Weaknesses of type CWE-693
556 resultsCVE-2022-48219MEDIUMPotential vulnerabilities have been identified in certain HP Desktop PC products using the HP TamperLock feature, which might allow intrusioEPSS 0.3%CVE-2022-46329HIGHProtection mechanism failure for some Intel(R) PROSet/Wireless WiFi software may allow a privileged user to potentially enable escalation ofEPSS 0.3%CVE-2025-48534HIGHIn getDefaultCBRPackageName of CellBroadcastHandler.java, there is a possible escalation of privilege due to a logic error in the code. ThisEPSS 0.3%CVE-2026-50564CRITICALFission Environment CRD podspec passthrough enables hostPID/hostNetwork/privileged pods, node escapeEPSS 0.3%CVE-2025-64763LOWEnvoy forwards early CONNECT data in TCP proxy modeEPSS 0.3%CVE-2024-46976MEDIUMCircumvention of cross site scripting Protection in @backstage/plugin-techdocs-backendEPSS 0.3%CVE-2026-44646MEDIUMLiquidJS: `{% render %}` tag silently bypasses per-render `ownPropertyOnly:true` via `Context.spawn()`EPSS 0.3%CVE-2026-43660HIGHA validation issue was addressed with improved logic. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS EPSS 0.3%CVE-2020-7277MEDIUMMcAfee processes not protectedEPSS 0.3%CVE-2026-26994MEDIUMuTLS ServerHellos are accepted without checking TLS 1.3 downgrade canariesEPSS 0.3%CVE-2026-47135HIGHvm2: Sandbox escape via unblocked cross-realm Symbol.for keys + missing bridge write-trap symbol checksEPSS 0.3%CVE-2026-45102CRITICALOneUptime: RCE due to Node.js' vm module escape via error objects and infinite recursionEPSS 0.3%CVE-2024-44122HIGHA logic issue was addressed with improved checks. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15, macOS Sonoma 14.7.1, macOS EPSS 0.3%CVE-2026-39421MEDIUMMaxKB: Sandbox escape via ctypes and unhooked SYS_pkey_mprotectEPSS 0.3%CVE-2025-49193MEDIUMMissing HTTP Security HeadersEPSS 0.3%CVE-2024-39836MEDIUMMunged email address used for password resets and notificationsEPSS 0.3%CVE-2026-5903MEDIUMPolicy bypass in IFrameSandbox in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific EPSS 0.3%CVE-2026-47676MEDIUMHono: app.mount() strips mount prefix using undecoded path, causing incorrect routing for percent-encoded pathsEPSS 0.3%CVE-2020-7320MEDIUMProtection Mechanism Failure in ENS for WindowsEPSS 0.3%CVE-2023-0002MEDIUMCortex XDR Agent: Product Disruption by Local Windows UserEPSS 0.3%