CWE-684
12 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-684page 1 of 1
- CVE-2020-11054LOWCVSS 3.5EG 3.52020-05-07
In qutebrowser versions less than 1.11.1, reloading a page with certificate errors shows a green URL. After a certificate error was overridden by the user, qutebrowser displays the URL as yellow (colors.statusbar.url.warn.fg). However, whe…
- CVE-2022-23728MEDIUMCVSS 6.1EG 6.12022-01-21
Attacker can reset the device with AT Command in the process of rebooting the device. The LG ID is LVE-SMP-210011.
- CVE-2023-24845CRITICALCVSS 9.1EG 9.12023-08-08
A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801, RUGGEDCOM i801NC, RUGGEDCOM i802, RUGGEDCOM i802NC, RUGGEDCOM i803, RUGGEDCOM i803NC, RUGGEDCOM M2100, RUGGEDCOM M2100F, RUGGEDCOM M2100NC, RUGGEDCOM …
- CVE-2023-4258HIGHCVSS 8.6EG 8.62023-09-25
In Bluetooth mesh implementation If provisionee has a public key that is sent OOB then during provisioning it can be sent back and will be accepted by provisionee.
- CVE-2023-5158MEDIUMCVSS 6.5EG 6.52023-09-25
A flaw was found in vringh_kiov_advance in drivers/vhost/vringh.c in the host side of a virtio ring in the Linux Kernel. This issue may result in a denial of service from guest to host via zero length descriptor.
- CVE-2023-5363HIGHCVSS 7.5EG 7.52023-10-25
Issue summary: A bug has been identified in the processing of key and initialisation vector (IV) lengths. This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers. Impact summary: A truncation…
- CVE-2024-20317HIGHCVSS 7.4EG 7.42024-09-11
A vulnerability in the handling of specific Ethernet frames by Cisco IOS XR Software for various Cisco Network Convergence System (NCS) platforms could allow an unauthenticated, adjacent attacker to cause critical priority packets to be dr…
- CVE-2024-5005MEDIUMCVSS 4.3EG 4.32024-10-11
An issue has been discovered discovered in GitLab EE/CE affecting all versions starting from 11.4 before 17.2.9, all versions starting from 17.3 before 17.3.5, all versions starting from 17.4 before 17.4.2 It was possible for guest users t…
- CVE-2024-50357CRITICALCVSS 9.8EG 9.82024-11-29
FutureNet NXR series routers provided by Century Systems Co., Ltd. have REST-APIs, which are configured as disabled in the initial (factory default) configuration. But, REST-APIs are unexpectedly enabled when the affected product is powere…
- CVE-2024-6425CRITICALCVSS 9.1EG 9.12024-07-01
Incorrect Provision of Specified Functionality vulnerability in MESbook 20221021.03 version. An unauthenticated remote attacker can register user accounts without being authenticated from the route "/account/Register/" and in the parameter…
- CVE-2024-6502MEDIUMCVSS 5.7EG 5.72024-08-22
An issue was discovered in GitLab CE/EE affecting all versions starting from 8.2 prior to 17.1.6 starting from 17.2 prior to 17.2.4, and starting from 17.3 prior to 17.3.1, which allows an attacker to create a branch with the same name as …
- CVE-2024-8974LOWCVSS 2.6EG 2.62024-09-26
Information disclosure in Gitlab EE/CE affecting all versions from 15.6 prior to 17.2.8, 17.3 prior to 17.3.4, and 17.4 prior to 17.4.1 in specific conditions it was possible to disclose to an unauthorised user the path of a private projec…
Map vulnerabilities like CWE-684 to your infrastructure
EchelonGraph correlates every CVE — across CWE-684 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →