Weaknesses of type CWE-150

65 results

CVE-2017-0899—RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications that include terminal escape characters. PrintinEPSS 10.8%CVE-2025-55754CRITICALApache Tomcat: console manipulation via escape sequences in log messagesEPSS 9.2%CVE-2021-25310—The administration web interface on Belkin Linksys WRT160NL 1.0.04.002_US_20130619 devices allows remote authenticated attackers to execute EPSS 4.6%CVE-2020-6932CRITICALAn information disclosure and remote code execution vulnerability in the slinger web server of the BlackBerry QNX Software Development PlatfEPSS 3.6%CVE-2024-28085LOWwall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals tEPSS 2.2%CVE-2022-30123—A sequence injection vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 which could allow is a possible shell escape in the Lint aEPSS 1.8%CVE-2023-3265CRITICALAn authentication bypass exists on CyberPower PowerPanel Enterprise by failing to sanitize meta-characters from the username, allowing an atEPSS 1.5%CVE-2026-23829MEDIUMMailpit has SMTP Header Injection via Regex BypassEPSS 1.4%CVE-2023-26055CRITICALXWiki Commons may allow privilege escalation to programming rights via user's first nameEPSS 1.2%CVE-2023-28446HIGHDeno is vulnerable to interactive `run` permission prompt spoofing via improper ANSI neutralizationEPSS 1.1%CVE-2024-52006LOWNewline confusion in credential helpers can lead to credential exfiltration in gitEPSS 1.0%CVE-2024-27936HIGHDeno interactive permission prompt spoofing via improper ANSI strippingEPSS 0.9%CVE-2025-25286CRITICALCrayfish allows Remote Code Execution via Homarus Authorization headerEPSS 0.9%CVE-2024-33899HIGHRARLAB WinRAR before 7.00, on Linux and UNIX platforms, allows attackers to spoof the screen output, or cause a denial of service, via ANSI EPSS 0.8%CVE-2021-25743LOWANSI escape characters in kubectl output are not being filteredEPSS 0.8%CVE-2025-65082MEDIUMApache HTTP Server: CGI environment variable overrideEPSS 0.8%CVE-2024-36052HIGHRARLAB WinRAR before 7.00, on Windows, allows attackers to spoof the screen output via ANSI escape sequences, a different issue than CVE-202EPSS 0.7%CVE-2023-30844LOWMutagen list and monitor operations do not neutralize control characters in text controlled by remote endpointsEPSS 0.7%CVE-2024-32986CRITICALArbitrary code execution due to improper sanitization of web app properties in PWAsForFirefox EPSS 0.7%CVE-2024-47252HIGHApache HTTP Server: mod_ssl error log variable escapingEPSS 0.7%

← previouspage 1 / 4next →