CWE-114 · Process Control
22 CVEs classified under CWE-114 (Process Control). Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-36250 | Critical | 10.0 | 2025-11-13 | IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server (formerly known as NIM master) service (nimesis) could allow a remote attacker to execute arbitrary c… |
CVE-2024-56346 | Critical | 10.0 | 2025-03-18 | IBM AIX 7.2 and 7.3 nimesis NIM master service could allow a remote attacker to execute arbitrary commands due to improper process controls. |
CVE-2025-36251 | Critical | 9.6 | 2025-11-13 | IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 nimsh service SSL/TLS implementations could allow a remote attacker to execute arbitrary commands due to imprope… |
CVE-2024-56347 | Critical | 9.6 | 2025-03-18 | IBM AIX 7.2 and 7.3 nimsh service SSL/TLS protection mechanisms could allow a remote attacker to execute arbitrary commands due to improper process controls. |
CVE-2025-1950 | Critical | 9.3 | 2025-04-22 | IBM Hardware Management Console - Power Systems V10.2.1030.0 and V10.3.1050.0 could allow a local user to execute commands locally due to improper validation o… |
CVE-2024-32004 | High | 8.2 | 2024-05-14 | Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, an attacker can prepare a local repository in s… |
CVE-2020-8107 | High | 8.2 | 2022-02-18 | A Process Control vulnerability in ProductAgentUI.exe as used in Bitdefender Antivirus Plus allows an attacker to tamper with product settings via a specially… |
CVE-2025-0160 | High | 8.1 | 2025-02-28 | IBM FlashSystem (IBM Storage Virtualize (8.5.0.0 through 8.5.0.13, 8.5.1.0, 8.5.2.0 through 8.5.2.3, 8.5.3.0 through 8.5.3.1, 8.5.4.0, 8.6.0.0 through 8.6.0.5… |
CVE-2025-23385 | High | 7.8 | 2025-01-28 | In JetBrains ReSharper before 2024.3.4, 2024.2.8, and 2024.1.7, Rider before 2024.3.4, 2024.2.8, and 2024.1.7, dotTrace before 2024.3.4, 2024.2.8, and 2024.1.7… |
CVE-2023-4487 | High | 7.8 | 2023-09-05 | GE CIMPLICITY 2023 is by a process control vulnerability, which could allow a local attacker to insert malicious configuration files in the expected web serve… |
CVE-2020-11075 | High | 7.7 | 2020-05-27 | In Anchore Engine version 0.7.0, a specially crafted container image manifest, fetched from a registry, can be used to trigger a shell escape flaw in the ancho… |
CVE-2024-8207 | Medium | 6.4 | 2024-08-27 | In certain highly specific configurations of the host system and MongoDB server binary installation on Linux Operating Systems, it may be possible for a uninte… |
CVE-2026-26945 | Medium | 5.3 | 2026-03-18 | Dell Integrated Dell Remote Access Controller 9, 14G versions prior to 7.00.00.181, 15G and 16G versions prior to 7.20.10.50 and Dell Integrated Dell Remote Ac… |
CVE-2020-11081 | Medium | 5.3 | 2020-07-10 | osquery before version 4.4.0 enables a privilege escalation vulnerability. If a Window system is configured with a PATH that contains a user-writable directory… |
CVE-2025-46370 | Low | 3.3 | 2025-11-13 | Dell Alienware Command Center 6.x (AWCC), versions prior to 6.10.15.0, contain a Process Control vulnerability. A low privileged attacker with local access cou… |
CVE-2026-29046 | | 2026-03-06 | TinyWeb is a web server (HTTP, HTTPS) written in Delphi for Win32. Prior to version 2.04, TinyWeb accepts request header values and later maps them into CGI en… | |
CVE-2022-23748 | | 2022-11-17 | mDNSResponder.exe is vulnerable to DLL Sideloading attack. Executable improperly specifies how to load the DLL, from which folder and under what conditions. In… | |
CVE-2020-6024 | | 2021-01-20 | Check Point SmartConsole before R80.10 Build 185, R80.20 Build 119, R80.30 before Build 94, R80.40 before Build 415, and R81 before Build 548 were vulnerable t… | |
CVE-2020-6014 | | 2020-10-30 | Check Point Endpoint Security Client for Windows, with Anti-Bot or Threat Emulation blades installed, before version E83.20, tries to load a non-existent DLL d… | |
CVE-2019-8461 | | 2019-08-29 | Check Point Endpoint Security Initial Client for Windows before version E81.30 tries to load a DLL placed in any PATH location on a clean image without Endpoin… |