Weaknesses of type CWE-670
95 resultsCVE-2025-32942HIGHSSH Tectia Server before 6.6.6 sometimes allows attackers to read and alter a user's session traffic.EPSS 0.2%CVE-2026-44928LOWIn uriparser before 1.0.2, the function family EqualsUri can misclassify two unequal URIs as equal.EPSS 0.2%CVE-2024-53134MEDIUMpmdomain: imx93-blk-ctrl: correct remove pathEPSS 0.2%CVE-2024-35312MEDIUMIn Tor Arti before 1.2.3, STUB circuits incorrectly have a length of 2 (with lite vanguards), aka TROVE-2024-003.EPSS 0.2%CVE-2024-0313MEDIUMA malicious insider exploiting this vulnerability can circumvent existing security controls put in place by the organization. On the contrarEPSS 0.2%CVE-2026-35414MEDIUMOpenSSH before 10.3 mishandles the authorized_keys principals option in uncommon scenarios involving a principals list in conjunction with aEPSS 0.2%CVE-2026-40960HIGHLuanti 5 before 5.15.2 sometimes allows unintended access to an insecure environment. If at least one mod is listed as secure.trusted_mods oEPSS 0.2%CVE-2026-12321MEDIUMJIT miscompilation in the JavaScript: WebAssembly componentEPSS 0.2%CVE-2023-20915HIGHIn addOrReplacePhoneAccount of PhoneAccountRegistrar.java, there is a possible way to enable a phone account without user interaction due toEPSS 0.1%CVE-2026-41988LOWuuid before 14.0.0 can make unexpected writes when external output buffers are used, and the UUID version is 3, 5, or 6. In particular, UUIDEPSS 0.1%CVE-2026-35343LOWuutils coreutils cut Inconsistent Output Suppression with Newline DelimitersEPSS 0.1%CVE-2026-40200HIGHAn issue was discovered in musl libc 0.7.10 through 1.2.6. Stack-based memory corruption can occur during qsort of very large arrays, due toEPSS 0.1%CVE-2025-33199LOWNVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause incorrect control flow behavior. A successfuEPSS 0.1%CVE-2026-41527MEDIUMKDE Kleopatra before 26.08.0 on Windows allows local users to obtain the privileges of a Kleopatra user, because there is an error in the meEPSS 0.1%CVE-2022-26461MEDIUMIn vow, there is a possible undefined behavior due to an API misuse. This could lead to local escalation of privilege with System execution EPSS 0.1%