CVEs classified under CWE-232, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2025-20192 — CVSS 7.7 (high): A vulnerability in the Internet Key Exchange version 1 (IKEv1) implementation of Cisco IOS XE Software could allow an authenticated, remote…
CVE-2025-40775 — CVSS 7.5 (high): When an incoming DNS protocol message includes a Transaction Signature (TSIG), BIND always checks it. If the TSIG contains an invalid value…
CVE-2023-39915 — CVSS 7.5 (high): NLnet Labs' Routinator up to and including version 0.12.1 may crash when trying to parse certain malformed RPKI objects. This is due to…
CVE-2023-39914 — CVSS 7.5 (high): NLnet Labs' bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data…
CVE-2023-2968 — CVSS 7.5 (high): A remote attacker can trigger a denial of service in the socket.remoteAddress variable, by sending a crafted HTTP request. Usage of the…
CVE-2025-20314 — CVSS 6.7 (medium): A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker with level-15 privileges or an unauthenticated…
CVE-2023-36848 — CVSS 6.5 (medium): An Improper Handling of Undefined Values vulnerability in the periodic packet management daemon (PPMD) of Juniper Networks Junos OS on MX…
CVE-2022-22213 — CVSS 5.9 (medium): A vulnerability in Handling of Undefined Values in the routing protocol daemon (RPD) process of Juniper Networks Junos OS and Junos OS…
CVE-2021-34705 — CVSS 5.3 (medium): A vulnerability in the Voice Telephony Service Provider (VTSP) service of Cisco IOS Software and Cisco IOS XE Software could allow an…
CVE-2021-3718 — CVSS 4.3 (medium): A denial of service vulnerability was reported in some ThinkPad models that could cause a system to crash when the Enhanced Biometrics…