Vulnerabilities > Improper Encoding or Escaping of Output

DATE CVE VULNERABILITY TITLE RISK
2019-09-09 CVE-2019-11547 Improper Encoding or Escaping of Output vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.8.9, 11.9.x before 11.9.10, and 11.10.x before 11.10.2.
network
low complexity
gitlab CWE-116
6.1
2019-09-09 CVE-2019-12463 Improper Encoding or Escaping of Output vulnerability in Librenms 1.50.1/1.51/1.52
An issue was discovered in LibreNMS 1.50.1.
network
low complexity
librenms CWE-116
8.8
2019-09-05 CVE-2019-15944 Improper Encoding or Escaping of Output vulnerability in Valvesoftware Counter-Strike:Global Offensive
In Counter-Strike: Global Offensive before 8/29/2019, community game servers can display unsafe HTML in a disconnection message.
network
low complexity
valvesoftware CWE-116
5.3
2019-08-30 CVE-2019-1968 Improper Encoding or Escaping of Output vulnerability in Cisco Nx-Os
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart.
network
low complexity
cisco CWE-116
7.5
2019-07-31 CVE-2019-10362 Improper Encoding or Escaping of Output vulnerability in Jenkins Configuration AS Code
Jenkins Configuration as Code Plugin 1.24 and earlier did not escape values resulting in variable interpolation during configuration import when exporting, allowing attackers with permission to change Jenkins system configuration to obtain the values of environment variables.
network
low complexity
jenkins CWE-116
5.4
2019-07-23 CVE-2019-11717 Improper Encoding or Escaping of Output vulnerability in multiple products
A vulnerability exists where the caret ("^") character is improperly escaped constructing some URIs due to it being used as a separator, allowing for possible spoofing of origin attributes.
network
low complexity
mozilla debian novell opensuse CWE-116
5.3
2019-07-11 CVE-2019-11268 Improper Encoding or Escaping of Output vulnerability in Pivotal Software Cloud Foundry Uaa-Release
Cloud Foundry UAA version prior to 73.3.0, contain endpoints that contains improper escaping.
network
low complexity
pivotal-software CWE-116
4.3
2019-07-05 CVE-2018-16386 Improper Encoding or Escaping of Output vulnerability in Swift Alliance web Platform 7.1.23
An issue was discovered in SWIFT Alliance Web Platform 7.1.23.
network
low complexity
swift CWE-116
7.5
2019-06-18 CVE-2018-18838 Improper Encoding or Escaping of Output vulnerability in My-Netdata Netdata 1.10.0
An issue was discovered in Netdata 1.10.0.
network
low complexity
my-netdata CWE-116
7.5
2019-05-16 CVE-2019-0971 Improper Encoding or Escaping of Output vulnerability in Microsoft Azure Devops Server and Team Foundation Server
An information disclosure vulnerability exists when Azure DevOps Server and Microsoft Team Foundation Server do not properly sanitize a specially crafted authentication request to an affected server, aka 'Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability'.
network
low complexity
microsoft CWE-116
6.5