CWE-37 is a common weakness enumeration in software security. This database tracks 6 CVE vulnerabilities classified under this weakness type.

How many CVEs are classified as CWE-37?

There are 6 CVE vulnerabilities classified as CWE-37 with an average CVSS score of 6.6166666666667.

What is the severity distribution for CWE-37?

CWE-37 contains 0 critical, 2 high, 4 medium, and 0 low severity vulnerabilities.

CWE-37

Total CVEs

Vulnerabilities

Avg CVSS v3

6.6

Medium

Avg CVSS v2

3.6

Low

Latest CVE

2024

Most Recent

Severity Distribution

Critical 0

High 2

33.3%

Medium 4

66.7%

Low 0

External References

MITRE CWE

Official CWE definition

NIST NVD

Search CVEs by CWE

All CVEs (6)

Page 1 of 1

CVE-2022-20962

HIGH

CVSS:8.8(High)

A vulnerability in the Localdisk Management feature of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to make unauthorized changes to the file system of an affected...

CWE-372022

CVE-2022-25347

HIGH

CVSS:7.5(High)

Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) is vulnerable to path traversal attacks, which may allow an attacker to write arbitrary files to locations on the file system.

CWE-372022

CVE-2023-20087

MEDIUM

CVSS:6.5(Medium)

Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to download arbitrary files from the filesystem of ...

CWE-372023

CVE-2023-20077

MEDIUM

CVSS:6.5(Medium)

CWE-372023

CVE-2018-10498

MEDIUM

CVSS:5.5(Medium)

This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Samsung Email Fixed in version 5.0.02.16. An attacker must first obtain the ability to execut...

CWE-372018

CVE-2024-12806

MEDIUM

CVSS:4.9(Medium)

A post-authentication absolute path traversal vulnerability in SonicOS management allows a remote attacker to read an arbitrary file.

CWE-372024