CWE-676

6 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →

CVEs classified under CWE-676page 1 of 1

CVE-2021-27474CRITICALCVSS 10.0EG 7.5
2022-03-23
Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier does not properly restrict all functions relating to IIS remoting services. This vulnerability may allow a remote, unauthenticated attacker to modify sensitive data in FactoryT…
CVE-2022-39063HIGHCVSS 7.5EG 7.5
2022-09-16
When Open5GS UPF receives a PFCP Session Establishment Request, it stores related values for building the PFCP Session Establishment Response. Once UPF receives a request, it gets the f_teid_len from incoming message, and then uses it to c…
CVE-2024-37387MEDIUMCVSS 4.0EG 4.0
2024-06-19
Use of potentially dangerous function issue exists in Ricoh Streamline NX PC Client. If this vulnerability is exploited, files in the PC where the product is installed may be altered.
CVE-2024-38434MEDIUMCVSS 6.5EG 6.5
2024-07-21
Unitronics Vision PLC – CWE-676: Use of Potentially Dangerous Function may allow security feature bypass
CVE-2024-50307MEDIUMCVSS 5.5EG 5.5
2024-10-28
Use of potentially dangerous function issue exists in Chatwork Desktop Application (Windows) versions prior to 2.9.2. If a user clicks a specially crafted link in the application, an arbitrary file may be downloaded from an external websit…
CVE-2026-48696MEDIUMCVSS 6.2EG 0.0
2026-05-26
FastNetMon Community Edition through 1.2.9 has a buffer overflow, a different vulnerability than CVE-2026-48686 and CVE-2026-48689.

Map vulnerabilities like CWE-676 to your infrastructure

EchelonGraph correlates every CVE — across CWE-676 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.

Start Free Scan →