By weakness (CWE)
CWE-15: related vulnerabilities
CVEs classified under CWE-15. Understanding the weakness class helps prioritize systemic fixes over one-off patches.
2 published vulnerabilities
- CVE-2026-1784HIGH 8.8
A flaw in OpenShift's Route resource allows users with low-level cluster access to inject malicious HAProxy configuration through the spec.path field. Because validation of this field is insufficient, an attacker can bypass intended restrictions and alter how traffic is routed, potentially redirecting requests or exposing sensitive data. This is a local privilege escalation risk requiring existing cluster access but delivering high-impact consequences.
- CVE-2019-25716MEDIUM 6.5
Dräger's Infinity Delta, Delta XL, and Kappa patient monitors are vulnerable to a denial-of-service attack triggered by malformed network packets. An attacker on the same network segment can send specially crafted packets that force the monitor to reboot repeatedly, disrupting patient monitoring and causing the device to lose network connectivity and revert to default settings. This is a network-adjacent threat that degrades clinical visibility rather than exposing patient data directly.