Vulnerabilities > Inappropriate Encoding for Output Context
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-09 | CVE-2023-5770 | Inappropriate Encoding for Output Context vulnerability in Proofpoint Enterprise Protection 8.18.6/8.20.0/8.20.2 Proofpoint Enterprise Protection contains a vulnerability in the email delivery agent that allows an unauthenticated attacker to inject improperly encoded HTML into the email body of a message through the email subject. | 5.4 |
2020-11-27 | CVE-2020-29135 | Inappropriate Encoding for Output Context vulnerability in Cpanel cPanel before 90.0.17 has multiple instances of URL parameter injection (SEC-567). | 4.1 |
2020-07-15 | CVE-2020-7292 | Inappropriate Encoding for Output Context vulnerability in Mcafee web Gateway Inappropriate Encoding for output context vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows a remote attacker to cause MWG to return an ambiguous redirect response via getting a user to click on a malicious URL. | 4.3 |
2020-04-27 | CVE-2020-10996 | Inappropriate Encoding for Output Context vulnerability in Percona Xtradb Cluster An issue was discovered in Percona XtraDB Cluster before 5.7.28-31.41.2. | 8.1 |
2019-11-15 | CVE-2019-18981 | Inappropriate Encoding for Output Context vulnerability in Pimcore Pimcore before 6.2.2 lacks an Access Denied outcome for a certain scenario of an incorrect recipient ID of a notification. | 9.8 |
2019-01-31 | CVE-2019-6110 | Inappropriate Encoding for Output Context vulnerability in multiple products In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred. | 6.8 |
2018-04-09 | CVE-2018-9862 | Inappropriate Encoding for Output Context vulnerability in Hyper Runv 1.0.0 util.c in runV 1.0.0 for Docker mishandles a numeric username, which allows attackers to obtain root access by leveraging the presence of an initial numeric value on an /etc/passwd line, and then issuing a "docker exec" command with that value in the -u argument, a similar issue to CVE-2016-3697. | 7.8 |