CWE-657
15 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-657page 1 of 1
- CVE-2019-0061HIGHCVSS 7.8EG 7.82019-10-09
The management daemon (MGD) is responsible for all configuration and management operations in Junos OS. The Junos CLI communicates with MGD over an internal unix-domain socket and is granted special permission to open this protected mode s…
- CVE-2019-15611MEDIUMCVSS 4.9EG 4.92020-02-04
Violation of Secure Design Principles in the iOS App 2.23.0 causes the app to leak its login and token to other Nextcloud services when search e.g. for federated users or registering for push notifications.
- CVE-2019-5478MEDIUMCVSS 5.5EG 5.52019-09-03
A weakness was found in Encrypt Only boot mode in Zynq UltraScale+ devices. This could lead to an adversary being able to modify the control fields of the boot image leading to an incorrect secure boot behavior.
- CVE-2020-36467MEDIUMCVSS 5.9EG 5.92021-08-08
An issue was discovered in the cgc crate through 2020-12-10 for Rust. Ptr::get returns more than one mutable reference to the same object.
- CVE-2020-36468MEDIUMCVSS 5.9EG 5.92021-08-08
An issue was discovered in the cgc crate through 2020-12-10 for Rust. Ptr::write performs non-atomic write operations on an underlying pointer.
- CVE-2020-8133MEDIUMCVSS 5.3EG 5.32020-11-09
A wrong generation of the passphrase for the encrypted block in Nextcloud Server 19.0.1 allowed an attacker to overwrite blocks in a file.
- CVE-2021-28583HIGHCVSS 7.5EG 7.52021-06-28
Magento versions 2.4.2 (and earlier), 2.4.1-p1 (and earlier) and 2.3.6-p1 (and earlier) are affected by a Violation of Secure Design Principles vulnerability in RMA PDF filename formats. Successful exploitation could allow an attacker to g…
- CVE-2021-36061MEDIUMCVSS 5.4EG 5.42021-09-01
Adobe Connect version 11.2.2 (and earlier) is affected by a secure design principles violation vulnerability via the 'pbMode' parameter. An unauthenticated attacker could leverage this vulnerability to edit or delete recordings on the Conn…
- CVE-2021-44714LOWCVSS 2.5EG 2.52022-01-14
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a Violation of Secure Design Principles that could lead to a Security feature bypass. Acrobat Reader DC display…
- CVE-2022-28244MEDIUMCVSS 6.3EG 6.32022-05-11
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by a violation of secure design principles through bypassing the content security policy, which could result in an…
- CVE-2022-30683MEDIUMCVSS 5.3EG 5.32022-09-16
Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a Violation of Secure Design Principles vulnerability that could lead to bypass the security feature of the encryption mechanism in the backend . An attacker could lev…
- CVE-2023-29320HIGHCVSS 7.8EG 7.82023-08-10
Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Violation of Secure Design Principles vulnerability that could result in arbitrary code execution in the context of the current user…
- CVE-2023-52714HIGHCVSS 7.5EG 7.52024-04-07
Vulnerability of defects introduced in the design process in the hwnff module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2024-26139HIGHCVSS 8.3EG 8.32024-05-23
OpenCTI is an open source platform allowing organizations to manage their cyber threat intelligence knowledge and observables. Due to lack of certain security controls on the profile edit functionality, an authenticated attacker with low p…
- CVE-2024-33849MEDIUMCVSS 6.5EG 6.52024-05-28
ci solution CI-Out-of-Office Manager through 6.0.0.77 uses a Hard-coded Cryptographic Key.
Map vulnerabilities like CWE-657 to your infrastructure
EchelonGraph correlates every CVE — across CWE-657 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →