Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-116

CWE-116

High likelihood

Improper Encoding or Escaping of Output

Parent: CWE-707 - Improper Neutralization

The product prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved.

446 vulnerabilities with CWE-116

CVE-2020-6227 HIGH

SAP BusinessObjects <4.2 - Code Injection

CVE-2020-4282 MEDIUM

IBM Security Information Queue <1.0.6 - Auth Bypass

CVE-2020-10235 HIGH

Froxlor < 0.10.14 - Remote Code Execution via Database Configuration Options

CVE-2019-4326 HIGH

HCL AppScan Enterprise - Info Disclosure

CVE-2019-19714 MEDIUM

Contao 4.8.4-4.8.5 - Insert Tag Injection in Login Module

CVE-2019-11325 CRITICAL

Symfony <4.2.12 & <4.3.8 - Code Injection

CVE-2019-12675 HIGH

Cisco Firepower Threat Defense - Privilege Escalation

CVE-2019-12674 HIGH

Cisco Firepower Threat Defense - Privilege Escalation

CVE-2019-9853 HIGH

LibreOffice 6.2.0-6.2.6 - Macro Execution Bypass via URL Decoding Flaw

CVE-2019-10074 CRITICAL

Apache OFBiz 16.11.01-16.11.04 - Remote Code Execution via Freemarker Markup in Form Widget Textarea

CVE-2019-11547 MEDIUM

GitLab < 11.8.9, 11.9.x < 11.9.10, 11.10.x < 11.10.2 - Cross-Site Scripting via Merge Request Notification Email

CVE-2019-12463 HIGH

LibreNMS 1.50.1-1.53 - Authenticated RRDtool Injection via Graph Parameter

CVE-2019-15944 MEDIUM

Counter-Strike: Global Offensive <8/29/2019 - XSS

CVE-2019-1968 HIGH

Cisco NX-OS - Unauthenticated Denial of Service via NX-API HTTP Header

CVE-2019-9852 HIGH

LibreOffice - Code Injection

CVE-2019-10362 MEDIUM

Jenkins Configuration as Code Plugin <1.24 - Info Disclosure

CVE-2019-11717 MEDIUM

Firefox ESR <60.8-Firefox <68-Thunderbird <60.8 - SSRF

CVE-2019-3571 MEDIUM

WhatsApp Desktop <0.3.3793 - Info Disclosure

CVE-2019-11268 MEDIUM

Cloud Foundry UAA < 73.3.0 - Authenticated Information Disclosure via Improper Escaping

CVE-2019-0971 MEDIUM

Azure DevOps Server - Info Disclosure

CVE-2019-0956 MEDIUM

Microsoft SharePoint Server - Info Disclosure

CVE-2019-10249 HIGH

Xtext & Xtend <2.18.0 - Info Disclosure

CVE-2019-0857 MEDIUM

Azure DevOps Server - Info Disclosure

CVE-2019-6109 MEDIUM

OpenSSH < 7.9 - Terminal Output Manipulation via ANSI Control Codes in Progress Display

CVE-2018-9433 HIGH

Android - Remote Code Execution via ArrayConcatVisitor Type Confusion

Previous Page 17 of 18 Next

Details

Vulnerabilities 446

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy