Weaknesses of type CWE-653
54 resultsCVE-2025-4083CRITICALProcess isolation bypass using "javascript:" URI links in cross-origin framesEPSS 0.4%CVE-2024-23683HIGHArtemis Java Test Sandbox InvocationTargetException Subclass EscapeEPSS 0.4%CVE-2024-23682HIGHArtemis Java Test Sandbox Class Loading EscapeEPSS 0.4%CVE-2025-3086MEDIUMUser in anonymous role could create and delete viewsEPSS 0.3%CVE-2024-57723MEDIUMlunasvg v3.0.0 was discovered to contain a segmentation violation via the component composition_source_over.EPSS 0.3%CVE-2024-57720MEDIUMlunasvg v3.0.0 was discovered to contain a segmentation violation via the component plutovg_blend.EPSS 0.3%CVE-2024-57721MEDIUMlunasvg v3.0.0 was discovered to contain a segmentation violation via the component plutovg_path_add_path.EPSS 0.3%CVE-2023-29580MEDIUMyasm 1.3.0.55.g101bc was discovered to contain a segmentation violation via the component yasm_expr_create at /libyasm/expr.c.EPSS 0.3%CVE-2025-5476MEDIUMSony XAV-AX8500 Bluetooth Improper Isolation Authentication Bypass VulnerabilityEPSS 0.3%CVE-2024-0137MEDIUMNVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted codeEPSS 0.3%CVE-2025-12695MEDIUMInsecure configuration in DSPy lead to arbitrary file read when running untrusted code inside the sandboxEPSS 0.3%CVE-2025-26393MEDIUMSolarWinds Service Desk Broken Access Control VulnerabilityEPSS 0.3%CVE-2024-30388HIGHJunos OS: QFX5000 Series and EX Series: Specific malformed LACP packets will cause flapsEPSS 0.3%CVE-2026-34775MEDIUMElectron: nodeIntegrationInWorker not correctly scoped in shared renderer processesEPSS 0.3%CVE-2025-46215MEDIUMAn Improper Isolation or Compartmentalization vulnerability [CWE-653] in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4.0 throuEPSS 0.3%CVE-2025-34201HIGHVasion Print (formerly PrinterLogic) Lack of Network Segmentation Between Docker InstancesEPSS 0.3%CVE-2026-5600MEDIUMA new API endpoint introduced in pretix 2025 that is supposed to
return all check-in events of a specific event in fact returns all
check-EPSS 0.3%CVE-2026-41174MEDIUMTraefik Kubernetes CRD allows unauthorized cross-namespace middleware bindingEPSS 0.3%CVE-2024-5801MEDIUMIP Forwarding enabled in B&R Automation RuntimeEPSS 0.3%CVE-2026-4325MEDIUMKeycloak: keycloak: replay of action tokens via improper handling of single-use entriesEPSS 0.3%