CVEs classified under CWE-475, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2026-42009 — CVSS 7.5 (high): A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering…
CVE-2025-47865 — CVSS 7.5 (high): A Local File Inclusion vulnerability in a Trend Micro Apex Central widget below version 8.0.6955 could allow an attacker to gain remote…
CVE-2024-10569 — CVSS 7.5 (high): A vulnerability in the dataframe component of gradio-app/gradio (version git 98cbcae) allows for a zip bomb attack. The component uses…
CVE-2024-20380 — CVSS 7.5 (high): A vulnerability in the HTML parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition…
CVE-2024-3099 — CVSS 5.4 (medium): A vulnerability in mlflow/mlflow version 2.11.1 allows attackers to create multiple models with the same name by exploiting URL encoding…
CVE-2023-52533 — CVSS 5.3 (medium): In modem-ps-nas-ngmm, there is a possible undefined behavior due to incorrect error handling. This could lead to remote information…