CWE-141
8 CVEs classified under CWE-141. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-28815 | Critical | 9.8 | 2025-10-17 | Some versions of Hikvision's iSecure Center Product contain insufficient parameter validation, resulting in a command injection vulnerability. Attackers may ex… |
CVE-2022-41665 | Critical | 9.8 | 2022-10-11 | A vulnerability has been identified in SICAM P850 (7KG8500-0AA00-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA00-2AA0) (All versions < V3.10), SICAM P8… |
CVE-2022-29873 | Critical | 9.8 | 2022-05-20 | A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices do not properly validate parameters of certain GET and POST requests. Th… |
CVE-2020-7868 | Critical | 9.6 | 2021-06-29 | A remote code execution vulnerability exists in helpUS(remote administration tool) due to improper validation of parameter of ShellExecutionExA function used f… |
CVE-2024-0840 | High | 8.8 | 2024-04-29 | The Grandstream UCM Series IP PBX before firmware version 1.0.20.52 is affected by a parameter injection vulnerability in the HTTP interface. A remote and auth… |
CVE-2022-29872 | High | 8.8 | 2022-05-20 | A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices do not properly validate parameters of POST requests. This could allow a… |
CVE-2025-31329 | Medium | 6.2 | 2025-05-13 | SAP NetWeaver is vulnerable to an Information Disclosure vulnerability caused by the injection of malicious instructions into user configuration settings. An a… |
CVE-2025-20338 | Medium | 6.0 | 2025-09-24 | A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with administrative privileges to execute arbitrary commands a… |