Weaknesses of type CWE-684
27 resultsCVE-2023-5363HIGHIncorrect cipher key & IV length processingEPSS 3.3%CVE-2025-47227HIGHIn the Production Environment extension in Netmake ScriptCase through 9.12.006 (23), the Administrator password reset mechanism is mishandleEPSS 2.0%CVE-2020-11054LOWIncorrect Provision of Specified Functionality in qutebrowserEPSS 1.3%CVE-2026-34478MEDIUMApache Log4j Core: Log injection in Rfc5424Layout due to silent configuration incompatibilityEPSS 0.8%CVE-2023-24845CRITICALA vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801, RUGGEDCOM i801NC, RUGGEDCOM i802, RUGGEDCOM i802NC,EPSS 0.6%CVE-2024-50357CRITICALFutureNet NXR series routers provided by Century Systems Co., Ltd. have REST-APIs, which are configured as disabled in the initial (factory EPSS 0.5%CVE-2024-6425CRITICALIncorrect Provision of Specified Functionality vulnerability in MESbookEPSS 0.5%CVE-2023-4258HIGHbt: mesh: vulnerability in provisioning protocol implementation on provisionee sideEPSS 0.5%CVE-2026-44597LOWTor before 0.4.9.7 has an out-of-bounds read when an END, a TRUNCATE, or a TRUNCATED cell lacks a reason in its payload, aka TROVE-2026-011.EPSS 0.4%CVE-2024-5005MEDIUMIncorrect Provision of Specified Functionality in GitLabEPSS 0.4%CVE-2026-40684MEDIUMIn Exim before 4.99.2, on systems using musl libc (not glibc), an attacker can crash the connection instance when malformed DNS data is presEPSS 0.4%CVE-2024-6502MEDIUMIncorrect Provision of Specified Functionality in GitLabEPSS 0.3%CVE-2026-40685MEDIUMIn Exim before 4.99.2, when JSON lookup is enabled, an out-of-bounds heap write can occur when a JSON operator encounters malformed JSON in EPSS 0.3%CVE-2025-54568LOWAkamai Rate Control alpha before 2025 allows attackers to send requests above the stipulated thresholds because the rate is measured separatEPSS 0.3%CVE-2025-66384HIGHapp/Controller/EventsController.php in MISP before 2.5.24 has invalid logic in checking for uploaded file validity, related to tmp_name.EPSS 0.3%CVE-2025-58325HIGHAn Incorrect Provision of Specified Functionality vulnerability [CWE-684] in FortiOS 7.6.0, 7.4.0 through 7.4.5, 7.2.5 through 7.2.10, 7.0.0EPSS 0.3%CVE-2024-8974LOWIncorrect Provision of Specified Functionality in GitLabEPSS 0.3%CVE-2026-30791HIGHRustDesk Client Accepts Pseudo-Encrypted Config Strings Without Cryptographic ValidationEPSS 0.2%CVE-2024-20317HIGHCisco IOS XR Software Layer 2 Services Denial of Service VulnerabilityEPSS 0.2%CVE-2025-54567MEDIUMhw/pci/pcie_sriov.c in QEMU through 10.0.3 mishandles the VF Enable bit write mask, a related issue to CVE-2024-26327.EPSS 0.2%