CWE-477
16 CVEs classified under CWE-477. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-49217 | Critical | 9.8 | 2025-06-17 | An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code execution on affected… |
CVE-2025-49216 | Critical | 9.8 | 2025-06-17 | An authentication bypass vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to access key methods as an admin user and m… |
CVE-2025-49213 | Critical | 9.8 | 2025-06-17 | An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code execution on affected… |
CVE-2025-49212 | Critical | 9.8 | 2025-06-17 | An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code execution on affected… |
CVE-2025-49220 | Critical | 9.8 | 2025-06-17 | An insecure deserialization operation in Trend Micro Apex Central below version 8.0.7007 could lead to a pre-authentication remote code execution on affected i… |
CVE-2025-49219 | Critical | 9.8 | 2025-06-17 | An insecure deserialization operation in Trend Micro Apex Central below versions 8.0.7007 could lead to a pre-authentication remote code execution on affected… |
CVE-2025-49214 | High | 8.8 | 2025-06-17 | An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a post-authentication remote code execution on affected… |
CVE-2022-1384 | Medium | 4.7 | 2022-04-19 | Mattermost version 6.4.x and earlier fails to properly check the plugin version when a plugin is installed from the Marketplace, which allows an authenticated… |
CVE-2023-28829 | Low | 3.9 | 2023-06-13 | A vulnerability has been identified in SIMATIC NET PC Software V14 (All versions), SIMATIC NET PC Software V15 (All versions), SIMATIC PCS 7 V8.2 (All versions… |
CVE-2026-1693 | | 2026-02-26 | The OAuth grant type Resource Owner Password Credentials (ROPC) flow is still used by the werbservices used by the WebVue, WebScheduler, TouchVue and Snapvue f… | |
CVE-2023-23451 | | 2023-04-19 | The Flexi Classic and Flexi Soft Gateways SICK UE410-EN3 FLEXI ETHERNET GATEW. with serial number <=2311xxxx all Firmware versions, SICK UE410-EN1 FLEXI ETHERN… | |
CVE-2020-6978 | | 2020-03-24 | In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected product is vulnerable due to the usage of old jQuery libraries. | |
CVE-2019-18251 | | 2019-11-25 | In Omron CX-Supervisor, Versions 3.5 (12) and prior, Omron CX-Supervisor ships with Teamviewer Version 5.0.8703 QS. This version of Teamviewer is vulnerable to… | |
CVE-2019-10988 | | 2019-09-04 | In Philips HDI 4000 Ultrasound Systems, all versions running on old, unsupported operating systems such as Windows 2000, the HDI 4000 Ultrasound System is buil… | |
CVE-2019-10968 | | 2019-07-24 | Philips Holter 2010 Plus, all versions. A vulnerability has been identified that may allow system options that were not purchased to be enabled. | |
CVE-2018-17890 | | 2018-10-12 | NUUO CMS all versions 3.1 and prior, The application uses insecure and outdated software components for functionality, which could allow arbitrary code executi… |