CWE-1104
18 CVEs classified under CWE-1104. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-10220 | Critical | 9.8 | 2025-09-10 | Use of Unmaintained Third Party Components (CWE-1104) in the NuGet dependency components in AxxonSoft Axxon One VMS 2.0.0 through 2.0.4 on Windows allows a rem… |
CVE-2024-11999 | High | 8.8 | 2024-12-17 | CWE-1104: Use of Unmaintained Third-Party Components vulnerability exists that could cause complete control of the device when an authenticated user installs m… |
CVE-2024-8885 | High | 8.8 | 2024-10-02 | A local privilege escalation vulnerability in Sophos Intercept X for Windows with Central Device Encryption 2024.2.0 and older allows writing of arbitrary file… |
CVE-2026-41468 | High | 8.7 | 2026-04-22 | Beghelli Sicuro24 SicuroWeb embeds AngularJS 1.5.2, an end-of-life component containing known sandbox escape primitives. When combined with template injection… |
CVE-2025-3497 | High | 8.7 | 2025-07-09 | The Linux distribution underlying the Radiflow iSAP Smart Collector (CentOS 7 - VSAP 1.20) is obsolete and reached end of life (EOL) on June 30, 2024. Thus… |
CVE-2026-21821 | High | 8.3 | 2026-05-13 | The HCL BigFix SCM Reporting site contains an outdated and unsupported version of the jQuery 1.x library. Since jQuery 1.x has reached end-of-life and no longe… |
CVE-2025-20010 | High | 7.8 | 2025-11-11 | Use of unmaintained third party components for some Intel(R) Processor Identification Utility before version 8.0.43 within Ring 3: User Applications may allow… |
CVE-2024-35252 | High | 7.5 | 2024-06-11 | Azure Storage Movement Client Library Denial of Service Vulnerability |
CVE-2025-48862 | High | 7.1 | 2025-08-14 | Ambiguous wording in the web interface of the ctrlX OS setup mechanism could lead the user to believe that the backup file is encrypted when a password is set… |
CVE-2021-22142 | Medium | 6.6 | 2023-11-22 | Kibana contains an embedded version of the Chromium browser that the Reporting feature uses to generate the downloadable reports. If a user with permissions to… |
CVE-2024-21631 | Medium | 6.5 | 2024-01-03 | Vapor is an HTTP web framework for Swift. Prior to version 4.90.0, Vapor's `vapor_urlparser_parse` function uses `uint16_t` indexes when parsing a URI's compon… |
CVE-2025-52658 | Low | 3.5 | 2025-10-03 | HCL MyXalytics is affected by the use of vulnerable/outdated versions which can expose the application to known security risks that could be exploited. |
CVE-2025-55277 | Low | 2.6 | 2026-03-26 | HCL Aftermarket DPC is affected by Use of Vulnerable/Outdated Versions vulnerability using which an attacker may make use of the exploits available across the… |
CVE-2025-12104 | | 2025-10-23 | Outdated and Vulnerable UI Dependencies might potentially lead to exploitation.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. | |
CVE-2025-34193 | | 2025-09-19 | Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 25.1.102 and Application versions prior to 25.1.1413 include Windows client compo… | |
CVE-2025-34192 | | 2025-09-19 | Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.893 and Application versions prior to 20.0.2140 (macOS/Linux client deployme… | |
CVE-2025-40906 | | 2025-05-16 | BSON::XS versions 0.8.4 and earlier for Perl includes a bundled libbson 1.1.7, which has several vulnerabilities. Those include CVE-2017-14227, CVE-2018-16790… | |
CVE-2023-7102 | | 2023-12-24 | Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. Barracuda ESG Appliance which allowed Parameter Injection.This issue affected… |