Weaknesses of type CWE-345
369 resultsCVE-2024-33687HIGHInsufficient verification of data authenticity issue exists in NJ Series CPU Unit all versions and NX Series CPU Unit all versions. If a useEPSS 0.2%CVE-2023-3028HIGHImproper backend communication allows access and manipulation of the telemetry dataEPSS 0.2%CVE-2025-24807MEDIUMFast DDS does not verify Permissions CAEPSS 0.2%CVE-2026-43534CRITICALOpenClaw < 2026.4.10 - Unsanitized External Input in Agent Hook EventsEPSS 0.2%CVE-2026-32029MEDIUMOpenClaw < 2026.2.21 - Client IP Spoofing via X-Forwarded-For Header ParsingEPSS 0.2%CVE-2024-5684MEDIUMID Charger Connect & Pro - JWT-Null-AlgorithmEPSS 0.2%CVE-2026-56073CRITICALCap-go - OTP Bypass via Response Manipulation in Email VerificationEPSS 0.2%CVE-2026-3446MEDIUMBase64 decoding stops at first padded quad by defaultEPSS 0.2%CVE-2024-25584MEDIUMDovecot accepts dot LF DOT LF symbol as end of DATA command. RFC requires that it should always be CR LF DOT CR LF. This causes Dovecot to cEPSS 0.2%CVE-2026-34061MEDIUMnimiq/core-rs-albatross: Macro block proposal interlink bugEPSS 0.2%CVE-2024-47079MEDIUMUnauthorized usage of remote hardware module because of missing channel verificationEPSS 0.2%CVE-2026-6498MEDIUMFive Star Restaurant Reservations <= 2.7.16 - Unauthenticated Payment Bypass via PHP Type Juggling in 'payment_id' ParameterEPSS 0.2%CVE-2024-7847HIGHRSLogix™ 5 and RSLogix 500® Remote Code Execution Via VBA Embedded ScriptEPSS 0.2%CVE-2024-48916HIGHCeph is vulnerable to authentication bypass through RadosGWEPSS 0.2%CVE-2023-52546HIGHVulnerability of package name verification being bypassed in the Calendar app.
Impact: Successful exploitation of this vulnerability may affEPSS 0.2%CVE-2026-32231HIGHZeptoClaw: Generic webhook channel trusts caller-supplied identity fields; allowlist is checked against untrusted payload dataEPSS 0.2%CVE-2025-15598MEDIUMDataease SQLBot JWT Token auth.py validateEmbedded signature verificationEPSS 0.2%CVE-2019-16000MEDIUMCisco Umbrella Roaming Client for Windows Install VulnerabilityEPSS 0.2%CVE-2021-41203HIGHMissing validation during checkpoint loadingEPSS 0.2%CVE-2026-33143HIGHOneUptime: WhatsApp Webhook Missing Signature VerificationEPSS 0.2%