CVEs classified under CWE-1104, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (15)
CVE-2025-12104 — CVSS 9.8 (critical): Outdated and Vulnerable UI Dependencies might potentially lead to exploitation.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through…
CVE-2025-34192 — CVSS 9.8 (critical): Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.893 and Application versions prior to 20.0.2140…
CVE-2025-10220 — CVSS 9.8 (critical): Use of Unmaintained Third Party Components (CWE-1104) in the NuGet dependency components in AxxonSoft Axxon One VMS 2.0.0 through 2.0.4 on…
CVE-2023-7102 — CVSS 9.8 (critical): Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. Barracuda ESG Appliance which allowed Parameter…
CVE-2024-11999 — CVSS 8.8 (high): CWE-1104: Use of Unmaintained Third-Party Components vulnerability exists that could cause complete control of the device when an…
CVE-2022-46871 — CVSS 8.8 (high): An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox < 108.
CVE-2026-41468 — CVSS 8.7 (high): Beghelli Sicuro24 SicuroWeb embeds AngularJS 1.5.2, an end-of-life component containing known sandbox escape primitives. When combined with…
CVE-2025-3497 — CVSS 8.7 (high): The Linux distribution underlying the Radiflow iSAP Smart Collector (CentOS 7 - VSAP 1.20) is obsolete and reached end of life (EOL) on…
CVE-2026-21821 — CVSS 8.3 (high): The HCL BigFix SCM Reporting site contains an outdated and unsupported version of the jQuery 1.x library. Since jQuery 1.x has reached…
CVE-2025-20010 — CVSS 7.8 (high): Use of unmaintained third party components for some Intel(R) Processor Identification Utility before version 8.0.43 within Ring 3: User…
CVE-2023-37524 — CVSS 7.7 (high): HCL Traveler for Microsoft Outlook (HTMO) is susceptible to vulnerabilities due to .NET Framework 4.5 being out of service. Since .NET…
CVE-2021-22142 — CVSS 6.6 (medium): Kibana contains an embedded version of the Chromium browser that the Reporting feature uses to generate the downloadable reports. If a user…
CVE-2025-52658 — CVSS 3.5 (low): HCL MyXalytics is affected by the use of vulnerable/outdated versions which can expose the application to known security risks that could…
CVE-2025-55277 — CVSS 2.6 (low): HCL Aftermarket DPC is affected by Use of Vulnerable/Outdated Versions vulnerability using which an attacker may make use of the exploits…