CWE-453
15 CVEs classified under CWE-453. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-30206 | Critical | 9.8 | 2025-04-15 | Dpanel is a Docker visualization panel system which provides complete Docker management functions. The Dpanel service contains a hardcoded JWT secret in its de… |
CVE-2021-27426 | Critical | 9.8 | 2022-03-23 | GE UR IED firmware versions prior to version 8.1x with “Basic” security variant does not allow the disabling of the “Factory Mode,” which is used for servicing… |
CVE-2025-47945 | Critical | 9.1 | 2025-05-17 | Donetick an open-source app for managing tasks and chores. Prior to version 0.1.44, the application uses JSON Web Tokens (JWT) for authentication, but the sign… |
CVE-2022-47197 | Critical | 9.0 | 2023-01-19 | An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administr… |
CVE-2022-47196 | Critical | 9.0 | 2023-01-19 | An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administr… |
CVE-2022-47195 | Critical | 9.0 | 2023-01-19 | An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administr… |
CVE-2022-47194 | Critical | 9.0 | 2023-01-19 | An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administr… |
CVE-2024-21411 | High | 8.8 | 2024-03-12 | Skype for Consumer Remote Code Execution Vulnerability |
CVE-2024-49120 | High | 8.1 | 2024-12-10 | Windows Remote Desktop Services Remote Code Execution Vulnerability |
CVE-2023-27516 | High | 7.3 | 2023-10-12 | An authentication bypass vulnerability exists in the CiRpcAccepted() functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. A specially crafted network p… |
CVE-2022-46831 | Medium | 6.6 | 2022-12-08 | In JetBrains TeamCity between 2022.10 and 2022.10.1 connecting to AWS using the "Default Credential Provider Chain" allowed TeamCity project administrators to… |
CVE-2024-39916 | Medium | 6.4 | 2024-07-12 | FOG is a free open-source cloning/imaging/rescue suite/inventory management system. There is a security issue with the NFS configuration in /etc/exports genera… |
CVE-2026-41330 | Medium | 4.4 | 2026-04-20 | OpenClaw before 2026.3.31 contains an environment variable override vulnerability in host exec policy that fails to properly enforce proxy, TLS, Docker, and Gi… |
CVE-2025-61926 | | 2025-10-09 | Allstar is a GitHub App to set and enforce security policies. In versions prior to 4.5, a vulnerability in Allstar’s Reviewbot component caused inbound webhook… | |
CVE-2022-3262 | | 2022-12-08 | A flaw was found in Openshift. A pod with a DNSPolicy of "ClusterFirst" may incorrectly resolve the hostname based on a service provided. This flaw allows an a… |