CWE-657
17 CVEs classified under CWE-657. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-39888 | Critical | 10.0 | 2026-04-08 | PraisonAI is a multi-agent teams system. Prior to 1.5.115, execute_code() in praisonaiagents.tools.python_tools defaults to sandbox_mode="sandbox", which runs… |
CVE-2024-26139 | High | 8.3 | 2024-05-23 | OpenCTI is an open source platform allowing organizations to manage their cyber threat intelligence knowledge and observables. Due to lack of certain security… |
CVE-2023-29320 | High | 7.8 | 2023-08-10 | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Violation of Secure Design Principles vulnerability… |
CVE-2019-0061 | High | 7.8 | 2019-10-09 | The management daemon (MGD) is responsible for all configuration and management operations in Junos OS. The Junos CLI communicates with MGD over an internal un… |
CVE-2021-28583 | High | 7.5 | 2021-06-28 | Magento versions 2.4.2 (and earlier), 2.4.1-p1 (and earlier) and 2.3.6-p1 (and earlier) are affected by a Violation of Secure Design Principles vulnerability i… |
CVE-2024-57957 | Medium | 6.6 | 2025-02-06 | Vulnerability of improper log information control in the UI framework module Impact: Successful exploitation of this vulnerability may affect service confident… |
CVE-2025-24887 | Medium | 6.3 | 2025-04-30 | OpenCTI is an open-source cyber threat intelligence platform. In versions starting from 6.4.8 to before 6.4.10, the allow/deny lists can be bypassed, allowing… |
CVE-2022-28244 | Medium | 6.3 | 2022-05-11 | Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by a violation of secure design pr… |
CVE-2021-36061 | Medium | 5.4 | 2021-09-01 | Adobe Connect version 11.2.2 (and earlier) is affected by a secure design principles violation vulnerability via the 'pbMode' parameter. An unauthenticated att… |
CVE-2022-30683 | Medium | 5.3 | 2022-09-16 | Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a Violation of Secure Design Principles vulnerability that could lead to bypass the sec… |
CVE-2017-6032 | Medium | 5.3 | 2017-06-30 | A Violation of Secure Design Principles issue was discovered in Schneider Electric Modicon Modbus Protocol. The Modicon Modbus protocol has a session-related w… |
CVE-2025-54255 | Medium | 4.0 | 2025-09-09 | Acrobat Reader versions 24.001.30254, 20.005.30774, 25.001.20672 and earlier are affected by a Violation of Secure Design Principles vulnerability that could r… |
CVE-2021-44714 | Low | 2.5 | 2022-01-14 | Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a Violation of Secure Design Pr… |
CVE-2026-30792 | | 2026-03-05 | A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient (Strategy sync, HTTP API client, config op… | |
CVE-2020-8133 | | 2020-11-09 | A wrong generation of the passphrase for the encrypted block in Nextcloud Server 19.0.1 allowed an attacker to overwrite blocks in a file. | |
CVE-2019-15611 | | 2020-02-04 | Violation of Secure Design Principles in the iOS App 2.23.0 causes the app to leak its login and token to other Nextcloud services when search e.g. for federat… | |
CVE-2019-5478 | | 2019-09-03 | A weakness was found in Encrypt Only boot mode in Zynq UltraScale+ devices. This could lead to an adversary being able to modify the control fields of the boot… |