CWE-474
7 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-474page 1 of 1
- CVE-2021-0294MEDIUMCVSS 5.3EG 5.32021-07-15
A vulnerability in Juniper Networks Junos OS, which only affects the release 18.4R2-S5, where a function is inconsistently implemented on Juniper Networks Junos QFX5000 Series and EX4600 Series, and if "storm-control enhanced" is configure…
- CVE-2024-1672MEDIUMCVSS 5.4EG 8.82024-02-21
Inappropriate implementation in Content Security Policy in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Medium)
- CVE-2024-1694HIGHCVSS 7.8EG 7.82024-06-07
Inappropriate implementation in Google Updator prior to 1.3.36.351 in Google Chrome allowed a local attacker to bypass discretionary access control via a malicious file. (Chromium security severity: High)
- CVE-2024-2628MEDIUMCVSS 4.3EG 4.32024-03-20
Inappropriate implementation in Downloads in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted URL. (Chromium security severity: Medium)
- CVE-2024-5836HIGHCVSS 8.8EG 8.82024-06-11
Inappropriate Implementation in DevTools in Google Chrome prior to 126.0.6478.54 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security severit…
- CVE-2024-5839MEDIUMCVSS 6.5EG 6.52024-06-11
Inappropriate Implementation in Memory Allocator in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
- CVE-2024-7001MEDIUMCVSS 4.3EG 4.32024-08-06
Inappropriate implementation in HTML in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medi…
Map vulnerabilities like CWE-474 to your infrastructure
EchelonGraph correlates every CVE — across CWE-474 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →