Weaknesses of type CWE-749
163 resultsCVE-2023-39226CRITICALDelta Electronics InfraSuite Device Master Exposed Dangerous Method Or FunctionEPSS 1.2%CVE-2026-30957CRITICALOneUptime Synthetic Monitor RCE via exposed Playwright browser objectEPSS 1.2%CVE-2023-40151CRITICALRed Lion Controls Sixnet RTU Exposed Dangerous Method Or FunctionEPSS 1.1%CVE-2023-51584HIGHVoltronic Power ViewPower USBCommEx shutdown Exposed Dangerous Method Remote Code Execution VulnerabilityEPSS 1.1%CVE-2023-50424CRITICALEscalation of Privileges in SAP BTP Security Services Integration Library ([Golang] github.com/sap/cloud-security-client-go)EPSS 1.1%CVE-2023-50423CRITICALEscalation of Privileges in SAP BTP Security Services Integration Library ([Python] cloud-pysec)EPSS 1.1%CVE-2023-49583CRITICALEscalation of Privileges in SAP BTP Security Services Integration Library ([Node.js] @sap/xssec)EPSS 1.1%CVE-2025-59403CRITICALThe Flock Safety Android Collins application (aka com.flocksafety.android.collins) 6.35.31 for Android lacks authentication. It is responsibEPSS 1.0%CVE-2023-40150CRITICALSoftneta MedDream PACS Exposed Dangerous Method or FunctionEPSS 1.0%CVE-2023-3656CRITICALUnauthenticated Remote Code ExecutionEPSS 1.0%CVE-2023-42032HIGHVisualware MyConnection Server doRTAAccessUPass Exposed Dangerous Method Information Disclosure VulnerabilityEPSS 0.9%CVE-2022-4136HIGHExposed Dangerous Method or Function in qmpaas/leadshopEPSS 0.9%CVE-2026-22208CRITICALOpenS100 Portrayal Engine Unrestricted Lua Standard Library AccessEPSS 0.9%CVE-2021-35243MEDIUMHTTP PUT & DELETE Methods EnabledEPSS 0.9%CVE-2019-5015CRITICALA local privilege escalation vulnerability exists in the Mac OS X version of Pixar Renderman 22.3.0's Install Helper helper tool. A user witEPSS 0.9%CVE-2025-9611HIGHMicrosoft Playwright MCP Server < 0.0.40 DNS Rebinding via Missing Origin Header ValidationEPSS 0.8%CVE-2024-25675CRITICALAn issue was discovered in MISP before 2.4.184. A client does not need to use POST to start an export generation process. This is related toEPSS 0.8%CVE-2023-39214HIGHExposure of sensitive information in Zoom Client SDK's before 5.15.5 may allow an authenticated user to enable a denial of service via netwoEPSS 0.8%CVE-2020-2503CRITICALStored cross-site scripting vulnerability in QESEPSS 0.8%CVE-2023-5389CRITICAL
An attacker could potentially exploit this vulnerability, leading to the ability to modify files on Honeywell Experion ControlEdge VirtualUEPSS 0.8%