CWE-138

Total CVEs
7
Vulnerabilities
Avg CVSS v3
7.2
High
Avg CVSS v2
7.8
High
Latest CVE
2024
Most Recent

Severity Distribution

Critical 0
0%
High 5
71.4%
Medium 2
28.6%
Low 0
0%

External References

MITRE CWE
Official CWE definition
NIST NVD
Search CVEs by CWE

All CVEs (7)

Page 1 of 1

CVE-2016-0750

HIGH
CVSS:8.8(High)

The hotrod java client in infinispan before 9.1.0.Final automatically deserializes bytearray message contents in certain events. A malicious user could exploit this flaw by injecting a specially-craft...

CWE-1382016

CVE-2023-42117

HIGH
CVSS:8.1(High)

Exim Improper Neutralization of Special Elements Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentica...

CWE-1382023

CVE-2022-2429

HIGH
CVSS:8.0(High)

The Ultimate SMS Notifications for WooCommerce plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.4.1 via the 'Export Utility' functionality. This makes it possibl...

CWE-1382022

CVE-2022-0024

HIGH
CVSS:7.2(High)

A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated network-based PAN-OS administrator to upload a specifically created configuration that disrupts system proces...

CWE-1382022

CVE-2023-22288

MEDIUM
CVSS:5.4(Medium)

HTML Email Injection in Tribe29 Checkmk <=2.1.0p23; <=2.0.0p34, and all versions of Checkmk 1.6.0 allows an authenticated attacker to inject malicious HTML into Emails

CWE-1382023

CVE-2024-51500

MEDIUM
CVSS:5.3(Medium)

Meshtastic firmware is a device firmware for the Meshtastic project. The Meshtastic firmware does not check for packets claiming to be from the special broadcast address (0xFFFFFFFF) which could resul...

CWE-1382024