Lucene search
K

9 matches found

Veracode
Veracode
added 2026/04/11 5:8 a.m.6 views

Improper Output Handling

Apache Log4j Core is vulnerable to Improper Output Handling. The vulnerability is due to XmlLayout failing to sanitize characters forbidden by the XML 1.0 specification, allowing log messages or MDC values to produce malformed XML or trigger exceptions during logging, which can lead to dropped or...

7.5CVSS5.8AI score0.0086EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2025/11/20 10:15 p.m.4 views

CVE-2025-36159

IBM Concert 1.0.0 through 2.0.0 could allow a local user to forge log files to impersonate other users or hide their identity due to improper neutralization of output...

6.2CVSS0.00099EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.5 views

Siemens SIMATIC S7-1500 Improper Neutralization of Special Elements in Output Used by a Downstream Component (CVE-2020-8177)

curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

7.8CVSS6.7AI score0.01236EPSS
Exploits1References6
BDU FSTEC
BDU FSTEC
added 2025/04/14 12:0 a.m.8 views

The vulnerability of the Ruby interpreter’s Rack module interface allows attackers to influence the integrity of the protected information.

The vulnerability of the Ruby interpreter’s Rack module interface is related to improper processing of output data for registration logs. Exploiting this vulnerability allows an attacker to influence the integrity of the protected information...

5.3CVSS6.7AI score0.00699EPSS
Exploits0References16Affected Software11
Snyk
Snyk
added 2024/11/27 9:59 p.m.1 views

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Overview Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' due to the improper handling of user input in the email sending functionality. An attacker can send spam, phishing emails, or other malicio...

8.7CVSS7AI score0.00451EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/06/24 12:0 a.m.6 views

The software for deploying and executing AI models, NVIDIA Triton Inference Server (previously TensorRT Inference Server), has vulnerabilities that allow attackers to gain unauthorized access to protected information, enhance their privileges, execute arbitrary code, or cause service failures or data changes.

The vulnerability of the NVIDIA Triton Inference Server previously known as TensorRT Inference Server software for deploying and executing AI models is related to improper processing of output data for registration logs. Exploiting this vulnerability can allow a remote attacker to gain unauthoriz...

9CVSS5.8AI score0.00538EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/22 12:0 a.m.5 views

The vulnerability of the GLPI system for managing requests, incidents, and inventory of computer equipment arises from the improper elimination of certain elements in the output data, allowing a perpetrator to execute arbitrary codes.

The vulnerability of the GLPI system for managing requests, incidents, and inventory of computer equipment is related to incorrect neutralization of certain elements in the output data. Exploiting this vulnerability allows a malicious actor to execute arbitrary codes remotely...

10CVSS8AI score0.01259EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2021/06/23 10:15 a.m.5 views

CVE-2021-29085

Improper neutralization of special elements in output used by a downstream component 'Injection' vulnerability in file sharing management component in Synology DiskStation Manager DSM before 6.2.3-25426-3 allows remote attackers to read arbitrary files via unspecified vectors...

7.5CVSS7.4AI score0.01332EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/05/20 3:0 p.m.1 views

Meneame cross-site scripting vulnerability

Overview Meneame, an open source social bookmark system, contains a cross-site scripting vulnerability. Meneame, an open-source web application to build social bookmark systems, contains a cross-site scripting vulnerability, as it does not properly handle output data. Impact A remote attacker cou...

4.3CVSS6.4AI score0.01263EPSS
Exploits0References6
Rows per page
Query Builder