CWE-790: CWE-790

Total CVEs

Critical

High

8.3

Avg CVSS

Yearly Trend

2025

2024

2023

2021

Top Affected Vendors

1 Fedoraproject 1

2 Facebook 1

3 Freebsd 1

4 Sequelizejs 1

5 Etherpad 1

All CWE-790 CVEs (7)

CVE-2023-22578

10.0

CVE-2023-22578 is a critical SQL injection vulnerability in the Sequelize.js ORM library due to improper attribute filtering. Attackers can execute ar...

Feb 16, 2023

CVE-2021-43802

9.9

CVE-2021-43802 is a critical vulnerability in Etherpad that allows attackers to gain admin privileges by importing a malicious *.etherpad file. This c...

Dec 9, 2021

CVE-2023-45239

9.8

CVE-2023-45239 is a critical remote code execution vulnerability in tac_plus authentication server. Attackers can inject shell commands through userna...

Oct 6, 2023

CVE-2024-42416

8.8

This vulnerability allows arbitrary write to kernel memory in FreeBSD's bhyve hypervisor due to insufficient validation in the ctl_report_supported_op...

Sep 5, 2024

CVE-2024-31616

8.8

This vulnerability allows attackers to execute arbitrary code on specific RG-RSR10 router models via the common_quick_config.lua file. Attackers can p...

Apr 23, 2024

CVE-2025-0431

5.8

Enterprise Protection has a URL rewriting vulnerability that allows unauthenticated remote attackers to send emails bypassing URL protections. This co...

Mar 19, 2025

CVE-2024-43442

4.9

This vulnerability allows an authenticated admin attacker to inject malicious scripts into OTRS System Configuration modules, which then execute in ot...

Aug 26, 2024

About CWE-790 (CWE-790)

Our database tracks 7 CVEs classified as CWE-790, with 3 rated critical and 2 rated high severity. The average CVSS score for CWE-790 vulnerabilities is 8.3.

External reference: View CWE-790 on MITRE CWE →

Monitor CWE-790 Vulnerabilities

Get alerted when new CWE-790 CVEs affect your infrastructure.

Start Monitoring Free