Vulnerabilities > Inappropriate Encoding for Output Context

DATE CVE VULNERABILITY TITLE RISK
2024-01-09 CVE-2023-5770 Inappropriate Encoding for Output Context vulnerability in Proofpoint Enterprise Protection 8.18.6/8.20.0/8.20.2
Proofpoint Enterprise Protection contains a vulnerability in the email delivery agent that allows an unauthenticated attacker to inject improperly encoded HTML into the email body of a message through the email subject.
network
low complexity
proofpoint CWE-838
5.4
2020-11-27 CVE-2020-29135 Inappropriate Encoding for Output Context vulnerability in Cpanel
cPanel before 90.0.17 has multiple instances of URL parameter injection (SEC-567).
network
low complexity
cpanel CWE-838
4.1
2020-07-15 CVE-2020-7292 Inappropriate Encoding for Output Context vulnerability in Mcafee web Gateway
Inappropriate Encoding for output context vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows a remote attacker to cause MWG to return an ambiguous redirect response via getting a user to click on a malicious URL.
network
low complexity
mcafee CWE-838
4.3
2020-04-27 CVE-2020-10996 Inappropriate Encoding for Output Context vulnerability in Percona Xtradb Cluster
An issue was discovered in Percona XtraDB Cluster before 5.7.28-31.41.2.
network
high complexity
percona CWE-838
8.1
2019-11-15 CVE-2019-18981 Inappropriate Encoding for Output Context vulnerability in Pimcore
Pimcore before 6.2.2 lacks an Access Denied outcome for a certain scenario of an incorrect recipient ID of a notification.
network
low complexity
pimcore CWE-838
critical
9.8
2019-01-31 CVE-2019-6110 Inappropriate Encoding for Output Context vulnerability in multiple products
In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.
network
high complexity
openbsd winscp netapp siemens CWE-838
6.8
2018-04-09 CVE-2018-9862 Inappropriate Encoding for Output Context vulnerability in Hyper Runv 1.0.0
util.c in runV 1.0.0 for Docker mishandles a numeric username, which allows attackers to obtain root access by leveraging the presence of an initial numeric value on an /etc/passwd line, and then issuing a "docker exec" command with that value in the -u argument, a similar issue to CVE-2016-3697.
local
low complexity
hyper CWE-838
7.8