CWE-372
8 CVEs classified under CWE-372. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-31127 | Critical | 9.1 | 2023-05-08 | libspdm is a sample implementation that follows the DMTF SPDM specifications. A vulnerability has been identified in SPDM session establishment in libspdm prio… |
CVE-2023-4012 | High | 7.5 | 2023-08-07 | ntpd will crash if the server is not NTS-enabled (no certificate) and it receives an NTS-enabled client request (mode 3). |
CVE-2026-41388 | Medium | 6.5 | 2026-04-28 | OpenClaw before 2026.3.31 contains a configuration management vulnerability where startup migration treats empty-array settings as missing values. Attackers ca… |
CVE-2026-41340 | Medium | 6.5 | 2026-04-23 | OpenClaw before 2026.3.31 contains an authentication boundary vulnerability where Telegram legacy allowFrom migration incorrectly fans default-account trust in… |
CVE-2026-41300 | Medium | 6.5 | 2026-04-20 | OpenClaw before 2026.3.31 contains a trust-decline vulnerability that preserves attacker-discovered endpoints in remote onboarding flows. Attackers can route g… |
CVE-2023-36834 | Medium | 6.5 | 2023-07-14 | An Incomplete Internal State Distinction vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on SRX 4600 and SRX 5000 Series allow… |
CVE-2021-25735 | Medium | 6.5 | 2021-09-06 | A security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook. Clusters are only affected by this vu… |
CVE-2020-27222 | | 2021-02-03 | In Eclipse Californium version 2.3.0 to 2.6.0, the certificate based (x509 and RPK) DTLS handshakes accidentally fails, because the DTLS server side sticks to… |