CVEs classified under CWE-241, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (24)
CVE-2021-40116 — CVSS 8.6 (high): Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an unauthenticated, remote attacker to cause a…
CVE-2022-39064 — CVSS 8.1 (high): An attacker sending a single malformed IEEE 802.15.4 (Zigbee) frame makes the TRÅDFRI bulb blink, and if they replay (i.e. resend) the…
CVE-2025-63548 — CVSS 7.5 (high): An issue in Eprosima Micro-XREC-DDS Agent v.3.0.1 allows a remote attacker to cause a denial of service via a packet specially crafted to…
CVE-2025-2268 — CVSS 7.5 (high): The HP LaserJet MFP M232-M237 Printer Series may be vulnerable to a denial of service attack when a specially crafted request message is…
CVE-2022-3029 — CVSS 7.5 (high): In NLnet Labs Routinator 0.9.0 up to and including 0.11.2, due to a mistake in error handling, data in RRDP snapshot and delta files that…
CVE-2022-24668 — CVSS 7.5 (high): A program using swift-nio-http2 is vulnerable to a denial of service attack caused by a network peer sending ALTSVC or ORIGIN frames. This…
CVE-2026-47110 — CVSS 6.5 (medium): Tiptap for PHP before version 2.1.1 contains an input validation vulnerability that allows authenticated attackers to cause a denial of…
CVE-2024-0151 — CVSS 6.5 (medium): Insufficient argument checking in Secure state Entry functions in software using Cortex-M Security Extensions (CMSE), that has been…
CVE-2022-39065 — CVSS 6.5 (medium): A single malformed IEEE 802.15.4 (Zigbee) frame makes the TRÅDFRI gateway unresponsive, such that connected lighting cannot be controlled…
CVE-2022-22219 — CVSS 5.9 (medium): Due to the Improper Handling of an Unexpected Data Type in the processing of EVPN routes on Juniper Networks Junos OS and Junos OS Evolved…
CVE-2023-28961 — CVSS 5.8 (medium): An Improper Handling of Unexpected Data Type vulnerability in IPv6 firewall filter processing of Juniper Networks Junos OS on the ACX…
CVE-2025-66550 — CVSS 5.7 (medium): Nextcloud Calendar is a calendar app for Nextcloud. Prior to 4.7.17 and 5.2.4, when a malicious user creates a calendar event with a…
CVE-2022-22193 — CVSS 5.5 (medium): An Improper Handling of Unexpected Data Type vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS…
CVE-2025-1004 — CVSS 5.3 (medium): Certain HP LaserJet Pro printers may potentially experience a denial of service when a user sends a raw JPEG file to the printer via IPP…
CVE-2024-9423 — CVSS 5.3 (medium): Certain HP LaserJet printers may potentially experience a denial of service when a user sends a raw JPEG file to the printer. The printer…
CVE-2024-25966 — CVSS 5.3 (medium): Dell PowerScale OneFS versions 8.2.x through 9.7.0.2 contains an improper handling of unexpected data type vulnerability. A remote…
CVE-2024-21935 — CVSS 5.0 (medium): Improper input validation in Satellite Management Controller (SMC) may allow an attacker with privileges to manipulate Redfish® API…
CVE-2024-21927 — CVSS 5.0 (medium): Improper input validation in Satellite Management Controller (SMC) may allow an attacker with privileges to use certain special characters…
CVE-2021-0243 — CVSS 4.7 (medium): Improper Handling of Unexpected Data in the firewall policer of Juniper Networks Junos OS on EX4300 switches allows matching traffic to…
CVE-2024-37316 — CVSS 4.6 (medium): Nextcloud Calendar is a calendar app for Nextcloud. Authenticated users could create an event with manipulated attachment data leading to a…
CVE-2022-20730 — CVSS 4.0 (medium): A vulnerability in the Security Intelligence feed feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated…
CVE-2021-32655 — CVSS 3.5 (low): Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.11, 20.0.10, and 21.0.2, an attacker is able…
CVE-2025-7339 — CVSS 3.4 (low): on-headers is a node.js middleware for listening to when a response writes headers. A bug in on-headers versions `<1.1.0` may result in…
CVE-2024-32268 — CVSS 3.3 (low): An issue in Tuya Smart camera U6N v.3.2.5 allows a remote attacker to cause a denial of service via a crafted packet to the network…