Skip to main content

CWE-388

7PK - Errors

28 CVEs Avg CVSS 7.6 MITRE
6
CRITICAL
12
HIGH
10
MEDIUM
0
LOW
2
POC
1
KEV

Monthly

CVE-2026-20168 MEDIUM This Month

Authenticated remote attackers with low privileges can read arbitrary files via insufficient access controls in the web-based management interface of Cisco IoT Field Network Director. Exploitation requires valid login credentials and submission of crafted input through the management UI; successful attacks result in unauthorized file disclosure but do not enable modification or system disruption. No public exploit code or active exploitation has been identified at time of analysis.

Information Disclosure Cisco Cisco Iot Field Network Director Iot Fnd
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-20006 MEDIUM This Month

Cisco Secure Firewall Threat Defense (FTD) Software is vulnerable to denial of service through improper TLS protocol implementation in the Snort 3 Detection Engine, allowing unauthenticated remote attackers to trigger unexpected restarts by sending crafted TLS packets. Successful exploitation causes the affected device to drop network traffic, creating a DoS condition affecting TLS versions prior to 1.3. No patch is currently available.

Cisco TLS Denial Of Service
NVD
CVSS 3.1
5.8
EPSS
0.1%
CVE-2023-20227 HIGH This Week

A vulnerability in the Layer 2 Tunneling Protocol (L2TP) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple Ios Xe
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2020-3512 HIGH This Week

A vulnerability in the PROFINET handler for Link Layer Discovery Protocol (LLDP) messages of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a. Rated high severity (CVSS 7.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple Ios Xe
NVD
CVSS 3.1
7.4
EPSS
0.4%
CVE-2020-3510 HIGH This Week

A vulnerability in the Umbrella Connector component of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches could allow an unauthenticated, remote attacker to trigger a reload, resulting in. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple Ios Xe
NVD
CVSS 3.1
8.6
EPSS
1.4%
CVE-2020-3509 HIGH This Week

A vulnerability in the DHCP message handler of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause the supervisor to crash,. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple Ios Xe
NVD
CVSS 3.1
8.6
EPSS
1.4%
CVE-2019-2237 MEDIUM This Month

Failure in taking appropriate action to handle the error case If keypad gpio deactivation fails leads to silent failure scenario and subsequent logic gets executed everytime in Snapdragon Auto,. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Information Disclosure Mdm9206 Firmware Mdm9607 Firmware Mdm9650 Firmware +14
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2019-13046 HIGH POC This Week

linker/linker.c in ToaruOS through 1.10.9 has insecure LD_LIBRARY_PATH handling in setuid applications. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Toaruos
NVD GitHub
CVSS 3.0
7.8
EPSS
0.5%
CVE-2019-12380 MEDIUM PATCH This Month

**DISPUTED** An issue was discovered in the efi subsystem in the Linux kernel through 5.1.5. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Linux Information Disclosure Linux Kernel
NVD
CVSS 3.0
5.5
EPSS
0.5%
CVE-2018-1002105 Go CRITICAL POC PATCH THREAT Act Now

In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver allowed specially crafted requests to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Kubernetes Openshift Container Platform Trident
NVD GitHub Exploit-DB
CVSS 3.0
9.8
EPSS
87.0%
EPSS 0% CVSS 6.5
MEDIUM This Month

Authenticated remote attackers with low privileges can read arbitrary files via insufficient access controls in the web-based management interface of Cisco IoT Field Network Director. Exploitation requires valid login credentials and submission of crafted input through the management UI; successful attacks result in unauthorized file disclosure but do not enable modification or system disruption. No public exploit code or active exploitation has been identified at time of analysis.

Information Disclosure Cisco Cisco Iot Field Network Director Iot Fnd
NVD
EPSS 0% CVSS 5.8
MEDIUM This Month

Cisco Secure Firewall Threat Defense (FTD) Software is vulnerable to denial of service through improper TLS protocol implementation in the Snort 3 Detection Engine, allowing unauthenticated remote attackers to trigger unexpected restarts by sending crafted TLS packets. Successful exploitation causes the affected device to drop network traffic, creating a DoS condition affecting TLS versions prior to 1.3. No patch is currently available.

Cisco TLS Denial Of Service
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability in the Layer 2 Tunneling Protocol (L2TP) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple +1
NVD
EPSS 0% CVSS 7.4
HIGH This Week

A vulnerability in the PROFINET handler for Link Layer Discovery Protocol (LLDP) messages of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a. Rated high severity (CVSS 7.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple +1
NVD
EPSS 1% CVSS 8.6
HIGH This Week

A vulnerability in the Umbrella Connector component of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches could allow an unauthenticated, remote attacker to trigger a reload, resulting in. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple +1
NVD
EPSS 1% CVSS 8.6
HIGH This Week

A vulnerability in the DHCP message handler of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause the supervisor to crash,. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Failure in taking appropriate action to handle the error case If keypad gpio deactivation fails leads to silent failure scenario and subsequent logic gets executed everytime in Snapdragon Auto,. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Information Disclosure Mdm9206 Firmware +16
NVD
EPSS 1% CVSS 7.8
HIGH POC This Week

linker/linker.c in ToaruOS through 1.10.9 has insecure LD_LIBRARY_PATH handling in setuid applications. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Toaruos
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

**DISPUTED** An issue was discovered in the efi subsystem in the Linux kernel through 5.1.5. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Linux Information Disclosure Linux Kernel
NVD
EPSS 87% CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver allowed specially crafted requests to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Kubernetes Openshift Container Platform +1
NVD GitHub Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy