Vulnerabilities > Improper Encoding or Escaping of Output
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-02 | CVE-2019-12675 | Improper Encoding or Escaping of Output vulnerability in Cisco products Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. | 8.8 |
| 2019-10-02 | CVE-2019-12674 | Improper Encoding or Escaping of Output vulnerability in Cisco products Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. | 8.2 |
| 2019-09-27 | CVE-2019-9853 | Improper Encoding or Escaping of Output vulnerability in Libreoffice LibreOffice documents can contain macros. | 7.8 |
| 2019-09-11 | CVE-2019-10074 | Improper Encoding or Escaping of Output vulnerability in Apache Ofbiz An RCE is possible by entering Freemarker markup in an Apache OFBiz Form Widget textarea field when encoding has been disabled on such a field. | 9.8 |
| 2019-09-09 | CVE-2019-11547 | Improper Encoding or Escaping of Output vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition before 11.8.9, 11.9.x before 11.9.10, and 11.10.x before 11.10.2. | 6.1 |
| 2019-09-09 | CVE-2019-12463 | Improper Encoding or Escaping of Output vulnerability in Librenms 1.50.1/1.51/1.52 An issue was discovered in LibreNMS 1.50.1. | 8.8 |
| 2019-09-05 | CVE-2019-15944 | Improper Encoding or Escaping of Output vulnerability in Valvesoftware Counter-Strike:Global Offensive In Counter-Strike: Global Offensive before 8/29/2019, community game servers can display unsafe HTML in a disconnection message. | 5.3 |
| 2019-08-30 | CVE-2019-1968 | Improper Encoding or Escaping of Output vulnerability in Cisco Nx-Os A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. | 7.5 |
| 2019-07-31 | CVE-2019-10362 | Improper Encoding or Escaping of Output vulnerability in Jenkins Configuration AS Code Jenkins Configuration as Code Plugin 1.24 and earlier did not escape values resulting in variable interpolation during configuration import when exporting, allowing attackers with permission to change Jenkins system configuration to obtain the values of environment variables. | 5.4 |
| 2019-07-23 | CVE-2019-11717 | Improper Encoding or Escaping of Output vulnerability in multiple products A vulnerability exists where the caret ("^") character is improperly escaped constructing some URIs due to it being used as a separator, allowing for possible spoofing of origin attributes. | 5.3 |