Weaknesses of type CWE-1286
80 resultsCVE-2025-24346HIGHA vulnerability in the “Proxy” functionality of the web application of ctrlX OS allows a remote authenticated (lowprivileged) attacker to maEPSS 0.4%CVE-2025-11573HIGHDenial of Service issue in Amazon.IonDotnetEPSS 0.4%CVE-2024-6173MEDIUM51l3nc3, member of the AXIS OS Bug Bounty Program, has found that a Guard Tour VAPIX API parameter allowed the use of arbitrary values allowEPSS 0.4%CVE-2025-8873HIGHArista EOS Dataplane Denial of Service via Malformed IPsec PacketEPSS 0.4%CVE-2025-20644MEDIUMIn Modem, there is a possible memory corruption due to incorrect error handling. This could lead to remote denial of service, if a UE has coEPSS 0.4%CVE-2026-21917HIGHJunos OS: SRX Series: Specifically malformed SSL packet causes FPC crashEPSS 0.4%CVE-2026-0663MEDIUMDenial of Service condition in M-Files ServerEPSS 0.4%CVE-2022-22176HIGHJunos OS: In a scenario with dhcp-security and option-82 configured jdhcpd crashes upon receipt of a malformed DHCP packetEPSS 0.4%CVE-2026-6442HIGHImproper Command Detection Logic Allows RCE in Cortex Code Command-Line InterfaceEPSS 0.4%CVE-2026-33778HIGHJunos OS: SRX Series, MX Series: When a specifically malformed first ISAKMP packet is received kmd/iked crashesEPSS 0.3%CVE-2025-30415HIGHDenial of service due to improper handling of malformed input. The following products are affected: Acronis Cyber Protect Cloud Agent (LinuxEPSS 0.3%CVE-2026-40198HIGHNet::CIDR::Lite versions before 0.23 for Perl does not validate IPv6 group count, which may allow IP ACL bypassEPSS 0.3%CVE-2025-46419MEDIUMWestermo WeOS 5 through 5.23.0 allows a reboot via a malformed ESP packet.EPSS 0.3%CVE-2024-6284MEDIUMImproper IPv4 and IPv6 byte order storage in github.com/google/nftablesEPSS 0.3%CVE-2025-24345MEDIUMA vulnerability in the “Hosts” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to mEPSS 0.3%CVE-2026-20114MEDIUMA vulnerability in the Lobby Ambassador web-based management API of Cisco IOS XE Software could allow an authenticated, remote attacker to eEPSS 0.3%CVE-2020-16220—Philips Patient Monitoring Devices Improper Validation of Syntactic Correctness of InputEPSS 0.3%CVE-2025-36262MEDIUMIBM Planning Analytics Local information disclosureEPSS 0.3%CVE-2026-50131HIGHFedify has an incomplete SSRF mitigation after GHSA-p9cg-vqcc-grcx: validatePublicUrl allows special-use IPv4 rangesEPSS 0.3%CVE-2023-44204MEDIUMJunos OS and Junos OS Evolved: The rpd will crash upon receiving a malformed BGP UPDATE messageEPSS 0.3%