Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-74 (输出中的特殊元素转义处理不恰当(注入)) — Vulnerability Class 373

373 vulnerabilities classified as CWE-74 (输出中的特殊元素转义处理不恰当(注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-21313 XSS on tabs — glpi 4.9 Medium2021-03-03
CVE-2021-21353 Remote code execution in pug — pug 6.8 Medium2021-03-03
CVE-2021-21316 Arbitrary code execution in less-openui5 — less-openui5 6.3 Medium2021-02-16
CVE-2021-21305 Code Injection vulnerability in CarrierWave — carrierwave 7.4 High2021-02-08
CVE-2021-21303 Injection attack in Helm — helm 5.9 Medium2021-02-05
CVE-2021-21277 Angular Expressions - Remote Code Execution — angular-expressions 8.5 High2021-02-01
CVE-2021-21278 Risk of code injection in RSSHub — RSSHub 8.6 High2021-01-26
CVE-2021-21263 Query Binding Exploitation in Laravel — framework 7.2 High2021-01-19
CVE-2021-21247 Post-Auth Unsafe Deserialization on BasePage (AJAX) — onedev 9.6 Critical2021-01-15
CVE-2021-21249 Post-Auth Unsafe Yaml deserialization — onedev 9.6 Critical2021-01-15
CVE-2021-21248 Post-Auth Arbitrary Code execution via Groovy script injection — onedev 9.6 Critical2021-01-15
CVE-2021-21242 Pre-Auth Unsafe Deserialization on AttachmentUploadServet — onedev 10.0 Critical2021-01-15
CVE-2021-21243 Pre-Auth Unsafe Deserialization on KubernetesResource — onedev 10.0 Critical2021-01-15
CVE-2021-21244 Pre-Auth SSTI via Bean validation message tampering — onedev 10.0 Critical2021-01-15
CVE-2021-21261 Flatpak sandbox escape via spawn portal — flatpak 7.3 High2021-01-14
CVE-2020-26298 Injection in Redcarpet — redcarpet 6.8 Medium2021-01-11
CVE-2020-27260 Innokas Medical Innokas Yhtyma Oy Vital Signs Monitor 注入漏洞 — BIGCOMPANYSOFT SOFTWARE PRODUCT 5.3 -2021-01-08
CVE-2020-26293 Possible XSS bypass if style tag is allowed — HtmlSanitizer 6.1 Medium2021-01-04
CVE-2020-26282 Template Injection in BrowserUp Proxy — browserup-proxy 10.0 Critical2020-12-24
CVE-2020-26260 Server Side Request Forgery in BookStack — BookStack 6.4 Medium2020-12-09
CVE-2020-26238 Critical vulnerability found in cron-utils — cron-utils 7.9 High2020-11-24
CVE-2020-26081 Cisco IoT Field Network Director Cross-Site Scripting Vulnerabilities — Cisco IoT Field Network Director (IoT-FND) 6.1 -2020-11-18
CVE-2020-26222 Remote code execution in dependabot-core — dependabot-core 8.7 High2020-11-13
CVE-2020-15238 Local privilege escalation Blueman — blueman 7.1 High2020-10-27
CVE-2020-15255 CSV injection in Anuko Time Tracker — timetracker 8.7 High2020-10-16
CVE-2020-15227 Remote Code Execution vulnerability — application 8.7 High2020-10-01
CVE-2020-15140 Remote Code Execution in Red Discord Bot — Red-DiscordBot 8.2 High2020-08-21
CVE-2020-15143 Remote Code Execution in SyliusResourceBundle — SyliusResourceBundle 7.7 High2020-08-19
CVE-2020-15146 Remote Code Execution in SyliusResourceBundle — SyliusResourceBundle 9.6 Critical2020-08-19
CVE-2020-15111 CRLF vulnerability in Fiber — fiber 4.2 Medium2020-07-20

Vulnerabilities classified as CWE-74 (输出中的特殊元素转义处理不恰当(注入)) represent 373 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.