CVEs classified under CWE-676, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2021-27474 — CVSS 10.0 (critical): Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier does not properly restrict all functions relating to IIS remoting services…
CVE-2022-39063 — CVSS 7.5 (high): When Open5GS UPF receives a PFCP Session Establishment Request, it stores related values for building the PFCP Session Establishment…
CVE-2025-65117 — CVSS 7.4 (high): The vulnerability, if exploited, could allow an authenticated miscreant (Process Optimization Designer User) to embed OLE objects into…
CVE-2024-38434 — CVSS 6.5 (medium): Unitronics Vision PLC – CWE-676: Use of Potentially Dangerous Function may allow security feature bypass
CVE-2024-50307 — CVSS 5.5 (medium): Use of potentially dangerous function issue exists in Chatwork Desktop Application (Windows) versions prior to 2.9.2. If a user clicks a…
CVE-2025-67604 — CVSS 5.3 (medium): A use of potentially dangerous function vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.8…
CVE-2024-37387 — CVSS 4.0 (medium): Use of potentially dangerous function issue exists in Ricoh Streamline NX PC Client. If this vulnerability is exploited, files in the PC…