VYPR

CWE-676

Use of Potentially Dangerous Function

BaseDraftLikelihood: High

Description

The product invokes a potentially dangerous function that could introduce a vulnerability if it is used incorrectly, but the function can also be used safely.

Hierarchy (View 1000)

Parents

Children

CVEs mapped to this weakness (7)

  • CVE-2024-38434MedJul 21, 2024
    risk 0.42cvss 6.5epss 0.00

    Unitronics Vision PLC – CWE-676: Use of Potentially Dangerous Function may allow security feature bypass

  • CVE-2026-48696MedMay 26, 2026
    risk 0.40cvss 6.2epss 0.00

    FastNetMon Community Edition through 1.2.9 has a buffer overflow, a different vulnerability than CVE-2026-48686 and CVE-2026-48689.

  • CVE-2026-54499higJun 19, 2026
    risk 0.38cvss epss

    ### Summary Stanza 1.12.0 attempts to safely load PyTorch checkpoint files using `torch.load(..., weights_only=True)`, but automatically falls back to the fully unsafe `torch.load(..., weights_only=False)` when the safe load raises `pickle.UnpicklingError`. Because the…

  • CVE-2024-50307MedOct 28, 2024
    risk 0.36cvss 5.5epss 0.00

    Use of potentially dangerous function issue exists in Chatwork Desktop Application (Windows) versions prior to 2.9.2. If a user clicks a specially crafted link in the application, an arbitrary file may be downloaded from an external website and executed. As a result, arbitrary…

  • CVE-2025-67604MedMay 12, 2026
    risk 0.34cvss 5.3epss 0.00

    A use of potentially dangerous function vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.8, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiManager 7.6.0 through 7.6.4, FortiManager…

  • CVE-2024-37387MedJun 19, 2024
    risk 0.26cvss 4.0epss 0.00

    Use of potentially dangerous function issue exists in Ricoh Streamline NX PC Client. If this vulnerability is exploited, files in the PC where the product is installed may be altered.

  • CVE-2024-28219Apr 3, 2024
    risk 0.00cvss epss 0.01

    In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.