CWE-475
12 CVEs classified under CWE-475. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-42009 | High | 7.5 | 2026-05-18 | A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering logic. The comparator fu… |
CVE-2025-47865 | High | 7.5 | 2025-06-17 | A Local File Inclusion vulnerability in a Trend Micro Apex Central widget below version 8.0.6955 could allow an attacker to gain remote code execution on affec… |
CVE-2024-10569 | High | 7.5 | 2025-03-20 | A vulnerability in the dataframe component of gradio-app/gradio (version git 98cbcae) allows for a zip bomb attack. The component uses pd.read_csv to process i… |
CVE-2024-20380 | High | 7.5 | 2024-04-18 | A vulnerability in the HTML parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device… |
CVE-2020-7925 | High | 7.5 | 2020-11-23 | Incorrect validation of user input in the role name parser may lead to use of uninitialized memory allowing an unauthenticated attacker to use a specially craf… |
CVE-2026-21690 | Medium | 6.3 | 2026-01-07 | iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color manage… |
CVE-2022-29207 | Medium | 5.5 | 2022-05-20 | TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, multiple TensorFlow operations misbehave in eager… |
CVE-2024-3099 | Medium | 5.4 | 2024-06-06 | A vulnerability in mlflow/mlflow version 2.11.1 allows attackers to create multiple models with the same name by exploiting URL encoding. This flaw can lead to… |
CVE-2025-47866 | Medium | 4.3 | 2025-06-17 | An unrestricted file upload vulnerability in a Trend Micro Apex Central widget below version 8.0.6955 could allow an attacker to upload arbitrary files on affe… |
CVE-2023-4874 | Medium | 4.3 | 2023-09-09 | Null pointer dereference when viewing a specially crafted email in Mutt >1.5.2 <2.2.12 |
CVE-2023-4875 | Low | 2.2 | 2023-09-09 | Null pointer dereference when composing from a specially crafted draft message in Mutt >1.5.2 <2.2.12 |
CVE-2023-2253 | | 2023-06-06 | A flaw was found in the `/v2/_catalog` endpoint in distribution/distribution, which accepts a parameter to control the maximum number of records returned (quer… |