Vulnerabilities > Always-Incorrect Control Flow Implementation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-20 | CVE-2019-19324 | Always-Incorrect Control Flow Implementation vulnerability in Xmidt Cjwt 1.0.1 Xmidt cjwt through 1.0.1 before 2019-11-25 maps unsupported algorithms to alg=none, which sometimes leads to untrusted accidental JWT acceptance. | 7.5 |
| 2020-01-27 | CVE-2019-20430 | Always-Incorrect Control Flow Implementation vulnerability in Lustre In the Lustre file system before 2.12.3, the mdt module has an LBUG panic (via a large MDT Body eadatasize field) due to the lack of validation for specific fields of packets sent by a client. | 7.5 |
| 2020-01-09 | CVE-2014-2686 | Always-Incorrect Control Flow Implementation vulnerability in Redhat Ansible Ansible prior to 1.5.4 mishandles the evaluation of some strings. | 7.5 |
| 2019-12-11 | CVE-2019-19729 | Always-Incorrect Control Flow Implementation vulnerability in Bson-Objectid Project Bson-Objectid 1.3.0 An issue was discovered in the BSON ObjectID (aka bson-objectid) package 1.3.0 for Node.js. | 7.5 |
| 2019-10-05 | CVE-2019-17192 | Always-Incorrect Control Flow Implementation vulnerability in Signal Private Messenger The WebRTC component in the Signal Private Messenger application through 4.47.7 for Android processes videoconferencing RTP packets before a callee chooses to answer a call, which might make it easier for remote attackers to cause a denial of service or possibly have unspecified other impact via malformed packets. | 9.8 |
| 2019-04-22 | CVE-2019-11412 | Always-Incorrect Control Flow Implementation vulnerability in multiple products An issue was discovered in Artifex MuJS 1.0.5. | 7.5 |
| 2019-04-02 | CVE-2019-9946 | Always-Incorrect Control Flow Implementation vulnerability in multiple products Cloud Native Computing Foundation (CNCF) CNI (Container Networking Interface) 0.7.4 has a network firewall misconfiguration which affects Kubernetes. | 7.5 |
| 2018-11-12 | CVE-2018-19212 | Always-Incorrect Control Flow Implementation vulnerability in Webmproject Libwebm In libwebm through 2018-10-03, there is an abort caused by libwebm::Webm2Pes::InitWebmParser() that will lead to a DoS attack. | 6.5 |
| 2018-11-07 | CVE-2018-19058 | Always-Incorrect Control Flow Implementation vulnerability in multiple products An issue was discovered in Poppler 0.71.0. | 6.5 |
| 2018-09-10 | CVE-2018-16766 | Always-Incorrect Control Flow Implementation vulnerability in Webassembly Virtual Machine Project Webassembly Virtual Machine In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because Errors::unreachable() is reached. | 8.8 |