectrum Scale 1.1.1.0 through 1.1.8.4 Transparent Cloud Tiering could allow a remote attacker to obtain sensitive information, caused by the leftover files after configuration. | 5.0 |
| 2021-04-02 | CVE-2021-28940 | Improper Encoding or Escaping of Output vulnerability in Magpierss Project Magpierss 0.72 Because of a incorrect escaped exec command in MagpieRSS in 0.72 in the /extlib/Snoopy.class.inc file, it is possible to add a extra command to the curl binary. | 9.8 |
| 2021-03-24 | CVE-2020-26283 | Improper Encoding or Escaping of Output vulnerability in Protocol Go-Ipfs go-ipfs is an open-source golang implementation of IPFS which is a global, versioned, peer-to-peer filesystem. | 6.5 |
| 2021-02-16 | CVE-2020-29023 | Improper Encoding or Escaping of Output vulnerability in Secomea products Improper Encoding or Escaping of Output from CSV Report Generator of Secomea GateManager allows an authenticated administrator to generate a CSV file that may run arbitrary commands on a victim's computer when opened in a spreadsheet program (like Excel). | 4.9 |
| 2021-02-11 | CVE-2021-20405 | Improper Encoding or Escaping of Output vulnerability in IBM Security Verify Information Queue 1.0.6/1.0.7 IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a user to perform unauthorized activities due to improper encoding of output. | 5.0 |
| 2020-12-31 | CVE-2020-13654 | Improper Encoding or Escaping of Output vulnerability in Xwiki XWiki Platform before 12.8 mishandles escaping in the property displayer. | 7.5 |
| 2020-11-19 | CVE-2020-28954 | Improper Encoding or Escaping of Output vulnerability in Bigbluebutton web/controllers/ApiController.groovy in BigBlueButton before 2.2.29 lacks certain parameter sanitization, as demonstrated by accepting control characters in a user name. | 5.0 |
| 2020-11-18 | CVE-2020-26226 | Improper Encoding or Escaping of Output vulnerability in Semantic-Release Project Semantic-Release In the npm package semantic-release before version 17.2.3, secrets that would normally be masked by `semantic-release` can be accidentally disclosed if they contain characters that become encoded when included in a URL. | 5.8 |
| 2020-11-05 | CVE-2020-24849 | Improper Encoding or Escaping of Output vulnerability in Fruitywifi Project Fruitywifi A remote code execution vulnerability is identified in FruityWifi through 2.4. | 6.5 |
| 2020-10-29 | CVE-2020-25646 | Improper Encoding or Escaping of Output vulnerability in Ansible Collections Project Community.Crypto A flaw was found in Ansible Collection community.crypto. | 7.5 |