CVEs classified under CWE-459, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (50)
CVE-2023-36468 — CVSS 9.9 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. When an XWiki installation is…
CVE-2022-45347 — CVSS 9.8 (critical): Apache ShardingSphere-Proxy prior to 5.3.0 when using MySQL as database backend didn't cleanup the database session completely after client…
CVE-2021-45330 — CVSS 9.8 (critical): An issue exsits in Gitea through 1.15.7, which could let a malicious user gain privileges due to client side cookies not being deleted and…
CVE-2021-45706 — CVSS 9.8 (critical): An issue was discovered in the zeroize_derive crate before 1.1.1 for Rust. Dropped memory is not zeroed out for an enum.
CVE-2021-32928 — CVSS 9.8 (critical): The Sentinel LDK Run-Time Environment installer (Versions 7.6 and prior) adds a firewall rule named “Sentinel License Manager” that…
CVE-2020-13451 — CVSS 9.8 (critical): An incomplete-cleanup vulnerability in the Office rendering engine of Gotenberg through 6.2.1 allows an attacker to overwrite LibreOffice…
CVE-2005-1744 — CVSS 9.8 (critical): BEA WebLogic Server and WebLogic Express 7.0 through Service Pack 5 does not log out users when an application is redeployed, which allows…
CVE-2026-34263 — CVSS 9.6 (critical): Due to improper Spring Security configuration, SAP Commerce Cloud allows an unauthenticated user to perform malicious input injection…
CVE-2025-6338: There is an incomplete cleanup vulnerability in Qt Network's Schannel support on Windows which can lead to a Denial of Service over a long…
CVE-2024-28265 — CVSS 9.1 (critical): IBOS v4.5.5 has an arbitrary file deletion vulnerability via \system\modules\dashboard\controllers\LoginController.php.
CVE-2022-1552 — CVSS 8.8 (high): A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another…
CVE-2020-24489 — CVSS 8.8 (high): Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially enable escalation of privilege via local…
CVE-2019-25016 — CVSS 8.8 (high): In OpenDoas from 6.6 to 6.8 the users PATH variable was incorrectly inherited by authenticated executions if the authenticating rule…
CVE-2019-18191 — CVSS 8.8 (high): A privilege escalation vulnerability in the Trend Micro Deep Security as a Service Quick Setup cloud formation template could allow an…
CVE-2018-18924 — CVSS 8.8 (high): The image-upload feature in ProjeQtOr 7.2.5 allows remote attackers to execute arbitrary code by uploading a .shtml file with "#exec cmd"…
CVE-2025-66675 — CVSS 8.2 (high): Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects…
CVE-2025-43711 — CVSS 8.1 (high): Tunnelblick 3.5beta06 before 7.0, when incompletely uninstalled, allows attackers to execute arbitrary code as root (upon the next boot) by…
CVE-2025-66467 — CVSS 8.0 (high): Missing MinIO policy cleanup on bucket deletion via Apache CloudStack allows users to retain access to buckets which they previously owned…
CVE-2025-37908 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: mm, slab: clean up slab->obj_exts always When memory allocation…
CVE-2022-45455 — CVSS 7.8 (high): Local privilege escalation due to incomplete uninstallation cleanup. The following products are affected: Acronis Cyber Protect Home Office…
CVE-2022-3238 — CVSS 7.8 (high): A double-free flaw was found in the Linux kernel’s NTFS3 subsystem in how a user triggers remount and umount simultaneously. This flaw…
CVE-2020-5987 — CVSS 7.8 (high): NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which guest-supplied parameters remain writable by the guest…
CVE-2020-0183 — CVSS 7.8 (high): In handleMessage of BluetoothManagerService, there is an incomplete reset. This could lead to local escalation of privilege with no…
CVE-2018-19961 — CVSS 7.8 (high): An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because TLB…
CVE-2018-18281 — CVSS 7.8 (high): Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate()…
CVE-2025-60730 — CVSS 7.6 (high): PerfreeBlog v4.0.11 has an arbitrary file deletion vulnerability in the unInstallTheme function
CVE-2026-11576 — CVSS 7.5 (high): The security fix for CVE-2025-0728 in eclipse-threadx NetX Duo refactors error handling in the HTTP server PUT process to use a shared…
CVE-2026-3304 — CVSS 7.5 (high): Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability in Multer prior to version 2.1.0 allows an attacker to…
CVE-2025-64775 — CVSS 7.5 (high): Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects…
CVE-2025-59781 — CVSS 7.5 (high): When DNS cache is configured on a BIG-IP or BIG-IP Next CNF virtual server, undisclosed DNS queries can cause an increase in memory…
CVE-2025-31650 — CVSS 7.5 (high): Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in…
CVE-2025-2260 — CVSS 7.5 (high): In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.3, an attacker can cause a denial of service by specially…
CVE-2025-0726 — CVSS 7.5 (high): In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.2, an attacker can cause a denial of service by specially…
CVE-2024-38275 — CVSS 7.5 (high): The cURL wrapper in Moodle retained the original request headers when following redirects, so HTTP authorization header information could…
CVE-2023-41835 — CVSS 7.5 (high): When a Multipart request is performed but some of the fields exceed the maxStringLength limit, the upload files will remain in…
CVE-2023-35945 — CVSS 7.5 (high): Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy’s HTTP/2 codec may leak a header map and bookkeeping structures…
CVE-2022-44546 — CVSS 7.5 (high): The kernel module has the vulnerability that the mapping is not cleared after the memory is automatically released. Successful exploitation…
CVE-2022-1473 — CVSS 7.5 (high): The OPENSSL_LH_flush() function, which empties a hash table, contains a bug that breaks reuse of the memory occuppied by the removed hash…
CVE-2021-37092 — CVSS 7.5 (high): There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability…
CVE-2021-37089 — CVSS 7.5 (high): There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to kernel restart.
CVE-2021-37080 — CVSS 7.5 (high): There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability…
CVE-2020-27888 — CVSS 7.5 (high): An issue was discovered on Ubiquiti UniFi Meshing Access Point UAP-AC-M 4.3.21.11325 and UniFi Controller 6.0.28 devices. Cached…
CVE-2020-0286 — CVSS 7.5 (high): In Bluetooth AVRCP, there is a possible leak of audio metadata due to residual data. This could lead to remote information disclosure with…
CVE-2020-14451 — CVSS 7.5 (high): An issue was discovered in Mattermost Mobile Apps before 1.29.0. The iOS app allowed Single Sign-On cookies and Local Storage to remain…
CVE-2020-12857 — CVSS 7.5 (high): Caching of GATT characteristic values (TempID) in COVIDSafe v1.0.15 and v1.0.16 allows a remote attacker to long-term re-identify an…
CVE-2019-11514 — CVSS 7.5 (high): User/Command/ConfirmEmailHandler.php in Flarum before 0.1.0-beta.8 mishandles invalidation of user email tokens.
CVE-2017-17090 — CVSS 7.5 (high): An issue was discovered in chan_skinny.c in Asterisk Open Source 13.18.2 and older, 14.7.2 and older, and 15.1.2 and older, and Certified…
CVE-2017-0303 — CVSS 7.5 (high): In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 13.0.0, 12.0.0 to 12.1.2 and…
CVE-2002-2067 — CVSS 7.5 (high): East-Tec Eraser 2002 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers…