Weaknesses of type CWE-657
18 resultsCVE-2023-29320HIGHZDI-CAN-20712: Adobe Acrobat Blacklist Bypass Design flawEPSS 4.6%CVE-2022-28244MEDIUMAdobe Acrobat Reader DC CSP Bypass Leads To Privilege EscalationEPSS 3.4%CVE-2021-44714LOWAdobe Acrobat Reader Missing Custom Protocols in Warning Message PromptsEPSS 2.5%CVE-2021-28583HIGHMagento Commerce insecure storage of sensitive documentationEPSS 1.9%CVE-2017-6032—A Violation of Secure Design Principles issue was discovered in Schneider Electric Modicon Modbus Protocol. The Modicon Modbus protocol has EPSS 1.7%CVE-2021-36061MEDIUMAdobe Connect Violation of Secure Design Principles Vulnerability Can Lead To Editing Or Deleting RecordingsEPSS 1.5%CVE-2019-15611—Violation of Secure Design Principles in the iOS App 2.23.0 causes the app to leak its login and token to other Nextcloud services when searEPSS 1.1%CVE-2020-8133—A wrong generation of the passphrase for the encrypted block in Nextcloud Server 19.0.1 allowed an attacker to overwrite blocks in a file.EPSS 0.7%CVE-2022-30683MEDIUMAEM Violation of Secure Design Principles Security feature bypassEPSS 0.6%CVE-2026-39888CRITICALPraisonAIAgents has a sandbox escape via exception frame traversal in `execute_code` (subprocess mode)EPSS 0.5%CVE-2024-26139HIGHOpenCTI Authenticated Privilege EscalationEPSS 0.4%CVE-2024-33849MEDIUMci solution CI-Out-of-Office Manager through 6.0.0.77 uses a Hard-coded Cryptographic Key.EPSS 0.4%CVE-2019-0061HIGHJunos OS: Insecure management daemon (MGD) configuration may allow local privilege escalationEPSS 0.4%CVE-2023-52714HIGHVulnerability of defects introduced in the design process in the hwnff module.
Impact: Successful exploitation of this vulnerability may affEPSS 0.3%CVE-2024-57957MEDIUMVulnerability of improper log information control in the UI framework module
Impact: Successful exploitation of this vulnerability may affecEPSS 0.3%CVE-2025-54255MEDIUMAcrobat Reader | Violation of Secure Design Principles (CWE-657)EPSS 0.2%CVE-2019-5478—A weakness was found in Encrypt Only boot mode in Zynq UltraScale+ devices. This could lead to an adversary being able to modify the controlEPSS 0.2%CVE-2025-24887MEDIUMOpenCTI bypass of protected attribute updateEPSS 0.2%