9 matches found
Improper Output Handling
Apache Log4j Core is vulnerable to Improper Output Handling. The vulnerability is due to XmlLayout failing to sanitize characters forbidden by the XML 1.0 specification, allowing log messages or MDC values to produce malformed XML or trigger exceptions during logging, which can lead to dropped or...
CVE-2025-36159
IBM Concert 1.0.0 through 2.0.0 could allow a local user to forge log files to impersonate other users or hide their identity due to improper neutralization of output...
Siemens SIMATIC S7-1500 Improper Neutralization of Special Elements in Output Used by a Downstream Component (CVE-2020-8177)
curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...
The vulnerability of the Ruby interpreter’s Rack module interface allows attackers to influence the integrity of the protected information.
The vulnerability of the Ruby interpreter’s Rack module interface is related to improper processing of output data for registration logs. Exploiting this vulnerability allows an attacker to influence the integrity of the protected information...
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Overview Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' due to the improper handling of user input in the email sending functionality. An attacker can send spam, phishing emails, or other malicio...
The software for deploying and executing AI models, NVIDIA Triton Inference Server (previously TensorRT Inference Server), has vulnerabilities that allow attackers to gain unauthorized access to protected information, enhance their privileges, execute arbitrary code, or cause service failures or data changes.
The vulnerability of the NVIDIA Triton Inference Server previously known as TensorRT Inference Server software for deploying and executing AI models is related to improper processing of output data for registration logs. Exploiting this vulnerability can allow a remote attacker to gain unauthoriz...
The vulnerability of the GLPI system for managing requests, incidents, and inventory of computer equipment arises from the improper elimination of certain elements in the output data, allowing a perpetrator to execute arbitrary codes.
The vulnerability of the GLPI system for managing requests, incidents, and inventory of computer equipment is related to incorrect neutralization of certain elements in the output data. Exploiting this vulnerability allows a malicious actor to execute arbitrary codes remotely...
CVE-2021-29085
Improper neutralization of special elements in output used by a downstream component 'Injection' vulnerability in file sharing management component in Synology DiskStation Manager DSM before 6.2.3-25426-3 allows remote attackers to read arbitrary files via unspecified vectors...
Meneame cross-site scripting vulnerability
Overview Meneame, an open source social bookmark system, contains a cross-site scripting vulnerability. Meneame, an open-source web application to build social bookmark systems, contains a cross-site scripting vulnerability, as it does not properly handle output data. Impact A remote attacker cou...