Login Sign Up

CWE-75: CWE-75

13
Total CVEs
4
Critical
6
High
8.2
Avg CVSS

Yearly Trend

2026
1
2025
2
2024
6
2023
1
2021
3

Top Affected Vendors

1 Rocket.chat 2
2 Fedoraproject 1
3 Apache 1
4 Totolink 1
5 Haxx 1
6 Netapp 1
7 Splunk 1
8 Cmsmadesimple 1
9 Python Ldap 1
10 Arcserve 1

All CWE-75 CVEs (13)

CVE-2025-50213
9.8

This CVE describes a SQL injection vulnerability in Apache Airflow's Snowflake provider where unsanitized table and stage parameters in the CopyFromEx...

Jun 24, 2025
CVE-2024-35373
9.8

Mocodo Online versions 4.2.6 and below contain a remote code execution vulnerability in the rewrite.php file. Attackers can execute arbitrary code on ...

May 24, 2024
CVE-2021-22910
9.8

A NoSQL injection vulnerability in Rocket.Chat server allows attackers to execute arbitrary database queries through a specific endpoint. This can lea...

Aug 9, 2021
CVE-2021-22911
9.8

CVE-2021-22911 is an improper input sanitization vulnerability in Rocket.Chat that allows unauthenticated attackers to perform NoSQL injection attacks...

May 27, 2021
CVE-2024-37779
8.8

WoodWing Elvis DAM v6.98.1 contains an authenticated remote command execution vulnerability via Apache Ant script functionality. This allows authentic...

Sep 23, 2024
CVE-2024-31809
8.8

This vulnerability allows remote attackers to execute arbitrary code on TOTOLINK EX200 routers by exploiting improper input validation in the FileName...

Apr 8, 2024
CVE-2023-27533
8.8

A vulnerability in curl versions before 8.0 allows attackers to inject malicious content during TELNET protocol negotiation when user input is accepte...

Mar 30, 2023
CVE-2021-39174
8.8

CVE-2021-39174 allows authenticated users in Cachet status page systems to leak sensitive configuration values like application secrets and database p...

Aug 28, 2021
CVE-2024-0801
7.5

A denial of service vulnerability in Arcserve Unified Data Protection's ASNative.dll allows attackers to crash the service by sending specially crafte...

Mar 13, 2024
CVE-2024-27622
7.2

This CVE describes a remote code execution vulnerability in CMS Made Simple's User Defined Tags module. Authenticated administrators can inject arbitr...

Mar 5, 2024
CVE-2025-61911
6.5

This vulnerability in python-ldap allows LDAP injection attacks when applications use the library's escape_filter_chars method with escape_mode=1 and ...

Oct 10, 2025
CVE-2026-27120
6.1

This vulnerability in Leafkit's htmlEscaped function allows attackers to bypass HTML escaping by using extended grapheme clusters containing special H...

Feb 20, 2026
CVE-2024-9940
5.3

The Calculated Fields Form WordPress plugin up to version 5.2.45 is vulnerable to HTML injection via form submissions. Unauthenticated attackers can i...

Oct 17, 2024

About CWE-75 (CWE-75)

Our database tracks 13 CVEs classified as CWE-75, with 4 rated critical and 6 rated high severity. The average CVSS score for CWE-75 vulnerabilities is 8.2.

External reference: View CWE-75 on MITRE CWE →

Monitor CWE-75 Vulnerabilities

Get alerted when new CWE-75 CVEs affect your infrastructure.

Start Monitoring Free