Weaknesses of type CWE-400

2,388 results
CVE-2024-27812HIGHA logic issue was addressed with improved file handling. This issue is fixed in visionOS 1.2. Processing web content may lead to a denial-ofEPSS 1.1%CVE-2022-48748HIGHnet: bridge: vlan: fix memory leak in __allowed_ingressEPSS 1.1%CVE-2021-31405HIGHRegular expression denial of service (ReDoS) in EmailField component in Vaadin 14 and 15-17EPSS 1.1%CVE-2023-20863MEDIUMIn spring framework versions prior to 5.2.24 release+ ,5.3.27+ and 6.0.8+ , it is possible for a user to provide a specially crafted SpEL exEPSS 1.1%CVE-2023-28626MEDIUMQuadratic runtime when parsing Markdown in comrakEPSS 1.1%CVE-2021-41118MEDIUMReDoS in DynamicPageList3EPSS 1.1%CVE-2024-20962MEDIUMVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 aEPSS 1.1%CVE-2025-29954MEDIUMWindows Lightweight Directory Access Protocol (LDAP) Denial of Service VulnerabilityEPSS 1.1%CVE-2023-23447HIGHUncontrolled Resource Consumption in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 112252EPSS 1.1%CVE-2023-31409MEDIUMUncontrolled Resource Consumption in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 112252EPSS 1.1%CVE-2017-16111The content module is a module to parse HTTP Content-* headers. It is used by the hapijs framework to provide this functionality. The moduleEPSS 1.1%CVE-2023-43646HIGHInefficient Regular Expression Complexity in get-func-nameEPSS 1.1%CVE-2024-4549HIGHDelta Electronics DIAEnergie SQL Injection EPSS 1.1%CVE-2023-22486LOWcmark-gfm Quadratic complexity bug in handle_close_bracket may lead to a denial of serviceEPSS 1.1%CVE-2023-35945HIGHEnvoy vulnerable to HTTP/2 memory leak in nghttp2 codecEPSS 1.1%CVE-2024-20961MEDIUMVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 aEPSS 1.1%CVE-2018-10868redhat-certification 7 does not properly restrict the number of recursive definitions of entities in XML documents, allowing an unauthenticaEPSS 1.1%CVE-2024-20985MEDIUMVulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Supported versions that are affected are 8.0.35 and priEPSS 1.1%CVE-2022-41861MEDIUMA flaw was found in freeradius. A malicious RADIUS client or home server can send a malformed abinary attribute which can cause the server tEPSS 1.1%CVE-2024-0241HIGHencoded_id-rails Denial of Service VulnerabilityEPSS 1.1%