CVEs classified under CWE-141, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2023-28815 — CVSS 9.8 (critical): Some versions of Hikvision's iSecure Center Product contain insufficient parameter validation, resulting in a command injection…
CVE-2022-41665 — CVSS 9.8 (critical): A vulnerability has been identified in SICAM P850 (7KG8500-0AA00-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA00-2AA0) (All…
CVE-2022-29873 — CVSS 9.8 (critical): A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices do not properly validate parameters of certain GET…
CVE-2020-7868 — CVSS 9.6 (critical): A remote code execution vulnerability exists in helpUS(remote administration tool) due to improper validation of parameter of…
CVE-2024-0840 — CVSS 8.8 (high): The Grandstream UCM Series IP PBX before firmware version 1.0.20.52 is affected by a parameter injection vulnerability in the HTTP…
CVE-2025-31329 — CVSS 6.2 (medium): SAP NetWeaver is vulnerable to an Information Disclosure vulnerability caused by the injection of malicious instructions into user…
CVE-2025-20338 — CVSS 6.0 (medium): A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with administrative privileges to execute…