CWE-5 CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-41683	1 Siemens	2 Location Intelligence, Location Intelligence Family	2024-08-14	5.3 Medium
A vulnerability has been identified in Location Intelligence family (All versions < V4.4). Affected products do not properly enforce a strong user password policy. This could facilitate a brute force attack against legitimate user passwords.
CVE-2024-41906	1 Siemens	1 Sinec Traffic Analyzer	2024-08-14	4.8 Medium
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application does not properly handle cacheable HTTP responses in the web service. This could allow an attacker to read and modify data stored in the local cache.
CVE-2024-32931	1 Johnsoncontrols	1 Exacqvision Web Service	2024-08-09	5.7 Medium
Under certain circumstances the exacqVision Web Service can expose authentication token details within communications.

« first previous Page 404 of 404.