CWE-393
8 CVEs classified under CWE-393. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-49117 | High | 8.8 | 2024-12-10 | Windows Hyper-V Remote Code Execution Vulnerability |
CVE-2025-5987 | High | 8.1 | 2025-07-07 | A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detecte… |
CVE-2026-42246 | High | 7.4 | 2026-05-09 | Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.3.10, 0.4.24, 0.5.14, and 0.6.4, a man-in-the-mi… |
CVE-2023-37897 | High | 7.2 | 2023-07-18 | Grav is a file-based Web-platform built in PHP. Grav is subject to a server side template injection (SSTI) vulnerability. The fix for another SSTI vulnerabilit… |
CVE-2025-24531 | Medium | 6.7 | 2026-01-16 | In OpenSC pam_pkcs11 before 0.6.13, pam_sm_authenticate() wrongly returns PAM_IGNORE in many error situations (such as an error triggered by a smartcard before… |
CVE-2025-32414 | Medium | 5.6 | 2025-04-08 | In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an incorrect return val… |
CVE-2020-5401 | Medium | 5.3 | 2020-02-27 | Cloud Foundry Routing Release, versions prior to 0.197.0, contains GoRouter, which allows malicious clients to send invalid headers, causing caching layers to… |
CVE-2026-9058 | | 2026-05-25 | Szafir SDK returns a success status code from the cryptographic digital signature verification process (i.e. /VerifyingTaskItem/Signature/VerificationResult/Re… |