Weaknesses of type CWE-636
34 resultsCVE-2024-43532HIGHRemote Registry Service Elevation of Privilege VulnerabilityEPSS 11.7%CVE-2023-28840HIGHmoby/moby's dockerd daemon encrypted overlay network may be unauthenticatedEPSS 2.7%CVE-2021-1578HIGHCisco Application Policy Infrastructure Controller Privilege Escalation VulnerabilityEPSS 2.0%CVE-2023-28842MEDIUMmoby/moby's dockerd daemon encrypted overlay network with a single endpoint is unauthenticatedEPSS 1.4%CVE-2025-21210MEDIUMWindows BitLocker Information Disclosure VulnerabilityEPSS 1.1%CVE-2024-3729CRITICALFrontend Admin by DynamiApps <= 3.19.4 - Improper Missing Encryption Exception Handling to Form ManipulationEPSS 0.8%CVE-2023-28841MEDIUMmoby/moby's dockerd daemon encrypted overlay network traffic may be unencryptedEPSS 0.7%CVE-2026-22034CRITICALSnuffleupagus vulnerable to RCE on instances with upload validation enabled but without the VLD packageEPSS 0.7%CVE-2026-40525CRITICALOpenViking < 0.3.9 Authentication Bypass via VikingBot OpenAPIEPSS 0.6%CVE-2026-40247HIGHfree5gc UDR improper path validation allows unauthenticated access to Traffic Influence SubscriptionsEPSS 0.5%CVE-2024-8185HIGHVault Vulnerable to Denial of Service When Processing Raft Join RequestsEPSS 0.5%CVE-2026-40248HIGHfree5gc UDR improper path validation allows unauthenticated creation and modification of Traffic Influence SubscriptionsEPSS 0.4%CVE-2026-42246HIGHnet-imap vulnerable to STARTTLS stripping via invalid response timingEPSS 0.4%CVE-2026-40249MEDIUMfree5gc UDR fail-open request handling in PolicyDataSubsToNotifySubsIdPut may allow unintended subscription updates after input errorsEPSS 0.3%CVE-2025-41759MEDIUMUse of wildcard (“*” or “all”) in Block listEPSS 0.3%CVE-2025-41760MEDIUMPass filter with Empty TableEPSS 0.3%CVE-2026-42423HIGHOpenClaw < 2026.4.8 - strictInlineEval Approval Boundary Bypass via Approval-Timeout FallbackEPSS 0.3%CVE-2026-41334HIGHOpenClaw < 2026.3.31 - Decompression Bomb Denial of Service via Image Pixel-Limit Guard BypassEPSS 0.3%CVE-2023-22943MEDIUMModular Input REST API Requests Connect via HTTP after Certificate Validation Failure in Splunk Add-on Builder and Splunk CloudConnect SDKEPSS 0.3%CVE-2024-2660MEDIUMVault TLS Cert Auth Method Did Not Correctly Validate OCSP ResponsesEPSS 0.3%