CWE-232
11 CVEs classified under CWE-232. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-20192 | High | 7.7 | 2025-05-07 | A vulnerability in the Internet Key Exchange version 1 (IKEv1) implementation of Cisco IOS XE Software could allow an authenticated, remote attacker to cause a… |
CVE-2025-40775 | High | 7.5 | 2025-05-21 | When an incoming DNS protocol message includes a Transaction Signature (TSIG), BIND always checks it. If the TSIG contains an invalid value in the algorithm f… |
CVE-2023-39915 | High | 7.5 | 2023-09-13 | NLnet Labs' Routinator up to and including version 0.12.1 may crash when trying to parse certain malformed RPKI objects. This is due to insufficient input chec… |
CVE-2023-39914 | High | 7.5 | 2023-09-13 | NLnet Labs' bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This… |
CVE-2023-2968 | High | 7.5 | 2023-05-30 | A remote attacker can trigger a denial of service in the socket.remoteAddress variable, by sending a crafted HTTP request. Usage of the undefined variable rais… |
CVE-2025-20314 | Medium | 6.7 | 2025-09-24 | A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker with level-15 privileges or an unauthenticated attacker with physical acc… |
CVE-2026-21689 | Medium | 6.5 | 2026-01-07 | iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color manage… |
CVE-2023-36848 | Medium | 6.5 | 2023-07-14 | An Improper Handling of Undefined Values vulnerability in the periodic packet management daemon (PPMD) of Juniper Networks Junos OS on MX Series(except MPC10… |
CVE-2022-22213 | Medium | 5.9 | 2022-07-20 | A vulnerability in Handling of Undefined Values in the routing protocol daemon (RPD) process of Juniper Networks Junos OS and Junos OS Evolved may allow an una… |
CVE-2021-34705 | Medium | 5.3 | 2021-09-23 | A vulnerability in the Voice Telephony Service Provider (VTSP) service of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote a… |
CVE-2021-3718 | Medium | 4.3 | 2021-11-12 | A denial of service vulnerability was reported in some ThinkPad models that could cause a system to crash when the Enhanced Biometrics setting is enabled in BI… |