CWE-228
16 CVEs classified under CWE-228. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-20125 | High | 7.7 | 2026-03-25 | A vulnerability in the HTTP Server feature of Cisco IOS Software and Cisco IOS XE Software Release 3E could allow an authenticated, remote attacker to cause an… |
CVE-2026-42100 | High | 7.5 | 2026-05-19 | Improper Handling of Syntactically Invalid Structure in Sparx Pro Cloud Server allows Denial of Service (DoS) attack to be executed by sending an specially cra… |
CVE-2026-34232 | High | 7.5 | 2026-04-17 | Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the xdr_status_vector() function does not handl… |
CVE-2024-21612 | High | 7.5 | 2024-01-12 | An Improper Handling of Syntactically Invalid Structure vulnerability in Object Flooding Protocol (OFP) service of Juniper Networks Junos OS Evolved allow… |
CVE-2021-38443 | Medium | 6.6 | 2022-05-05 | Eclipse CycloneDDS versions prior to 0.8.0 improperly handle invalid structures, which may allow an attacker to write arbitrary values in the XML parser. |
CVE-2025-59174 | Medium | 6.5 | 2026-06-05 | Ericsson Packet Core Controller (PCC) versions prior to 1.39 contain a vulnerability where an attacker sending a large volume of specially crafted messages may… |
CVE-2018-5381 | Medium | 6.5 | 2018-02-19 | The Quagga BGP daemon (bgpd) prior to version 1.2.3 has a bug in its parsing of "Capabilities" in BGP OPEN messages, in the bgp_packet.c:bgp_capability_msg_par… |
CVE-2024-6382 | Medium | 6.4 | 2024-07-02 | Incorrect handling of certain string inputs may result in MongoDB Rust driver constructing unintended server commands. This may cause unexpected application be… |
CVE-2024-55594 | Medium | 5.5 | 2025-03-14 | An improper handling of syntactically invalid structure in Fortinet FortiWeb at least vesrions 7.4.0 through 7.4.6 and 7.2.0 through 7.2.10 and 7.0.0 through 7… |
CVE-2023-42784 | Medium | 5.5 | 2025-03-11 | An improper handling of syntactically invalid structure in Fortinet FortiWeb at least verions 7.4.0 through 7.4.6 and 7.2.0 through 7.2.10 and 7.0.0 through 7… |
CVE-2024-53828 | Medium | 5.3 | 2026-04-01 | Ericsson Packet Core Controller (PCC) versions prior to 1.38 contain a vulnerability where an attacker sending a large volume of specially crafted messages may… |
CVE-2021-36199 | Medium | 5.3 | 2022-01-14 | Running a vulnerability scanner against VideoEdge NVRs can cause some functionality to stop. |
CVE-2025-2529 | Low | 2.9 | 2025-10-15 | Applications using affected versions of Ehcache 3.x can experience degraded cache-write performance if the application using Ehcache utilizes keys sourced from… |
CVE-2025-47736 | Low | 2.9 | 2025-05-09 | dialect/mod.rs in the libsql-sqlite3-parser crate through 0.13.0 before 14f422a for Rust can crash if the input is not valid UTF-8. |
CVE-2026-25657 | | 2026-06-05 | Ericsson Packet Core Gateway (PCG) versions prior to 1.30 contain an Improper Handling of Syntactically Invalid Structure (CWE-228) vulnerability where an atta… | |
CVE-2020-27847 | | 2021-05-28 | A vulnerability exists in the SAML connector of the github.com/dexidp/dex library used to process SAML Signature Validation. This flaw allows an attacker to by… |