Vulnerabilities > Always-Incorrect Control Flow Implementation

DATE CVE VULNERABILITY TITLE RISK
2024-12-04 CVE-2024-53134 Always-Incorrect Control Flow Implementation vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx93-blk-ctrl: correct remove path The check condition should be 'i < bc->onecell_data.num_domains', not 'bc->onecell_data.num_domains' which will make the look never finish and cause kernel panic. Also disable runtime to address "imx93-blk-ctrl 4ac10000.system-controller: Unbalanced pm_runtime_enable!"
local
low complexity
linux CWE-670
5.5
2024-10-21 CVE-2024-47745 Always-Incorrect Control Flow Implementation vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: mm: call the security_mmap_file() LSM hook in remap_file_pages() The remap_file_pages syscall handler calls do_mmap() directly, which doesn't contain the LSM security check.
local
low complexity
linux CWE-670
7.8
2024-10-11 CVE-2024-25622 Always-Incorrect Control Flow Implementation vulnerability in Dena H2O
h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3.
network
low complexity
dena CWE-670
4.3
2024-10-10 CVE-2024-47168 Always-Incorrect Control Flow Implementation vulnerability in Gradio Project Gradio
Gradio is an open-source Python package designed for quick prototyping.
network
low complexity
gradio-project CWE-670
4.3
2024-09-25 CVE-2024-20480 Always-Incorrect Control Flow Implementation vulnerability in Cisco IOS XE
A vulnerability in the DHCP Snooping feature of Cisco IOS XE Software on Software-Defined Access (SD-Access) fabric edge nodes could allow an unauthenticated, remote attacker to cause high CPU utilization on an affected device, resulting in a denial of service (DoS) condition that requires a manual reload to recover.
network
low complexity
cisco CWE-670
8.6
2024-09-02 CVE-2024-45311 Always-Incorrect Control Flow Implementation vulnerability in Quinn Project Quinn
Quinn is a pure-Rust, async-compatible implementation of the IETF QUIC transport protocol.
network
low complexity
quinn-project CWE-670
7.5
2024-08-31 CVE-2024-45304 Always-Incorrect Control Flow Implementation vulnerability in Openzeppelin Contracts
Cairo-Contracts are OpenZeppelin Contracts written in Cairo for Starknet, a decentralized ZK Rollup.
network
low complexity
openzeppelin CWE-670
6.5
2024-06-13 CVE-2024-32896 Always-Incorrect Control Flow Implementation vulnerability in Google Android
there is a possible way to bypass due to a logic error in the code.
local
low complexity
google CWE-670
7.8
2024-06-06 CVE-2024-37153 Always-Incorrect Control Flow Implementation vulnerability in Evmos
Evmos is the Ethereum Virtual Machine (EVM) Hub on the Cosmos Network.
network
low complexity
evmos CWE-670
7.5
2024-01-12 CVE-2023-31211 Always-Incorrect Control Flow Implementation vulnerability in multiple products
Insufficient authentication flow in Checkmk before 2.2.0p18, 2.1.0p38 and 2.0.0p39 allows attacker to use locked credentials
network
low complexity
tribe29 checkmk CWE-670
6.5