CWE-789
159 CVEs classified under CWE-789. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-24201 | Critical | 9.8 | 2023-02-06 | Raffle Draw System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at get_ticket.php. |
CVE-2026-27809 | Critical | 9.1 | 2026-02-26 | psd-tools is a Python package for working with Adobe Photoshop PSD files. Prior to version 1.12.2, when a PSD file contains malformed RLE-compressed image data… |
CVE-2023-43632 | Critical | 9.0 | 2023-09-21 | As noted in the “VTPM.md” file in the eve documentation, “VTPM is a server listening on port 8877 in EVE, exposing limited functionality of the TPM to the cli… |
CVE-2022-36078 | High | 8.8 | 2022-09-02 | Binary provides encoding/decoding in Borsh and other formats. The vulnerability is a memory allocation vulnerability that can be exploited to allocate slices i… |
CVE-2021-34869 | High | 8.8 | 2022-01-25 | This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3-49160. An attacker must first obtain the… |
CVE-2021-34868 | High | 8.8 | 2022-01-25 | This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3-49160. An attacker must first obtain the… |
CVE-2025-62600 | High | 8.6 | 2026-02-03 | eprosima Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). Prior to 2.6.11, 2.14.6, 3.2.4… |
CVE-2025-62599 | High | 8.6 | 2026-02-03 | eprosima Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). Prior to 2.6.11, 2.14.6, 3.2.4… |
CVE-2024-20260 | High | 8.6 | 2024-10-23 | A vulnerability in the VPN and management web servers of the Cisco Adaptive Security Virtual Appliance (ASAv) and Cisco Secure Firewall Threat Defense Virtual… |
CVE-2020-24685 | High | 8.6 | 2021-02-09 | An unauthenticated specially crafted packet sent by an attacker over the network will cause a denial-of-service (DoS) vulnerability. Vulnerability allows attac… |
CVE-2021-34867 | High | 8.2 | 2022-01-25 | This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3-49160. An attacker must first obtain the… |
CVE-2021-34854 | High | 7.8 | 2021-10-25 | This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 (49160). An attacker must first obtain t… |
CVE-2026-20048 | High | 7.7 | 2026-02-25 | A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco Nexus 9000 Series Fabric Switches in ACI mode could allow an authenticated… |
CVE-2026-53917 | High | 7.5 | 2026-06-30 | Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Client, Apache ActiveMQ Broker. An authenti… |
CVE-2026-53916 | High | 7.5 | 2026-06-30 | Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp. An unauthenticated client that open… |
CVE-2026-50734 | High | 7.5 | 2026-06-30 | Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All. An unauthenticated network attacker… |
CVE-2026-48502 | High | 7.5 | 2026-06-22 | MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, MessagePackReader.ReadDateTime() can allocate stack memory based on an attac… |
CVE-2026-10142 | High | 7.5 | 2026-06-10 | kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in the protocol parser that allows a malicious broker or machine-in-the-middle attacker… |
CVE-2026-49975 | High | 7.5 | 2026-06-08 | Memory Allocation with Excessive Size Value vulnerability in Apache HTTP Server's mod_http leads to denial of service via malicious HTTP requests. This issue… |
CVE-2026-9538 | High | 7.5 | 2026-05-26 | Archive::Tar versions before 3.10 for Perl allow memory exhaustion via attacker controlled entry size field in tar header. _read_tar() reads each entry's payl… |