Vulnerabilities (CVE)

Filtered by CWE-116
Total 241 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-34630 1 Gtranslate 1 Gtranslate 2024-02-28 4.3 MEDIUM 6.1 MEDIUM
In the Pro and Enterprise versions of GTranslate < 2.8.65, the gtranslate_request_uri_var function runs at the top of all pages and echoes out the contents of $_SERVER['REQUEST_URI']. Although this uses addslashes, and most modern browsers automatically URLencode requests, this plugin is still vulnerable to Reflected XSS in older browsers such as Internet Explorer 9 or below, or in cases where an attacker is able to modify the request en route between the client and the server, or in cases where the user is using an atypical browsing solution.
CVE-2021-32679 2 Fedoraproject, Nextcloud 2 Fedora, Nextcloud Server 2024-02-28 6.8 MEDIUM 8.8 HIGH
Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.0.11, and 21.0.3, filenames where not escaped by default in controllers using `DownloadResponse`. When a user-supplied filename was passed unsanitized into a `DownloadResponse`, this could be used to trick users into downloading malicious files with a benign file extension. This would show in UI behaviours where Nextcloud applications would display a benign file extension (e.g. JPEG), but the file will actually be downloaded with an executable file extension. The vulnerability is patched in versions 19.0.13, 20.0.11, and 21.0.3. Administrators of Nextcloud instances do not have a workaround available, but developers of Nextcloud apps may manually escape the file name before passing it into `DownloadResponse`.
CVE-2021-23205 1 Gallagher 1 Command Centre 2024-02-28 8.5 HIGH 8.1 HIGH
Improper Encoding or Escaping in Gallagher Command Centre Server allows a Command Centre Operator to alter the configuration of Controllers and other hardware items beyond their privilege. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 (MR3); 8.30 versions prior to 8.30.1359 (MR3); 8.20 versions prior to 8.20.1259 (MR5); version 8.10 and prior versions.
CVE-2021-20405 1 Ibm 1 Security Verify Information Queue 2024-02-28 5.0 MEDIUM 7.5 HIGH
IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a user to perform unauthorized activities due to improper encoding of output. IBM X-Force ID: 196183.
CVE-2019-4326 1 Hcltech 1 Appscan 2024-02-28 5.0 MEDIUM 7.5 HIGH
"HCL AppScan Enterprise security rules update administration section of the web application console is missing HTTP Strict-Transport-Security Header."
CVE-2020-29023 1 Secomea 8 Gatemanager 4250, Gatemanager 4250 Firmware, Gatemanager 4260 and 5 more 2024-02-28 4.9 MEDIUM 3.5 LOW
Improper Encoding or Escaping of Output from CSV Report Generator of Secomea GateManager allows an authenticated administrator to generate a CSV file that may run arbitrary commands on a victim's computer when opened in a spreadsheet program (like Excel). This issue affects: Secomea GateManager all versions prior to 9.3.
CVE-2020-26226 1 Semantic-release Project 1 Semantic-release 2024-02-28 5.8 MEDIUM 8.1 HIGH
In the npm package semantic-release before version 17.2.3, secrets that would normally be masked by `semantic-release` can be accidentally disclosed if they contain characters that become encoded when included in a URL. Secrets that do not contain characters that become encoded when included in a URL are already masked properly. The issue is fixed in version 17.2.3.
CVE-2020-25646 1 Ansible Collections Project 1 Community.crypto 2024-02-28 5.0 MEDIUM 7.5 HIGH
A flaw was found in Ansible Collection community.crypto. openssl_privatekey_info exposes private key in logs. This directly impacts confidentiality
CVE-2020-28954 1 Bigbluebutton 1 Bigbluebutton 2024-02-28 5.0 MEDIUM 5.3 MEDIUM
web/controllers/ApiController.groovy in BigBlueButton before 2.2.29 lacks certain parameter sanitization, as demonstrated by accepting control characters in a user name.
CVE-2020-9862 1 Apple 7 Icloud, Ipados, Iphone Os and 4 more 2024-02-28 6.8 MEDIUM 7.8 HIGH
A command injection issue existed in Web Inspector. This issue was addressed with improved escaping. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Copying a URL from Web Inspector may lead to command injection.
CVE-2020-26283 1 Protocol 1 Go-ipfs 2024-02-28 6.5 MEDIUM 8.8 HIGH
go-ipfs is an open-source golang implementation of IPFS which is a global, versioned, peer-to-peer filesystem. In go-ipfs before version 0.8.0, control characters are not escaped from console output. This can result in hiding input from the user which could result in the user taking an unknown, malicious action. This is fixed in version 0.8.0.
CVE-2020-27604 1 Bigbluebutton 1 Bigbluebutton 2024-02-28 4.0 MEDIUM 6.5 MEDIUM
BigBlueButton before 2.3 does not implement LibreOffice sandboxing. This might make it easier for remote authenticated users to read the API shared secret in the bigbluebutton.properties file. With the API shared secret, an attacker can (for example) use api/join to join an arbitrary meeting regardless of its guestPolicy setting.
CVE-2020-36173 1 Ninjaforms 1 Ninja Forms 2024-02-28 5.0 MEDIUM 5.3 MEDIUM
The Ninja Forms plugin before 3.4.28 for WordPress lacks escaping for submissions-table fields.
CVE-2020-24592 1 Mitel 1 Micloud Management Portal 2024-02-28 5.0 MEDIUM 5.3 MEDIUM
Mitel MiCloud Management Portal before 6.1 SP5 could allow an attacker, by sending a crafted request, to view system information due to insufficient output sanitization.
CVE-2020-7694 1 Encode 1 Uvicorn 2024-02-28 5.0 MEDIUM 7.5 HIGH
This affects all versions of package uvicorn. The request logger provided by the package is vulnerable to ASNI escape sequence injection. Whenever any HTTP request is received, the default behaviour of uvicorn is to log its details to either the console or a log file. When attackers request crafted URLs with percent-encoded escape sequences, the logging component will log the URL after it's been processed with urllib.parse.unquote, therefore converting any percent-encoded characters into their single-character equivalent, which can have special meaning in terminal emulators. By requesting URLs with crafted paths, attackers can: * Pollute uvicorn's access logs, therefore jeopardising the integrity of such files. * Use ANSI sequence codes to attempt to interact with the terminal emulator that's displaying the logs (either in real time or from a file).
CVE-2017-18892 1 Mattermost 1 Mattermost Server 2024-02-28 4.3 MEDIUM 6.1 MEDIUM
An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. E-mail templates can have a field in which HTML content is not neutralized.
CVE-2020-24972 3 Fedoraproject, Kleopatra Project, Opensuse 4 Fedora, Kleopatra, Backports Sle and 1 more 2024-02-28 6.5 MEDIUM 8.8 HIGH
The Kleopatra component before 3.1.12 (and before 20.07.80) for GnuPG allows remote attackers to execute arbitrary code because openpgp4fpr: URLs are supported without safe handling of command-line options. The Qt platformpluginpath command-line option can be used to load an arbitrary DLL.
CVE-2020-5304 1 Whitesourcesoftware 1 Whitesource 2024-02-28 5.0 MEDIUM 7.5 HIGH
The dashboard in WhiteSource Application Vulnerability Management (AVM) before version 20.4.1 allows Log Injection via a %0A%0D substring in the idp parameter to the /saml/login URI. This closes the current log and creates a new log with one line of data. The attacker can also insert malicious data and false entries.
CVE-2020-4282 1 Ibm 1 Security Information Queue 2024-02-28 4.0 MEDIUM 4.3 MEDIUM
IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, and 1.0.5 could allow an authenticated user to perform unauthorized actions by bypassing illegal character restrictions. X-Force ID: 176205.
CVE-2020-13625 4 Canonical, Debian, Fedoraproject and 1 more 4 Ubuntu Linux, Debian Linux, Fedora and 1 more 2024-02-28 5.0 MEDIUM 7.5 HIGH
PHPMailer before 6.1.6 contains an output escaping bug when the name of a file attachment contains a double quote character. This can result in the file type being misinterpreted by the receiver or any mail relay processing the message.