CWE-623

3 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →

CVEs classified under CWE-623page 1 of 1

CVE-2011-10028HIGHCVSS 8.7EG 0.0
2025-08-20
The RealNetworks RealArcade platform includes an ActiveX control (InstallerDlg.dll, version 2.6.0.445) that exposes a method named Exec via the StubbyUtil.ProcessMgr COM object. This method allows remote attackers to execute arbitrary comm…
CVE-2014-2368NONECVSS 0.0EG 0.0
2014-07-19
The BrowseFolder method in the bwocxrun ActiveX control in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a crafted call.
CVE-2018-17925MEDIUMCVSS 4.8EG 4.8
2018-10-10
Multiple instances of this vulnerability (Unsafe ActiveX Control Marked Safe For Scripting) have been identified in the third-party ActiveX object provided to GE iFIX versions 2.0 - 5.8 by Gigasoft. Only the independent use of the Gigasoft…

Map vulnerabilities like CWE-623 to your infrastructure

EchelonGraph correlates every CVE — across CWE-623 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.

Start Free Scan →