CVEs classified under CWE-477, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2025-49216 — CVSS 9.8 (critical): An authentication bypass vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to access key methods as…
CVE-2018-17890 — CVSS 9.8 (critical): NUUO CMS all versions 3.1 and prior, The application uses insecure and outdated software components for functionality, which could allow…
CVE-2019-18251 — CVSS 8.8 (high): In Omron CX-Supervisor, Versions 3.5 (12) and prior, Omron CX-Supervisor ships with Teamviewer Version 5.0.8703 QS. This version of…
CVE-2026-1693 — CVSS 7.5 (high): The OAuth grant type Resource Owner Password Credentials (ROPC) flow is still used by the werbservices used by the WebVue, WebScheduler…
CVE-2020-6978 — CVSS 7.2 (high): In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected product is vulnerable due to the usage of old jQuery libraries.
CVE-2019-10968 — CVSS 4.4 (medium): Philips Holter 2010 Plus, all versions. A vulnerability has been identified that may allow system options that were not purchased to be…
CVE-2023-28829 — CVSS 3.9 (low): A vulnerability has been identified in SIMATIC NET PC Software V14 (All versions), SIMATIC NET PC Software V15 (All versions), SIMATIC PCS…
CVE-2019-10988 — CVSS 3.4 (low): In Philips HDI 4000 Ultrasound Systems, all versions running on old, unsupported operating systems such as Windows 2000, the HDI 4000…