CWE-116
High likelihoodImproper Encoding or Escaping of Output
The product prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved.
414 vulnerabilities with CWE-116
CVE-2024-7873
CRITICAL
Veribilim Software Veribase Order <4.010.3 - XSS
CVE-2024-45498
HIGH
Apache Airflow <2.10.0 - Command Injection
CVSS 8.8
CVE-2024-45299
MEDIUM
alf.io <2.0-M5 - XSS
CVSS 6.5
CVE-2024-8297
MEDIUM
Kitsada8621 Digital Library Management System <1.0 - Info Disclosure
CVSS 5.3
CVE-2024-34739
HIGH
Java - Privilege Escalation
CVSS 7.8
CVE-2024-38177
HIGH
Windows App Installer - Path Traversal
CVSS 7.8
CVE-2024-6329
MEDIUM
GitLab CE/EE <17.0.6-17.2.2 - Info Disclosure
CVSS 5.7
CVE-2024-39682
MEDIUM
Cooked <1.7.15.4 - XSS
CVSS 6.4
CVE-2024-39736
MEDIUM
IBM Datacap - XSS
CVSS 6.5
CVE-2024-39929
MEDIUM
Exim <4.97.1 - Info Disclosure
CVSS 5.4
CVE-2024-38475
CRITICAL
KEV
Apache HTTP Server <2.4.59 - RCE
CVSS 9.1
CVE-2024-38474
CRITICAL
Apache HTTP Server <2.4.59 - RCE
CVSS 9.8
CVE-2024-38473
HIGH
Apache HTTP Server <2.4.60 - Open Redirect
CVSS 8.1
CVE-2024-27629
HIGH
dc2niix <1.0.20240202 - RCE
CVSS 7.8
CVE-2024-35225
CRITICAL
Jupyter Server Proxy < 3.2.4 - XSS
CVSS 9.6
CVE-2024-5585
HIGH
PHP <8.1.29, 8.2.*<8.2.20, 8.3.*<8.3.8 - Command Injection
CVSS 7.7
CVE-2024-4177
HIGH
Bitdefender Gravityzone < 6.38.1-2 - SSRF
CVSS 8.1
CVE-2024-34715
LOW
Fides - Info Disclosure
CVSS 2.3
CVE-2024-4420
HIGH
Tink-cc <2.1.3 - DoS
CVSS 7.5
CVE-2024-34355
LOW
TYPO3 <13.1.1 - XSS
CVSS 3.5
CVE-2024-29894
MEDIUM
Cacti <1.2.27 - XSS
CVSS 5.4
CVE-2024-34510
HIGH
Gradio <4.20 - Info Disclosure
CVSS 7.5
CVE-2024-1874
CRITICAL
PHP <8.1.28, 8.2.*<8.2.18, 8.3.*<8.3.5 - Command Injection
CVSS 9.4
CVE-2024-31866
CRITICAL
Apache Zeppelin <0.11.1 - RCE
CVSS 9.8
CVE-2024-22356
MEDIUM
IBM App Connect Enterprise <12.0.9.0 - Info Disclosure
CVSS 4.9
Details
Vulnerabilities
414
Exploit Likelihood
High