CWE-242
10 CVEs classified under CWE-242. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-52324 | Critical | 9.8 | 2024-12-06 | Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x uses an inherently dangerous function which could allow an attacker to send a malicious MQTT m… |
CVE-2026-6477 | High | 8.8 | 2026-05-14 | Use of inherently dangerous function PQfn(..., result_is_int=0, ...) in PostgreSQL libpq lo_export(), lo_read(), lo_lseek64(), and lo_tell64() functions allows… |
CVE-2025-49215 | High | 8.8 | 2025-06-17 | A post-auth SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to escalate privileges on affected installa… |
CVE-2017-0904 | High | 8.1 | 2017-11-13 | The private_address_check ruby gem before 0.4.0 is vulnerable to a bypass due to use of Ruby's Resolv.getaddresses method, which is OS-dependent and should not… |
CVE-2025-1994 | High | 7.8 | 2025-08-26 | IBM Cognos Command Center 10.2.4.1 and 10.2.5 could allow a local user to execute arbitrary code on the system due to the use of unsafe use of the BinaryFo… |
CVE-2025-1331 | High | 7.8 | 2025-05-08 | IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to the use of unsafe use… |
CVE-2021-42543 | High | 7.8 | 2021-11-05 | The affected application uses specific functions that could be abused through a crafted project file, which could lead to code execution, system reboot, and sy… |
CVE-2021-40698 | High | 7.4 | 2023-09-07 | ColdFusion version 2021 update 1 (and earlier) and versions 2018.10 (and earlier) are impacted by an Use of Inherently Dangerous Function vulnerability that ca… |
CVE-2022-36310 | | 2022-08-16 | Airspan AirVelocity 1500 software prior to version 15.18.00.2511 had NET-SNMP-EXTEND-MIB enabled on its snmpd service, enabling an attacker with SNMP write abi… | |
CVE-2017-1002157 | | 2019-01-10 | modulemd 1.3.1 and earlier uses an unsafe function for processing externally provided data, leading to remote code execution. |