Vulnerabilities > Always-Incorrect Control Flow Implementation
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-08-11 | CVE-2020-17466 | Always-Incorrect Control Flow Implementation vulnerability in Turcom Trcwifizone 20200810 Turcom TRCwifiZone through 2020-08-10 allows authentication bypass by visiting manage/control.php and ignoring 302 Redirect responses. | 9.8 |
2020-05-20 | CVE-2020-5753 | Always-Incorrect Control Flow Implementation vulnerability in Signal Signal Private Messenger Android v4.59.0 and up and iOS v3.8.1.5 and up allows a remote non-contact to ring a victim's Signal phone and disclose currently used DNS server due to ICE Candidate handling before call is answered or declined. | 5.3 |
2020-04-01 | CVE-2020-3885 | Always-Incorrect Control Flow Implementation vulnerability in Apple products A logic issue was addressed with improved restrictions. | 4.3 |
2020-03-20 | CVE-2020-9425 | Always-Incorrect Control Flow Implementation vulnerability in Rconfig An issue was discovered in includes/head.inc.php in rConfig before 3.9.4. | 7.5 |
2020-03-20 | CVE-2019-19324 | Always-Incorrect Control Flow Implementation vulnerability in Xmidt Cjwt 1.0.1 Xmidt cjwt through 1.0.1 before 2019-11-25 maps unsupported algorithms to alg=none, which sometimes leads to untrusted accidental JWT acceptance. | 7.5 |
2020-01-27 | CVE-2019-20430 | Always-Incorrect Control Flow Implementation vulnerability in Lustre In the Lustre file system before 2.12.3, the mdt module has an LBUG panic (via a large MDT Body eadatasize field) due to the lack of validation for specific fields of packets sent by a client. | 7.5 |
2020-01-09 | CVE-2014-2686 | Always-Incorrect Control Flow Implementation vulnerability in Redhat Ansible Ansible prior to 1.5.4 mishandles the evaluation of some strings. | 7.5 |
2019-12-11 | CVE-2019-19729 | Always-Incorrect Control Flow Implementation vulnerability in Bson-Objectid Project Bson-Objectid 1.3.0 An issue was discovered in the BSON ObjectID (aka bson-objectid) package 1.3.0 for Node.js. | 7.5 |
2019-10-05 | CVE-2019-17192 | Always-Incorrect Control Flow Implementation vulnerability in Signal Private Messenger The WebRTC component in the Signal Private Messenger application through 4.47.7 for Android processes videoconferencing RTP packets before a callee chooses to answer a call, which might make it easier for remote attackers to cause a denial of service or possibly have unspecified other impact via malformed packets. | 9.8 |
2019-04-22 | CVE-2019-11412 | Always-Incorrect Control Flow Implementation vulnerability in multiple products An issue was discovered in Artifex MuJS 1.0.5. | 7.5 |