CWE-86
9 CVEs classified under CWE-86. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-31126 | Critical | 9.1 | 2023-05-09 | `org.xwiki.commons:xwiki-commons-xml` is an XML library used by the open-source wiki platform XWiki. The HTML sanitizer, introduced in version 14.6-rc-1, allow… |
CVE-2024-21864 | High | 7.8 | 2024-05-16 | Improper neutralization in some Intel(R) Arc(TM) & Iris(R) Xe Graphics software before version 31.0.101.5081 may allow an unauthenticated user to potentially e… |
CVE-2021-33158 | High | 7.2 | 2024-05-16 | Improper neutralization in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow a privileged user to potentia… |
CVE-2025-20168 | Medium | 5.4 | 2025-01-08 | A vulnerability in the web-based management interface of Cisco Common Services Platform Collector (CSPC) could allow an authenticated, remote attacker to condu… |
CVE-2025-20167 | Medium | 5.4 | 2025-01-08 | A vulnerability in the web-based management interface of Cisco Common Services Platform Collector (CSPC) could allow an authenticated, remote attacker to condu… |
CVE-2025-20166 | Medium | 5.4 | 2025-01-08 | A vulnerability in the web-based management interface of Cisco Common Services Platform Collector (CSPC) could allow an authenticated, remote attacker to condu… |
CVE-2026-28417 | Medium | 4.4 | 2026-02-27 | Vim is an open source, command line text editor. Prior to version 9.2.0073, an OS command injection vulnerability exists in the `netrw` standard plugin bundled… |
CVE-2023-22840 | Low | 3.3 | 2023-08-11 | Improper neutralization in software for the Intel(R) oneVPL GPU software before version 22.6.5 may allow an authenticated user to potentially enable denial of… |
CVE-2025-66606 | | 2026-02-09 | A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product does not properly encode URLs. An attacker could tamper… |