Vulnerabilities (CVE)

Filtered by CWE-116
Total 243 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-10362 1 Jenkins 1 Configuration As Code 2024-11-21 5.5 MEDIUM 5.4 MEDIUM
Jenkins Configuration as Code Plugin 1.24 and earlier did not escape values resulting in variable interpolation during configuration import when exporting, allowing attackers with permission to change Jenkins system configuration to obtain the values of environment variables.
CVE-2019-10249 1 Eclipse 2 Xtend, Xtext 2024-11-21 6.8 MEDIUM 8.1 HIGH
All Xtext & Xtend versions prior to 2.18.0 were built using HTTP instead of HTTPS file transfer and thus the built artifacts may have been compromised.
CVE-2019-10074 1 Apache 1 Ofbiz 2024-11-21 7.5 HIGH 9.8 CRITICAL
An RCE is possible by entering Freemarker markup in an Apache OFBiz Form Widget textarea field when encoding has been disabled on such a field. This was the case for the Customer Request "story" input in the Order Manager application. Encoding should not be disabled without good reason and never within a field that accepts user input. Mitigation: Upgrade to 16.11.06 or manually apply the following commit on branch 16.11: r1858533
CVE-2019-0971 1 Microsoft 2 Azure Devops Server, Team Foundation Server 2024-11-21 9.0 HIGH 6.5 MEDIUM
An information disclosure vulnerability exists when Azure DevOps Server and Microsoft Team Foundation Server do not properly sanitize a specially crafted authentication request to an affected server, aka 'Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability'.
CVE-2019-0956 1 Microsoft 2 Sharepoint Enterprise Server, Sharepoint Foundation 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
An information disclosure vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Server Information Disclosure Vulnerability'.
CVE-2019-0857 1 Microsoft 1 Azure Devops Server 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
A spoofing vulnerability that could allow a security feature bypass exists in when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Spoofing Vulnerability'.
CVE-2018-9246 2 Ledgersmb, Pgobject-util-dbadmin Project 2 Ledgersmb, Pgobject-util-dbadmin 2024-11-21 7.5 HIGH 9.8 CRITICAL
The PGObject::Util::DBAdmin module before 0.120.0 for Perl, as used in LedgerSMB through 1.5.x, insufficiently sanitizes or escapes variable values used as part of shell command execution, resulting in shell code injection via the create(), run_file(), backup(), or restore() function. The vulnerability allows unauthorized users to execute code with the same privileges as the running application.
CVE-2018-8920 1 Synology 1 Diskstation Manager 2024-11-21 6.5 MEDIUM 7.2 HIGH
Improper neutralization of escape vulnerability in Log Exporter in Synology DiskStation Manager (DSM) before 6.1.6-15266 allows remote attackers to inject arbitrary content to have an unspecified impact by exporting an archive in CSV format.
CVE-2018-8609 1 Microsoft 1 Dynamics 365 2024-11-21 6.5 MEDIUM 8.8 HIGH
A remote code execution vulnerability exists in Microsoft Dynamics 365 (on-premises) version 8 when the server fails to properly sanitize web requests to an affected Dynamics server, aka "Microsoft Dynamics 365 (on-premises) version 8 Remote Code Execution Vulnerability." This affects Microsoft Dynamics 365.
CVE-2018-2389 1 Sap 1 Internet Graphics Server 2024-11-21 4.0 MEDIUM 5.7 MEDIUM
Under certain conditions a malicious user can inject log files of SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, hiding important information in the log file.
CVE-2018-20586 1 Bitcoin 1 Bitcoin Core 2024-11-21 4.3 MEDIUM 5.3 MEDIUM
bitcoind and Bitcoin-Qt prior to 0.17.1 allow injection of arbitrary data into the debug log via an RPC call.
CVE-2018-1048 1 Redhat 1 Jboss Enterprise Application Platform 2024-11-21 5.0 MEDIUM 7.5 HIGH
It was found that the AJP connector in undertow, as shipped in Jboss EAP 7.1.0.GA, does not use the ALLOW_ENCODED_SLASH option and thus allow the the slash / anti-slash characters encoded in the url which may lead to path traversal and result in the information disclosure of arbitrary local files.
CVE-2018-18838 1 My-netdata 1 Netdata 2024-11-21 5.0 MEDIUM 7.5 HIGH
An issue was discovered in Netdata 1.10.0. Log Injection (or Log Forgery) exists via a %0a sequence in the url parameter to api/v1/registry.
CVE-2018-16386 1 Swift 1 Alliance Web Platform 2024-11-21 5.0 MEDIUM 7.5 HIGH
An issue was discovered in SWIFT Alliance Web Platform 7.1.23. A log injection (and an arbitrary log filename) can be achieved via the PATH_INFO to swp/login/EJBRemoteService/, related to com.swift.ejbgwt.j2ee.client.EjBlnvocationException error log information containing null@java:comp/env/ error messages.
CVE-2018-15494 2 Debian, Dojotoolkit 2 Debian Linux, Dojo 2024-11-21 7.5 HIGH 9.8 CRITICAL
In Dojo Toolkit before 1.14, there is unescaped string injection in dojox/Grid/DataGrid.
CVE-2017-8303 1 Accellion 1 File Transfer Appliance 2024-11-21 7.5 HIGH 9.8 CRITICAL
An issue was discovered on Accellion FTA devices before FTA_9_12_180. seos/1000/find.api allows Remote Code Execution with shell metacharacters in the method parameter.
CVE-2017-18892 1 Mattermost 1 Mattermost Server 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. E-mail templates can have a field in which HTML content is not neutralized.
CVE-2017-12340 1 Cisco 1 Nx-os 2024-11-21 4.6 MEDIUM 4.2 MEDIUM
A vulnerability in Cisco NX-OS System Software running on Cisco MDS Multilayer Director Switches, Cisco Nexus 7000 Series Switches, and Cisco Nexus 7700 Series Switches could allow an authenticated, local attacker to access the Bash shell of an affected device's operating system, even if the Bash shell is disabled on the system. The vulnerability is due to insufficient sanitization of user-supplied parameters that are passed to certain functions of the Python scripting sandbox of the affected system. An attacker could exploit this vulnerability to escape the scripting sandbox and enter the Bash shell of the operating system with the privileges of the authenticated user for the affected system. To exploit this vulnerability, the attacker must have local access to the affected system and be authenticated to the affected system with administrative or Python execution privileges. Cisco Bug IDs: CSCvd86513.
CVE-2017-12064 1 Open-emr 1 Openemr 2024-11-21 5.0 MEDIUM 7.5 HIGH
The csv_log_html function in library/edihistory/edih_csv_inc.php in OpenEMR 5.0.0 and prior allows attackers to bypass intended access restrictions via a crafted name.
CVE-2016-3063 1 Netapp 1 Oncommand System Manager 2024-11-21 4.4 MEDIUM 7.5 HIGH
Multiple functions in NetApp OnCommand System Manager before 8.3.2 do not properly escape special characters, which allows remote authenticated users to execute arbitrary API calls via unspecified vectors.