Vulnerabilities > Improper Encoding or Escaping of Output
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-23 | CVE-2023-31669 | Improper Encoding or Escaping of Output vulnerability in Webassembly Binary Toolkit 1.0.32 WebAssembly wat2wasm v1.0.32 allows attackers to cause a libc++abi.dylib crash by putting '@' before a quote ("). | 5.5 |
| 2023-05-08 | CVE-2023-30844 | Improper Encoding or Escaping of Output vulnerability in Mutagen and Mutagen Compose Mutagen provides real-time file synchronization and flexible network forwarding for developers. | 8.8 |
| 2023-03-30 | CVE-2022-30351 | Improper Encoding or Escaping of Output vulnerability in Pdfzorro R20220428 PDFZorro PDFZorro Online r20220428 using TCPDF 6.2.5, despite having workflows claiming to correctly remove redacted information from a supplied PDF file, does not properly sanitize this information in all cases, causing redacted information, including images and text embedded in the PDF file, to be leaked unintentionally. | 7.5 |
| 2023-03-24 | CVE-2022-42948 | Improper Encoding or Escaping of Output vulnerability in Helpsystems Cobalt Strike 4.7.1 Cobalt Strike 4.7.1 fails to properly escape HTML tags when they are displayed on Swing components. | 9.8 |
| 2023-03-16 | CVE-2023-28486 | Improper Encoding or Escaping of Output vulnerability in multiple products Sudo before 1.9.13 does not escape control characters in log messages. | 5.3 |
| 2023-03-16 | CVE-2023-28487 | Improper Encoding or Escaping of Output vulnerability in multiple products Sudo before 1.9.13 does not escape control characters in sudoreplay output. | 5.3 |
| 2023-03-02 | CVE-2023-26472 | Improper Encoding or Escaping of Output vulnerability in Xwiki XWiki Platform is a generic wiki platform. | 8.8 |
| 2023-02-20 | CVE-2022-48339 | Improper Encoding or Escaping of Output vulnerability in GNU Emacs An issue was discovered in GNU Emacs through 28.2. | 7.8 |
| 2023-02-01 | CVE-2022-45102 | Improper Encoding or Escaping of Output vulnerability in Dell products Dell EMC Data Protection Central, versions 19.1 through 19.7, contains a Host Header Injection vulnerability. | 6.1 |
| 2023-01-13 | CVE-2015-10040 | Improper Encoding or Escaping of Output vulnerability in Gitlearn Project Gitlearn A vulnerability was found in gitlearn. | 6.5 |