CWE-547

5 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →

CVEs classified under CWE-547page 1 of 1

CVE-2019-14837CRITICALCVSS 9.1EG 9.1
2020-01-07
A flaw was found in keycloack before version 8.0.0. The owner of 'placeholder.org' domain can setup mail server on this domain and knowing only name of a client can reset password and then log in. For example, for client name 'test' the em…
CVE-2023-1712CRITICALCVSS 9.8EG 9.8
2023-03-30
Use of Hard-coded, Security-relevant Constants in GitHub repository deepset-ai/haystack prior to 0.1.30.
CVE-2024-32021LOWCVSS 3.9EG 3.9
2024-05-14
Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, when cloning a local source repository that contains symlinks via the filesystem, Git may create hardlinks to arbitrary user-re…
CVE-2024-39888HIGHCVSS 7.5EG 7.5
2024-07-09
A vulnerability has been identified in Mendix Encryption (All versions >= V10.0.0 < V10.0.2). Affected versions of the module define a specific hard-coded default value for the EncryptionKey constant, which is used in projects where no ind…
CVE-2024-41885MEDIUMCVSS 5.6EG 0.0
2024-12-24
Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on the NVR. The seed string for the encrypt key was hardcoding. The manufacturer has released patch firmware for the flaw, please refer to the m…

Map vulnerabilities like CWE-547 to your infrastructure

EchelonGraph correlates every CVE — across CWE-547 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.

Start Free Scan →