CWE-790
12 CVEs classified under CWE-790. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-22578 | Critical | 10.0 | 2023-02-16 | Due to improper artibute filtering in the sequalize js library, can a attacker peform SQL injections. |
CVE-2021-43802 | Critical | 9.9 | 2021-12-09 | Etherpad is a real-time collaborative editor. In versions prior to 1.8.16, an attacker can craft an `*.etherpad` file that, when imported, might allow the atta… |
CVE-2026-2328 | High | 7.5 | 2026-03-30 | An unauthenticated remote attacker can exploit insufficient input validation to access backend components beyond their intended scope via path traversal, resul… |
CVE-2026-9658 | High | 7.3 | 2026-05-28 | Plack::Middleware::Security::Common versions before 0.13.1 for Perl did not block header injections in request paths. The header injection rule was ineffectiv… |
CVE-2025-0431 | Medium | 5.8 | 2025-03-19 | Enterprise Protection contains a vulnerability in URL rewriting that allows an unauthenticated remote attacker to send an email which bypasses URL protections… |
CVE-2024-6540 | Medium | 5.7 | 2024-07-15 | Improper filtering of fields when using the export function in the ticket overview of the external interface in OTRS could allow an authorized user to download… |
CVE-2024-43443 | Medium | 4.9 | 2024-08-26 | Improper Neutralization of Input done by an attacker with admin privileges ('Cross-site Scripting') in Process Management modules of OTRS and ((OTRS)) Communit… |
CVE-2024-43442 | Medium | 4.9 | 2024-08-26 | Improper Neutralization of Input done by an attacker with admin privileges ('Cross-site Scripting') in OTRS (System Configuration modules) and ((OTRS)) Commun… |
CVE-2024-47984 | Medium | 4.4 | 2024-12-13 | Dell RecoverPoint for Virtual Machines 6.0.x contains Denial of Service vulnerability. A User with Remote access could potentially exploit this vulnerability… |
CVE-2025-27260 | | 2026-03-25 | Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains an Improper Filtering of Special Elements vulnerability which, if exploited, can lead to unauth… | |
CVE-2025-15576 | | 2026-03-09 | If two sibling jails are restricted to separate filesystem trees, which is to say that neither of the two jail root directories is an ancestor of the other, ja… | |
CVE-2024-42416 | | 2024-09-05 | The ctl_report_supported_opcodes function did not sufficiently validate a field provided by userspace, allowing an arbitrary write to a limited amount of kerne… |