CWE-232
11 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-232page 1 of 1
- CVE-2021-34705MEDIUMCVSS 5.3EG 5.32021-09-23
A vulnerability in the Voice Telephony Service Provider (VTSP) service of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass configured destination patterns and dial arbitrary numbers. Th…
- CVE-2021-3718MEDIUMCVSS 4.3EG 4.32021-11-12
A denial of service vulnerability was reported in some ThinkPad models that could cause a system to crash when the Enhanced Biometrics setting is enabled in BIOS.
- CVE-2022-22213MEDIUMCVSS 5.9EG 5.92022-07-20
A vulnerability in Handling of Undefined Values in the routing protocol daemon (RPD) process of Juniper Networks Junos OS and Junos OS Evolved may allow an unauthenticated network-based attacker to crash the RPD process by sending a specif…
- CVE-2023-2968HIGHCVSS 7.5EG 7.52023-05-30
A remote attacker can trigger a denial of service in the socket.remoteAddress variable, by sending a crafted HTTP request. Usage of the undefined variable raises a TypeError exception.
- CVE-2023-36848MEDIUMCVSS 6.5EG 6.52023-07-14
An Improper Handling of Undefined Values vulnerability in the periodic packet management daemon (PPMD) of Juniper Networks Junos OS on MX Series(except MPC10, MPC11 and LC9600) allows an unauthenticated adjacent attacker to cause a Denial …
- CVE-2023-39914HIGHCVSS 7.5EG 7.52023-09-13
NLnet Labs' bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as accessing content of types…
- CVE-2023-39915HIGHCVSS 7.5EG 7.52023-09-13
NLnet Labs' Routinator up to and including version 0.12.1 may crash when trying to parse certain malformed RPKI objects. This is due to insufficient input checking in the bcder library covered by CVE-2023-39914.
- CVE-2025-20192HIGHCVSS 7.7EG 7.72025-05-07
A vulnerability in the Internet Key Exchange version 1 (IKEv1) implementation of Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The attacker must have valid IKEv1 VPN crede…
- CVE-2025-20314MEDIUMCVSS 6.7EG 6.72025-09-24
A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker with level-15 privileges or an unauthenticated attacker with physical access to an affected device to execute persistent code at boot time and break the …
- CVE-2025-40775HIGHCVSS 7.5EG 7.52025-05-21
When an incoming DNS protocol message includes a Transaction Signature (TSIG), BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND…
- CVE-2026-21689MEDIUMCVSS 6.5EG 6.52026-01-07
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Versions prior to 2.3.1.2 have a Type Confusion vulnerability in …
Map vulnerabilities like CWE-232 to your infrastructure
EchelonGraph correlates every CVE — across CWE-232 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →