Weaknesses of type CWE-242
10 resultsCVE-2017-1002157—modulemd 1.3.1 and earlier uses an unsafe function for processing externally provided data, leading to remote code execution.EPSS 2.8%CVE-2017-0904—The private_address_check ruby gem before 0.4.0 is vulnerable to a bypass due to use of Ruby's Resolv.getaddresses method, which is OS-depenEPSS 2.4%CVE-2022-36310—Airspan AirVelocity 1500 software prior to version 15.18.00.2511 had NET-SNMP-EXTEND-MIB enabled on its snmpd service, enabling an attacker EPSS 1.3%CVE-2021-42543HIGHAzeoTech DAQFactoryEPSS 0.8%CVE-2024-52324CRITICALRuijie Reyee OS Use of Inherently Dangerous FunctionEPSS 0.7%CVE-2021-40698HIGHColdFusion Use of Inherently Dangerous Function Leads To Security feature bypass EPSS 0.5%CVE-2025-49215HIGHA post-auth SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to escalate privileges oEPSS 0.3%CVE-2026-6477HIGHPostgreSQL libpq lo_* functions let server superuser overwrite client stack memoryEPSS 0.3%CVE-2025-1331HIGHIBM CICS TX code executionEPSS 0.2%CVE-2025-1994HIGHIBM Cognos Command Center code executionEPSS 0.1%