Login Sign Up

CWE-115: CWE-115

11
Total CVEs
3
Critical
4
High
7.7
Avg CVSS

Yearly Trend

2025
7
2023
1
2020
3

Top Affected Vendors

1 Netapp 2
2 Golang 2
3 Fedoraproject 1
4 Redhat 1
5 Apache 1
6 Librechat 1
7 Phpmyfaq 1
8 Grafana 1
9 Wolfbox 1
10 Autel 1

All CWE-115 CVEs (11)

CVE-2020-27846
9.8

CVE-2020-27846 is a signature verification vulnerability in the crewjam/saml library that allows attackers to bypass SAML authentication. This affects...

Dec 21, 2020
CVE-2020-29509
9.8

This vulnerability in Go's encoding/xml package allows attackers to craft XML inputs that behave inconsistently during different processing stages. Th...

Dec 14, 2020
CVE-2020-29511
9.8

This vulnerability in Go's encoding/xml package allows attackers to craft XML inputs that behave inconsistently during different processing stages. Th...

Dec 14, 2020
CVE-2023-0880
8.3

CVE-2023-0880 is an input misinterpretation vulnerability in phpMyFAQ that allows attackers to manipulate input processing, potentially leading to una...

Feb 17, 2023
CVE-2025-5747
8.0

This vulnerability allows network-adjacent attackers with authentication to execute arbitrary code on WOLFBOX Level 2 EV Charger devices by exploiting...

Jun 6, 2025
CVE-2025-32908
7.5

A vulnerability in libsoup's HTTP/2 server allows improper validation of pseudo-header values, potentially enabling denial of service attacks. This af...

Apr 14, 2025
CVE-2024-11169
7.5

An unhandled exception in the fs module of danny-avila/librechat allows unauthenticated attackers to crash the server by sending specially crafted fil...

Mar 20, 2025
CVE-2025-68113
6.5

A cryptographic flaw in ALTCHA libraries allows challenge payload splicing, enabling replay attacks where previously solved CAPTCHA challenges can be ...

Dec 16, 2025
CVE-2025-25069
6.5

A Cross-Protocol Scripting vulnerability in Apache Kvrocks allows HTTP requests to be interpreted as valid RESP (Redis Serialization Protocol) command...

Feb 7, 2025
CVE-2025-5826
6.3

This vulnerability allows attackers within Bluetooth range to send arbitrary AT commands to Autel MaxiCharger AC Wallbox Commercial charging stations ...

Jun 25, 2025
CVE-2025-22870
4.4

This vulnerability in Go's net/http package causes incorrect proxy pattern matching when IPv6 addresses contain zone identifiers. It allows requests t...

Mar 12, 2025

About CWE-115 (CWE-115)

Our database tracks 11 CVEs classified as CWE-115, with 3 rated critical and 4 rated high severity. The average CVSS score for CWE-115 vulnerabilities is 7.7.

External reference: View CWE-115 on MITRE CWE →

Monitor CWE-115 Vulnerabilities

Get alerted when new CWE-115 CVEs affect your infrastructure.

Start Monitoring Free