CVEs classified under CWE-244, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (17)
CVE-2026-20039 — CVSS 8.6 (high): A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat…
CVE-2025-26305 — CVSS 8.2 (high): A memory leak has been identified in the parseSWF_SOUNDINFO function in util/parser.c of libming v0.4.8, which allows attackers to cause a…
CVE-2025-26304 — CVSS 8.2 (high): A memory leak has been identified in the parseSWF_EXPORTASSETS function in util/parser.c of libming v0.4.8.
CVE-2025-70873 — CVSS 7.5 (high): An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to…
CVE-2025-36118 — CVSS 7.5 (high): IBM Storage Virtualize 8.4, 8.5, 8.7, and 9.1 IKEv1 implementation allows remote attackers to obtain sensitive information from device…
CVE-2025-5105 — CVSS 7.3 (high): A vulnerability was found in TOZED ZLT W51 up to 1.4.2 and classified as critical. Affected by this issue is some unknown functionality of…
CVE-2025-45663 — CVSS 6.5 (medium): An issue in NetSurf v3.11 causes the application to read uninitialized heap memory when creating a dom_event structure.
CVE-2025-36083 — CVSS 6.2 (medium): IBM Concert Software 1.0.0 through 2.0.0 could allow a local user to obtain sensitive information from buffers due to improper clearing of…
CVE-2025-33101 — CVSS 5.9 (medium): IBM Concert 1.0.0 through 2.1.0 could allow an attacker to obtain sensitive information using man in the middle techniques due to improper…
CVE-2025-1722 — CVSS 5.9 (medium): IBM Concert 1.0.0 through 2.1.0 could allow a remote attacker to obtain sensitive information from allocated memory due to improper…
CVE-2025-1719 — CVSS 5.9 (medium): IBM Concert 1.0.0 through 2.1.0 could allow a remote attacker to obtain sensitive information from allocated memory due to improper…
CVE-2025-1721 — CVSS 5.9 (medium): IBM Concert 1.0.0 through 2.1.0 could allow a remote attacker to obtain sensitive information from allocated memory due to improper…
CVE-2022-20943 — CVSS 5.8 (medium): Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) processor of the Snort detection engine on multiple Cisco products…
CVE-2022-20922 — CVSS 5.8 (medium): Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) processor of the Snort detection engine on multiple Cisco products…
CVE-2023-20070 — CVSS 4.0 (medium): A vulnerability in the TLS 1.3 implementation of the Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote…
CVE-2023-20031 — CVSS 4.0 (medium): A vulnerability in the SSL/TLS certificate handling of Snort 3 Detection Engine integration with Cisco Firepower Threat Defense (FTD)…
CVE-2023-20177 — CVSS 4.0 (medium): A vulnerability in the SSL file policy implementation of Cisco Firepower Threat Defense (FTD) Software that occurs when the SSL/TLS…