Weaknesses of type CWE-184
134 resultsCVE-2018-16863HIGHIt was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An attacker could possibly exploit another variant of the flaw and bypassEPSS 1.2%CVE-2026-25951HIGHFUXA has a Path Traversal Sanitization BypassEPSS 1.2%CVE-2022-32763CRITICALA cross-site scripting (xss) sanitization vulnerability bypass exists in the SanitizeHtml functionality of Lansweeper lansweeper 10.1.1.0. AEPSS 1.1%CVE-2025-48732HIGHAn incomplete blacklist exists in the .htaccess sample of WWBN AVideo 14.4 and dev master commit 8a8954ff. A specially crafted HTTP request EPSS 1.1%CVE-2021-1133MEDIUMCisco Data Center Network Manager REST API VulnerabilitiesEPSS 1.1%CVE-2022-35962HIGHCrafted link in Zulip message can cause disclosure of credentialsEPSS 0.9%CVE-2026-33396CRITICALOneUptime has sandbox escape in Synthetic Monitor Playwright runtime allows project members to execute arbitrary commands on ProbeEPSS 0.8%CVE-2024-51745LOWWasmtime doesn't fully sandbox all the Windows device filenamesEPSS 0.8%CVE-2020-3384HIGHCisco Data Center Network Manager Command Injection VulnerabilityEPSS 0.8%CVE-2025-71323CRITICALpicklescan - Remote Code Execution via Unblocked ctypes ModuleEPSS 0.8%CVE-2026-56315CRITICALpicklescan - Remote Code Execution via Unblocked Standard Library ModulesEPSS 0.8%CVE-2022-23536MEDIUMAlertmanager can expose local files content via specially crafted configEPSS 0.8%CVE-2025-29822HIGHMicrosoft OneNote Security Feature Bypass VulnerabilityEPSS 0.7%CVE-2026-55743CRITICALOpenHuman desktop agent shell tool sandbox bypass leads to arbitrary command executionEPSS 0.7%CVE-2021-1255MEDIUMCisco Data Center Network Manager REST API VulnerabilitiesEPSS 0.7%CVE-2021-1135MEDIUMCisco Data Center Network Manager REST API VulnerabilitiesEPSS 0.6%CVE-2025-71320CRITICALpicklescan - Remote Code Execution via Incomplete Disallowed InputsEPSS 0.6%CVE-2026-54512HIGHjackson-databind: PolymorphicTypeValidator bypass via generic type parameters allows arbitrary class instantiationEPSS 0.6%CVE-2026-54513HIGHjackson-databind: Array subtype allowlist bypass in BasicPolymorphicTypeValidator (allowIfSubTypeIsArray)EPSS 0.6%CVE-2023-3374CRITICALPrivilege Escalation in BookreenEPSS 0.6%