CWE-116
High likelihoodImproper Encoding or Escaping of Output
The product prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved.
414 vulnerabilities with CWE-116
CVE-2025-25029
MEDIUM
IBM Security Guardium 12.0 - Info Disclosure
CVSS 4.9
CVE-2025-5271
MEDIUM
Firefox < 139 - Content Injection
CVSS 6.5
CVE-2025-3942
MEDIUM
Tridium Niagara <4.14.2-4.15.1-4.10.11 - Input Data Manipulation
CVSS 4.3
CVE-2025-1308
HIGH
PX Backup - Info Disclosure
CVE-2025-47280
MEDIUM
Umbraco Forms <13.4.2-15.1.2 - Info Disclosure
CVSS 6.1
CVE-2025-46340
HIGH
Misskey <2025.4.1 - Code Injection
CVSS 7.2
CVE-2025-32974
CRITICAL
XWiki <16.2.0 - Info Disclosure
CVSS 9.0
CVE-2025-24338
HIGH
ctrlX OS - XSS
CVSS 7.1
CVE-2025-46347
CRITICAL
YesWiki <4.5.4 - RCE
CVSS 9.8
CVE-2025-4084
MEDIUM
Firefox <128.10 - Local Code Execution
CVSS 5.7
CVE-2025-31651
CRITICAL
Apache Tomcat <11.0.5 - SSRF
CVSS 9.8
CVE-2025-23377
MEDIUM
Dell PowerProtect Data Manager Reporting <19.18 - XSS
CVSS 4.2
CVE-2025-32078
MEDIUM
Mediawiki - Version Compare Ext <1.43 - XSS
CVE-2025-32074
MEDIUM
Mediawiki - Confirm Account Ext <1.39-1.43 - XSS
CVSS 5.4
CVE-2025-32072
MEDIUM
The Wikimedia Foundation Mediawiki Core - Feed Utils <1.44 - Code I...
CVE-2025-30657
MEDIUM
Juniper Junos < 21.2 - Denial of Service
CVSS 5.3
CVE-2025-30345
LOW
OpenSlides <4.2.5 - XSS
CVSS 3.5
CVE-2025-1795
LOW
Exchange - Info Disclosure
CVE-2025-27109
HIGH
solid-js <1.9.4 - XSS
CVSS 7.3
CVE-2025-27108
HIGH
dom-expressions - XSS
CVSS 7.3
CVE-2025-24025
MEDIUM
Coollabs Coolify < 4.0.0 - XSS
CVSS 6.1
CVE-2025-23207
MEDIUM
KaTeX <0.16.21 - RCE
CVSS 6.3
CVE-2024-58266
LOW
Comex Shlex < 1.2.1 - Command Injection
CVSS 3.2
CVE-2024-56524
CRITICAL
Radware Cloud WAF <2025-05-07 - Auth Bypass
CVSS 9.1
CVE-2024-9606
HIGH
berriai/litellm <1.44.12 - Info Disclosure
CVSS 7.5
Details
Vulnerabilities
414
Exploit Likelihood
High