CVEs classified under CWE-805, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (36)
CVE-2020-14509 — CVSS 9.8 (critical): Multiple memory corruption vulnerabilities exist in CodeMeter (All versions prior to 7.10) where the packet parser mechanism does not…
CVE-2025-20315 — CVSS 8.6 (high): A vulnerability in the Network-Based Application Recognition (NBAR) feature of Cisco IOS XE Software could allow an unauthenticated, remote…
CVE-2026-53016 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - copy IV using skcipher ivsize AF_ALG rfc3686-ctr-aes-ccp…
CVE-2025-38743 — CVSS 7.8 (high): Dell iDRAC Service Module (iSM), versions prior to 6.0.3.0, contains a Buffer Access with Incorrect Length Value vulnerability. A low…
CVE-2025-20175 — CVSS 7.7 (high): A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to…
CVE-2025-20174 — CVSS 7.7 (high): A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to…
CVE-2025-20170 — CVSS 7.7 (high): A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to…
CVE-2025-20169 — CVSS 7.7 (high): A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to…
CVE-2025-63547 — CVSS 7.5 (high): An issue in Eprosima Micro-XREC-DDS Agent v.3.0.1 allows a remote attacker to cause a denial of service via a crafted packet to the MTU…
CVE-2025-30651 — CVSS 7.5 (high): A Buffer Access with Incorrect Length Value vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS…
CVE-2024-24851 — CVSS 7.5 (high): A heap-based buffer overflow vulnerability exists in the Programming Software Connection FiBurn functionality of AutomationDirect P3-550E…
CVE-2021-31885 — CVSS 7.5 (high): A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC…
CVE-2026-20033 — CVSS 7.4 (high): A vulnerability in Cisco Nexus 9000 Series Fabric Switches in ACI mode could allow an unauthenticated, adjacent attacker to cause a denial…
CVE-2026-20010 — CVSS 7.4 (high): A vulnerability in the Link Layer Discovery Protocol (LLDP) feature of Cisco NX-OS Software could allow an unauthenticated, adjacent…
CVE-2025-20202 — CVSS 7.4 (high): A vulnerability in Cisco IOS XE Wireless Controller Software could allow an unauthenticated, adjacent attacker to cause a denial of service…
CVE-2025-20191 — CVSS 7.4 (high): A vulnerability in the Switch Integrated Security Features (SISF) of Cisco IOS Software, Cisco IOS XE Software, Cisco NX-OS Software, and…
CVE-2025-21591 — CVSS 7.4 (high): A Buffer Access with Incorrect Length Value vulnerability in the jdhcpd daemon of Juniper Networks Junos OS, when DHCP snooping is enabled…
CVE-2023-5396 — CVSS 7.4 (high): Server receiving a malformed message creates connection for a hostname that may cause a stack overflow resulting in possible remote code…
CVE-2025-36463 — CVSS 7.3 (high): Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell…
CVE-2025-36462 — CVSS 7.3 (high): Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell…
CVE-2025-36461 — CVSS 7.3 (high): Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell…
CVE-2025-36460 — CVSS 7.3 (high): Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell…
CVE-2024-20294 — CVSS 6.6 (medium): A vulnerability in the Link Layer Discovery Protocol (LLDP) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an…
CVE-2019-19339 — CVSS 6.5 (medium): It was found that the Red Hat Enterprise Linux 8 kpatch update did not include the complete fix for CVE-2018-12207. A flaw was found in the…
CVE-2026-34002 — CVSS 6.1 (medium): A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB (X Keyboard Extension) modifier map…
CVE-2025-20360 — CVSS 5.8 (medium): Multiple Cisco products are affected by a vulnerability in the Snort 3 HTTP Decoder that could allow an unauthenticated, remote attacker to…
CVE-2026-1767 — CVSS 5.6 (medium): A flaw was found in the GNOME localsearch (previously known as tracker-miners) MP3 Extractor `tracker-extract-mp3` component. A remote…
CVE-2026-1766 — CVSS 5.6 (medium): A flaw was found in GNOME localsearch (previously known as tracker-miners) MP3 Extractor, specifically within the tracker-extract-mp3…
CVE-2026-6245 — CVSS 5.5 (medium): A flaw was found in the System Security Services Daemon (SSSD). The pam_passkey_child_read_data() function within the PAM passkey responder…
CVE-2020-10774 — CVSS 5.5 (medium): A memory disclosure flaw was found in the Linux kernel's versions before 4.18.0-193.el8 in the sysctl subsystem when reading the…
CVE-2024-34476 — CVSS 5.3 (medium): Open5GS before 2.7.1 is vulnerable to a reachable assertion that can cause an AMF crash via NAS messages from a UE: ogs_nas_encrypt in…
CVE-2026-53877 — CVSS 4.8 (medium): An issue was discovered in Django 6.0 before 6.0.7 and 5.2 before 5.2.16. `django.contrib.gis.gdal.GDALRaster` over-reads its in-memory…
CVE-2026-12549 — CVSS 4.8 (medium): The fix for CVE-2026-2443 was regressed by a subsequent rework commit that replaced specific overflow checks with a general signed…
CVE-2026-0716 — CVSS 4.8 (medium): A flaw was found in libsoup’s WebSocket frame processing when handling incoming messages. If a non-default configuration is used where…
CVE-2024-0131 — CVSS 4.4 (medium): NVIDIA GPU kernel driver for Windows and Linux contains a vulnerability where a potential user-mode attacker could read a buffer with an…
CVE-2025-7048 — CVSS 4.3 (medium): On affected platforms running Arista EOS with MACsec configuration, a specially crafted packet can cause the MACsec process to terminate…