Skip to main content

CWE-792

Incomplete Filtering of One or More Instances of Special Elements

3 CVEs Avg CVSS 6.5 MITRE
0
CRITICAL
1
HIGH
2
MEDIUM
0
LOW
1
POC
0
KEV

Monthly

CVE-2025-12758 npm HIGH POC PATCH This Week

Versions of the package validator before 13.15.22 are vulnerable to Incomplete Filtering of One or More Instances of Special Elements in the isLength() function that does not take into account. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Validator
NVD GitHub
CVSS 4.0
7.7
EPSS
0.1%
CVE-2023-25608 MEDIUM This Month

An incomplete filtering of one or more instances of special elements vulnerability [CWE-792] in the command line interpreter of FortiAP-W2 7.2.0 through 7.2.1, 7.0.3 through 7.0.5, 7.0.0 through. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Fortiap Fortiap C Fortiap U Fortiap W2
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2023-20057 MEDIUM This Month

A vulnerability in the URL filtering mechanism of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation filters. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Asyncos
NVD
CVSS 3.1
5.3
EPSS
0.7%
EPSS 0% CVSS 7.7
HIGH POC PATCH This Week

Versions of the package validator before 13.15.22 are vulnerable to Incomplete Filtering of One or More Instances of Special Elements in the isLength() function that does not take into account. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Validator
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM This Month

An incomplete filtering of one or more instances of special elements vulnerability [CWE-792] in the command line interpreter of FortiAP-W2 7.2.0 through 7.2.1, 7.0.3 through 7.0.5, 7.0.0 through. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Fortiap Fortiap C +2
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability in the URL filtering mechanism of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation filters. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Asyncos
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy