CWE-1025
9 CVEs classified under CWE-1025. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-25306 | Critical | 9.3 | 2025-03-10 | Misskey is an open source, federated social media platform. The patch for CVE-2024-52591 did not sufficiently validate the relation between the `id` and `url`… |
CVE-2025-32464 | Medium | 6.8 | 2025-04-09 | HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sample_conv_regsub heap-based buffer overflow because of mishandling of the replacement of… |
CVE-2026-40227 | Medium | 6.2 | 2026-04-10 | In systemd 260 before 261, a local unprivileged user can trigger an assert via an IPC API call with an array or map that has a null element. |
CVE-2024-20342 | Medium | 5.8 | 2024-10-23 | Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that could allow an unauthenticated, remote… |
CVE-2026-21691 | Medium | 5.4 | 2026-01-07 | iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color manage… |
CVE-2025-27839 | Low | 3.2 | 2025-03-07 | operations/attestation/AttestationTask.kt in the Tangem SDK before 5.18.3 for Android has a logic flow in offline wallet attestation (genuineness check) that c… |
CVE-2026-40880 | | 2026-04-21 | ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.1 and zebra-consensus version 5.0.2, a logic error in Zebra's transaction verificat… | |
CVE-2025-2888 | | 2025-03-27 | During a snapshot rollback, the client incorrectly caches the timestamp metadata. If the client checks the cache when attempting to perform the next update, th… | |
CVE-2025-2887 | | 2025-03-27 | During a target rollback, the client fails to detect the rollback for delegated targets. This could cause the client to fetch a target from an incorrect source… |