Login Sign Up

CWE-184: CWE-184

14
Total CVEs
4
Critical
7
High
7.7
Avg CVSS

Yearly Trend

2026
1
2025
7
2024
2
2023
4

Top Affected Vendors

1 Mmaitre314 2
2 Microsoft 1
3 Debian 1
4 Solarwinds 1
5 Getgrav 1
6 Trailofbits 1
7 Wwbn 1
8 Mybb 1
9 Hitachienergy 1
10 Servicenow 1

All CWE-184 CVEs (14)

CVE-2025-1716
9.8

CVE-2025-1716 is a critical vulnerability in picklescan versions before 0.0.21 where the tool fails to restrict the 'pip' global during pickle file sc...

Feb 26, 2025
CVE-2024-5217
9.8

This is a critical input validation vulnerability in ServiceNow's Now Platform that allows unauthenticated remote attackers to execute arbitrary code ...

Jul 10, 2024
CVE-2023-3374
9.8

CVE-2023-3374 is an incomplete input validation vulnerability in Unisign Bookreen that allows attackers to bypass security restrictions and escalate p...

Sep 5, 2023
CVE-2023-45133
9.3

This vulnerability in Babel's @babel/traverse allows arbitrary code execution during JavaScript compilation when processing maliciously crafted code. ...

Oct 12, 2023
CVE-2023-34253
8.8

This vulnerability allows attackers with login access to Grav's Admin panel and page creation/update permissions to inject malicious templates and ach...

Jun 14, 2023
CVE-2025-67747
7.8

Fickling versions before 0.1.6 fail to block unsafe 'marshal' and 'types' module imports during pickle file analysis. This allows attackers to craft m...

Dec 16, 2025
CVE-2025-29822
7.8

This vulnerability allows an unauthorized attacker to bypass a security feature in Microsoft Office OneNote by exploiting an incomplete list of disall...

Apr 8, 2025
CVE-2026-1773
7.5

This vulnerability affects IEC 60870-5-104 implementations when bi-directional functionality is configured. Attackers can send specially crafted inval...

Feb 24, 2026
CVE-2025-46417
7.5

This vulnerability in Picklescan versions before 0.0.25 allows data exfiltration via DNS requests after deserialization due to missing 'ssl' in unsafe...

Apr 24, 2025
CVE-2025-48732
7.3

An incomplete blacklist in WWBN AVideo's .htaccess sample allows attackers to execute arbitrary code by requesting specially crafted .phar files. This...

Jul 24, 2025
CVE-2023-23844
7.2

CVE-2023-23844 is an incorrect comparison vulnerability in SolarWinds Platform that allows authenticated administrators to execute arbitrary commands ...

Jul 26, 2023
CVE-2025-67716
5.7

The Auth0 Next.js SDK versions 4.9.0 through 4.12.1 have an input validation flaw in the returnTo parameter that allows attackers to inject malicious ...

Dec 11, 2025
CVE-2024-23336
5.0

This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in MyBB forum software where the default disallowed remote hosts list doesn't in...

May 1, 2024
CVE-2025-69277
4.5

This vulnerability in libsodium's crypto_core_ed25519_is_valid_point function incorrectly validates elliptic curve points in certain custom cryptograp...

Dec 31, 2025

About CWE-184 (CWE-184)

Our database tracks 14 CVEs classified as CWE-184, with 4 rated critical and 7 rated high severity. The average CVSS score for CWE-184 vulnerabilities is 7.7.

External reference: View CWE-184 on MITRE CWE →

Monitor CWE-184 Vulnerabilities

Get alerted when new CWE-184 CVEs affect your infrastructure.

Start Monitoring Free