Vulnerabilities > Always-Incorrect Control Flow Implementation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-07 | CVE-2021-3011 | Always-Incorrect Control Flow Implementation vulnerability in multiple products An electromagnetic-wave side-channel issue was discovered on NXP SmartMX / P5x security microcontrollers and A7x secure authentication microcontrollers, with CryptoLib through v2.9. | 4.2 |
| 2020-12-18 | CVE-2020-35477 | Always-Incorrect Control Flow Implementation vulnerability in multiple products MediaWiki before 1.35.1 blocks legitimate attempts to hide log entries in some situations. | 5.3 |
| 2020-10-08 | CVE-2020-1914 | Always-Incorrect Control Flow Implementation vulnerability in Facebook Hermes A logic vulnerability when handling the SaveGeneratorLong instruction in Facebook Hermes prior to commit b2021df620824627f5a8c96615edbd1eb7fdddfc allows attackers to potentially read out of bounds or theoretically execute arbitrary code via crafted JavaScript. | 9.8 |
| 2020-10-08 | CVE-2020-3596 | Always-Incorrect Control Flow Implementation vulnerability in Cisco products A vulnerability in the Session Initiation Protocol (SIP) of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
| 2020-09-23 | CVE-2020-25603 | Always-Incorrect Control Flow Implementation vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 7.8 |
| 2020-09-23 | CVE-2020-25598 | Always-Incorrect Control Flow Implementation vulnerability in multiple products An issue was discovered in Xen 4.14.x. | 5.5 |
| 2020-08-11 | CVE-2020-17466 | Always-Incorrect Control Flow Implementation vulnerability in Turcom Trcwifizone 20200810 Turcom TRCwifiZone through 2020-08-10 allows authentication bypass by visiting manage/control.php and ignoring 302 Redirect responses. | 9.8 |
| 2020-05-20 | CVE-2020-5753 | Always-Incorrect Control Flow Implementation vulnerability in Signal Signal Private Messenger Android v4.59.0 and up and iOS v3.8.1.5 and up allows a remote non-contact to ring a victim's Signal phone and disclose currently used DNS server due to ICE Candidate handling before call is answered or declined. | 5.3 |
| 2020-04-01 | CVE-2020-3885 | Always-Incorrect Control Flow Implementation vulnerability in Apple products A logic issue was addressed with improved restrictions. | 4.3 |
| 2020-03-20 | CVE-2020-9425 | Always-Incorrect Control Flow Implementation vulnerability in Rconfig An issue was discovered in includes/head.inc.php in rConfig before 3.9.4. | 7.5 |