Weaknesses of type CWE-807
78 resultsCVE-2019-25711MEDIUMSpotFTP Password Recover 2.4.2 Denial of Service via Name FieldEPSS 0.2%CVE-2026-41299HIGHOpenClaw < 2026.3.28 - Client Identity Spoofing in chat.send Gateway Provenance GuardEPSS 0.2%CVE-2025-55735MEDIUMflaskBlog Stored XSS VulnerabilityEPSS 0.2%CVE-2019-25544MEDIUMPidgin 2.13.0 Denial of Service via Malformed UsernameEPSS 0.2%CVE-2019-25621MEDIUMPixel Studio 2.17 Denial of Service via Malformed InputEPSS 0.2%CVE-2023-0009HIGHGlobalProtect App: Local Privilege Escalation (PE) VulnerabilityEPSS 0.2%CVE-2024-28824HIGHPrivilege escalation in mk_informix pluginEPSS 0.2%CVE-2024-28829MEDIUMPrivilege escalation in mk_informix pluginEPSS 0.2%CVE-2026-53860LOWOpenClaw < 2026.5.7 - Sender Policy Bypass via Mutable Conversation Identifiers in BlueBubblesEPSS 0.2%CVE-2026-12058MEDIUMThe connection confirmation pop-up of a specific feature in the PcSuite can be bypassed.EPSS 0.2%CVE-2025-0117HIGHGlobalProtect App: Local Privilege Escalation (PE) VulnerabilityEPSS 0.1%CVE-2024-55354HIGHLucee before 5.4.7.3 LTS and 6 before 6.1.1.118, when an attacker can place files on the server, is vulnerable to a protection mechanism faiEPSS 0.1%CVE-2019-25594MEDIUMASPRunner.NET 10.1 Denial of Service via Table Name FieldEPSS 0.1%CVE-2026-48980MEDIUMpam_usb: getenv() used in PAM context allows environment variable injection into local-check logicEPSS 0.1%CVE-2025-53882MEDIUMThe logrotate configuration in the python-mailman of openSUSE allows the mailman user to sent SIGHUP to arbitrary proceessEPSS 0.1%CVE-2026-25931HIGHvscode-spell-checker has a workspace-trust bypass Code ExecutionEPSS 0.1%CVE-2026-41380HIGHOpenClaw < 2026.3.28 - Arbitrary Execution Allowlist via Wrapper Carrier ExecutablesEPSS 0.1%CVE-2026-41390HIGHOpenClaw < 2026.3.28 - Exec Allowlist Bypass via Unregistered /usr/bin/script WrapperEPSS 0.1%