Vulnerabilities > Always-Incorrect Control Flow Implementation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-08 | CVE-2020-3596 | Always-Incorrect Control Flow Implementation vulnerability in Cisco products A vulnerability in the Session Initiation Protocol (SIP) of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
| 2020-09-23 | CVE-2020-25603 | Always-Incorrect Control Flow Implementation vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 7.8 |
| 2020-09-23 | CVE-2020-25598 | Always-Incorrect Control Flow Implementation vulnerability in multiple products An issue was discovered in Xen 4.14.x. | 5.5 |
| 2020-08-11 | CVE-2020-17466 | Always-Incorrect Control Flow Implementation vulnerability in Turcom Trcwifizone 20200810 Turcom TRCwifiZone through 2020-08-10 allows authentication bypass by visiting manage/control.php and ignoring 302 Redirect responses. | 9.8 |
| 2020-05-20 | CVE-2020-5753 | Always-Incorrect Control Flow Implementation vulnerability in Signal Signal Private Messenger Android v4.59.0 and up and iOS v3.8.1.5 and up allows a remote non-contact to ring a victim's Signal phone and disclose currently used DNS server due to ICE Candidate handling before call is answered or declined. | 5.3 |
| 2020-04-01 | CVE-2020-3885 | Always-Incorrect Control Flow Implementation vulnerability in Apple products A logic issue was addressed with improved restrictions. | 4.3 |
| 2020-03-20 | CVE-2020-9425 | Always-Incorrect Control Flow Implementation vulnerability in Rconfig An issue was discovered in includes/head.inc.php in rConfig before 3.9.4. | 7.5 |
| 2020-03-20 | CVE-2019-19324 | Always-Incorrect Control Flow Implementation vulnerability in Xmidt Cjwt 1.0.1 Xmidt cjwt through 1.0.1 before 2019-11-25 maps unsupported algorithms to alg=none, which sometimes leads to untrusted accidental JWT acceptance. | 7.5 |
| 2020-01-27 | CVE-2019-20430 | Always-Incorrect Control Flow Implementation vulnerability in Lustre In the Lustre file system before 2.12.3, the mdt module has an LBUG panic (via a large MDT Body eadatasize field) due to the lack of validation for specific fields of packets sent by a client. | 7.5 |
| 2020-01-09 | CVE-2014-2686 | Always-Incorrect Control Flow Implementation vulnerability in Redhat Ansible Ansible prior to 1.5.4 mishandles the evaluation of some strings. | 7.5 |