Weaknesses of type CWE-354

93 results

CVE-2023-48795MEDIUMThe SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypasEPSS 93.3%CVE-2019-1163MEDIUMWindows File Signature Security Feature Bypass VulnerabilityEPSS 1.5%CVE-2024-3727HIGHContainers/image: digest type does not guarantee valid typeEPSS 1.3%CVE-2021-3772—A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the atEPSS 1.2%CVE-2017-3224—Open Shortest Path First (OSPF) protocol implementations may improperly determine LSA recency in affected Quagga and downstream implementations (SUSE, openSUSE, and Red Hat packages)EPSS 1.1%CVE-2021-20184—It was found in Moodle before version 3.10.1, 3.9.4 and 3.8.7 that a insufficient capability checks in some grade related web services meantEPSS 0.7%CVE-2021-37182—A vulnerability has been identified in SCALANCE XM408-4C (All versions < V6.5), SCALANCE XM408-4C (L3 int.) (All versions < V6.5), SCALANCE EPSS 0.6%CVE-2024-41909MEDIUMApache MINA SSHD: integrity check bypassEPSS 0.6%CVE-2022-29898CRITICALRemote Code Execution in all versions of various RAD-ISM-900-EN-* devices by PHOENIX CONTACTEPSS 0.6%CVE-2023-2975MEDIUMAES-SIV implementation ignores empty associated data entriesEPSS 0.5%CVE-2022-29173HIGHNo protection against rollback attacks in go-tufEPSS 0.5%CVE-2019-10155LOWThe Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity EPSS 0.5%CVE-2022-45142HIGHThe fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding "!= 0" comparisons to tEPSS 0.5%CVE-2022-46402MEDIUMThe Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) accepts PairCon_rmSend with incorrectEPSS 0.5%CVE-2024-52550HIGHJenkins Pipeline: Groovy Plugin 3990.vd281dd77a_388 and earlier, except 3975.3977.v478dd9e956c3 does not check whether the main (JenkinsfileEPSS 0.4%CVE-2023-28386HIGHSnap One OvrC Pro devices versions 7.2 and prior do not validate firmware updates correctly. The device only calculates the MD5 hash of the EPSS 0.4%CVE-2024-48930HIGHsecp256k1-node vulnerable to private key extraction over ECDHEPSS 0.4%CVE-2025-7096CRITICALComodo Internet Security Premium Manifest File cis_update_x64.xml integrity checkEPSS 0.4%CVE-2026-8597MEDIUMMissing integrity verification in Triton inference handler in Amazon SageMaker Python SDKEPSS 0.4%CVE-2022-25946HIGHOn all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP Advanced WAF, ASM, and ASM, and F5 BIG-IP Guided ConfigurEPSS 0.4%

← previouspage 1 / 5next →