CVEs classified under CWE-1285, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (26)
CVE-2026-33557 — CVSS 9.1 (critical): A possible security vulnerability has been identified in Apache Kafka. By default, the broker property `sasl.oauthbearer.jwt.validator.class…
CVE-2025-3755 — CVSS 9.1 (critical): Improper Validation of Specified Index, Position, or Offset in Input vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series…
CVE-2026-12681: Improper Validation of Specified Index, Position, or Offset in Input vulnerability in Google go-attestation. parseEfiSignatureList() does…
CVE-2024-36342 — CVSS 8.8 (high): Improper input validation in the GPU driver could allow an attacker to exploit a heap overflow potentially resulting in arbitrary code…
CVE-2025-20796 — CVSS 7.8 (high): In imgsys, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege if a…
CVE-2025-7849 — CVSS 7.8 (high): A memory corruption vulnerability due to improper error handling when a VILinkObj is null exists in NI LabVIEW that may result in arbitrary…
CVE-2025-7848 — CVSS 7.8 (high): A memory corruption vulnerability due to improper input validation in lvpict.cpp exists in NI LabVIEW that may result in arbitrary code…
CVE-2025-2634 — CVSS 7.8 (high): Out of bounds read vulnerability due to improper bounds checking in NI LabVIEW in fontmgr may result in information disclosure or arbitrary…
CVE-2025-2633 — CVSS 7.8 (high): Out of bounds read vulnerability due to improper bounds checking in NI LabVIEW in lvre!UDecStrToNum that may result in information…
CVE-2024-23612 — CVSS 7.8 (high): An improper error handling vulnerability in LabVIEW may result in remote code execution. Successful exploitation requires an attacker to…
CVE-2024-23609 — CVSS 7.8 (high): An improper error handling vulnerability in LabVIEW may result in remote code execution. Successful exploitation requires an attacker to…
CVE-2026-8036 — CVSS 7.1 (high): Improper input validation in NI-PAL may allow a local authenticated user to access arbitrary system memory, potentially leading to…
CVE-2023-36850 — CVSS 6.5 (medium): An Improper Validation of Specified Index, Position, or Offset in Input vulnerability in the Connectivity Fault Management(CFM) module of…
CVE-2019-25625 — CVSS 6.2 (medium): Blob Studio 2.17 contains a denial of service vulnerability that allows local attackers to crash the application by providing malformed…
CVE-2019-25622 — CVSS 6.2 (medium): Paint Studio 2.17 contains a denial of service vulnerability that allows local attackers to crash the application by providing malformed…
CVE-2026-9100 — CVSS 5.9 (medium): The MongoDB C Driver's legacy GridFS API accepts malformed file metadata from the database without adequate validation. Crafted documents…
CVE-2025-2399 — CVSS 5.9 (medium): Improper Validation of Specified Index, Position, or Offset in Input vulnerability in Mitsubishi Electric CNC M800V Series M800VW and…
CVE-2018-25232 — CVSS 5.5 (medium): Softros LAN Messenger 9.2 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an…
CVE-2019-25593 — CVSS 5.5 (medium): jetCast Server 2.0 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an…
CVE-2025-48511 — CVSS 5.5 (medium): Improper input validation within AMD uprof can allow a local attacker to write to an arbitrary physical address, potentially resulting in…
CVE-2025-48502 — CVSS 5.5 (medium): Improper input validation within AMD uprof can allow a local attacker to overwrite MSR registers, potentially resulting in crash or denial…
CVE-2025-8291 — CVSS 4.3 (medium): The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory (EOCD) Locator record offset value would not be…
CVE-2024-0123 — CVSS 3.3 (low): NVIDIA CUDA toolkit for Windows and Linux contains a vulnerability in the nvdisasm command line tool where an attacker may cause an…
CVE-2023-0859 — CVSS 2.2 (low): Arbitrary Files can be installed in the Setting Data Import function of Office / Small Office Multifunction Printers and Laser Printers(*)…