CVEs classified under CWE-230, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (12)
CVE-2024-11024 — CVSS 9.8 (critical): The AppPresser – Mobile App Framework plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up…
CVE-2024-10508 — CVSS 9.8 (critical): The RegistrationMagic – User Registration Plugin with Custom Registration Forms plugin for WordPress is vulnerable to privilege…
CVE-2026-20086 — CVSS 8.6 (high): A vulnerability in the processing of Control and Provisioning of Wireless Access Points (CAPWAP) packets of Cisco IOS XE Wireless…
CVE-2024-9781 — CVSS 7.8 (high): AppleTalk and RELOAD Framing dissector crash in Wireshark 4.4.0 and 4.2.0 to 4.2.7 allows denial of service via packet injection or crafted…
CVE-2024-0048 — CVSS 7.8 (high): In Session of AccountManagerService.java, there is a possible method to retain foreground service privileges due to incorrect handling of…
CVE-2024-0208 — CVSS 7.8 (high): GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted…
CVE-2026-25659 — CVSS 6.5 (medium): Ericsson Packet Core Gateway (PCG) versions prior to 1.30 contain an Improper Handling of Missing Values (CWE-230) vulnerability where an…
CVE-2026-25658 — CVSS 6.5 (medium): Ericsson Packet Core Gateway (PCG) versions prior to 1.30 contain an Improper Handling of Missing Values (CWE-230) vulnerability where an…
CVE-2026-1461 — CVSS 6.5 (medium): The Simple Membership plugin for WordPress is vulnerable to Improper Handling of Missing Values in all versions up to, and including, 4.7.0…
CVE-2025-23225 — CVSS 6.5 (medium): IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD could allow an authenticated user to cause a denial of service due to the improper handling of…
CVE-2024-6237 — CVSS 6.5 (medium): A flaw was found in the 389 Directory Server. This flaw allows an unauthenticated user to cause a systematic server crash while sending a…
CVE-2023-1697 — CVSS 6.5 (medium): An Improper Handling of Missing Values vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an adjacent…