Vulnerabilities > Improper Encoding or Escaping of Output
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-02 | CVE-2023-29541 | Improper Encoding or Escaping of Output vulnerability in Mozilla products Firefox did not properly handle downloads of files ending in <code>.desktop</code>, which can be interpreted to run attacker-controlled commands. | 8.8 |
| 2023-06-01 | CVE-2023-32712 | Improper Encoding or Escaping of Output vulnerability in Splunk In Splunk Enterprise versions below 9.1.0.2, 9.0.5.1, and 8.2.11.2, an attacker can inject American National Standards Institute (ANSI) escape codes into Splunk log files that, when a vulnerable terminal application reads them, can potentially, at worst, result in possible code execution in the vulnerable application. | 3.1 |
| 2023-05-30 | CVE-2023-1711 | Improper Encoding or Escaping of Output vulnerability in Hitachienergy Foxman-Un and Unem A vulnerability exists in a FOXMAN-UN and UNEM logging component, it only affects systems that use remote authentication to the network elements. | 4.4 |
| 2023-05-23 | CVE-2023-31669 | Improper Encoding or Escaping of Output vulnerability in Webassembly Binary Toolkit 1.0.32 WebAssembly wat2wasm v1.0.32 allows attackers to cause a libc++abi.dylib crash by putting '@' before a quote ("). | 5.5 |
| 2023-05-08 | CVE-2023-30844 | Improper Encoding or Escaping of Output vulnerability in Mutagen and Mutagen Compose Mutagen provides real-time file synchronization and flexible network forwarding for developers. | 8.8 |
| 2023-03-30 | CVE-2022-30351 | Improper Encoding or Escaping of Output vulnerability in Pdfzorro R20220428 PDFZorro PDFZorro Online r20220428 using TCPDF 6.2.5, despite having workflows claiming to correctly remove redacted information from a supplied PDF file, does not properly sanitize this information in all cases, causing redacted information, including images and text embedded in the PDF file, to be leaked unintentionally. | 7.5 |
| 2023-03-24 | CVE-2022-42948 | Improper Encoding or Escaping of Output vulnerability in Helpsystems Cobalt Strike 4.7.1 Cobalt Strike 4.7.1 fails to properly escape HTML tags when they are displayed on Swing components. | 9.8 |
| 2023-03-16 | CVE-2023-28486 | Improper Encoding or Escaping of Output vulnerability in multiple products Sudo before 1.9.13 does not escape control characters in log messages. | 5.3 |
| 2023-03-16 | CVE-2023-28487 | Improper Encoding or Escaping of Output vulnerability in multiple products Sudo before 1.9.13 does not escape control characters in sudoreplay output. | 5.3 |
| 2023-03-02 | CVE-2023-26472 | Improper Encoding or Escaping of Output vulnerability in Xwiki XWiki Platform is a generic wiki platform. | 8.8 |