Weaknesses of type CWE-672

50 results

CVE-2020-11027MEDIUMPassword reset links invalidation issue in WordPressEPSS 13.6%CVE-2019-17638—In Eclipse Jetty, versions 9.4.27.v20200227 to 9.4.29.v20200521, in case of too large response headers, Jetty throws an exception to produceEPSS 11.1%CVE-2021-37204HIGHA vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC Drive Controller family (All versionEPSS 2.1%CVE-2020-12043—The Baxter Spectrum WBM (v17, v20D29, v20D30, v20D31, and v22D24) when configured for wireless networking the FTP service operating on the WEPSS 2.1%CVE-2021-42778—A heap double free issue was found in Opensc before version 0.22.0 in sc_pkcs15_free_tokeninfo.EPSS 2.0%CVE-2021-37185HIGHA vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CEPSS 2.0%CVE-2019-15791HIGHReference count underflow in shiftfsEPSS 1.3%CVE-2019-15794HIGHReference counting error in overlayfs/shiftfs error path when used in conjuction with aufsEPSS 1.2%CVE-2020-15270MEDIUMImproper session expiration in Parse ServerEPSS 1.2%CVE-2022-22197HIGHJunos OS and Junos OS Evolved: An rpd core will be observed with proxy BGP route-target filtering enabled and certain route add and delete event happeningEPSS 1.0%CVE-2022-30256HIGHAn issue was discovered in MaraDNS Deadwood through 3.5.0021 that allows variant V1 of unintended domain name resolution. A revoked domain nEPSS 0.9%CVE-2024-27308HIGHMio's tokens for named pipes may be delivered after deregistrationEPSS 0.9%CVE-2026-33278CRITICALPossible arbitrary code execution during DNSSEC validationEPSS 0.9%CVE-2024-47571HIGHAn operation on a resource after expiration or release in Fortinet FortiManager 6.4.12 through 7.4.0 allows an attacker to gain improper accEPSS 0.9%CVE-2023-48220MEDIUMDecidim's devise_invitable gem vulnerable to circumvention of invitation token expiry periodEPSS 0.8%CVE-2022-22755HIGHBy using XSL Transforms, a malicious webserver could have served a user an XSL document that would continue to execute JavaScript (within thEPSS 0.6%CVE-2026-43585CRITICALOpenClaw < 2026.4.15 - Bearer Token Validation Bypass via Stale SecretRef ResolutionEPSS 0.5%CVE-2025-22149LOWJWK Set's HTTP client only overwrites and appends JWK to local cache during refreshEPSS 0.5%CVE-2023-1902MEDIUMHCI Connection Creation Dangling State Reference Re-useEPSS 0.5%CVE-2023-1901MEDIUMHCI send_sync Dangling Semaphore Reference Re-useEPSS 0.5%

← previouspage 1 / 3next →