CVEs classified under CWE-226, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (22)
CVE-2025-0647 — CVSS 7.9 (high): In certain Arm CPUs, a CPP RCTX instruction executed on one Processing Element (PE) may inhibit TLB invalidation when a TLBI is issued to…
CVE-2019-25560 — CVSS 7.5 (high): Lyric Video Creator 2.1 contains a denial of service vulnerability that allows attackers to crash the application by processing malformed…
CVE-2023-41138 — CVSS 7.5 (high): The AppsAnywhere macOS client-privileged helper can be tricked into executing arbitrary commands with elevated permissions by a local user…
CVE-2026-5795 — CVSS 7.4 (high): In Eclipse Jetty, the class JASPIAuthenticator initiates the authentication checks, which set two ThreadLocal variable. Upon returning from…
CVE-2026-32960 — CVSS 6.5 (medium): SD-330AC and AMC Manager provided by silex technology, Inc. contain an issue with a sensitive information in resource not removed before…
CVE-2025-2522 — CVSS 6.5 (medium): The Honeywell Experion PKS and OneWireless WDM contains Sensitive Information in Resource vulnerability in the component Control Data…
CVE-2025-11602: Potential information leak in bolt protocol handshake in Neo4j Enterprise and Community editions allows attacker to obtain one byte of…
CVE-2019-25645 — CVSS 6.2 (medium): WinAVI iPod/3GP/MP4/PSP Converter 4.4.2 contains a denial of service vulnerability that allows local attackers to crash the application by…
CVE-2019-25617 — CVSS 6.2 (medium): Ease Audio Converter 5.30 contains a denial of service vulnerability in the Audio Cutter function that allows local attackers to crash the…
CVE-2019-25571 — CVSS 6.2 (medium): MediaMonkey 4.1.23 contains a denial of service vulnerability that allows local attackers to crash the application by opening a specially…
CVE-2019-25563 — CVSS 6.2 (medium): PCHelpWareV2 1.0.0.5 contains a denial of service vulnerability that allows local attackers to crash the application by supplying a…
CVE-2019-25553 — CVSS 6.2 (medium): CEWE PHOTO IMPORTER 6.4.3 contains a denial of service vulnerability that allows local attackers to crash the application by importing a…
CVE-2024-21850 — CVSS 6.0 (medium): Sensitive information in resource not removed before reuse in some Intel(R) TDX Seamldr module software before version 1.5.02.00 may allow…
CVE-2019-25657 — CVSS 5.5 (medium): AnyBurn 4.3 x86 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively…
CVE-2025-13108 — CVSS 5.5 (medium): IBM DB2 Merge Backup for Linux, UNIX and Windows 12.1.0.0 could allow an attacker to access sensitive information in memory due to the…
CVE-2025-14858: The Semtech LR11xx LoRa transceivers running early versions of firmware contains an information disclosure vulnerability in its firmware…
CVE-2020-27218 — CVSS 4.8 (medium): In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request…
CVE-2025-33196 — CVSS 4.4 (medium): NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a resource to be reused. A successful…
CVE-2025-20622 — CVSS 3.8 (low): Sensitive information uncleared in resource before release for reuse for some Intel(R) NPU Drivers for Windows before version 32.0.100.4023…
CVE-2024-7883 — CVSS 3.7 (low): When using Arm Cortex-M Security Extensions (CMSE), Secure stack contents can be leaked to Non-secure state via floating-point registers…
CVE-2025-33198 — CVSS 3.3 (low): NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a resource to be reused. A successful…
CVE-2025-33200 — CVSS 2.3 (low): NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a resource to be reused. A successful…