Vulnerabilities > Incorrect Comparison
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-22 | CVE-2020-23478 | Incorrect Comparison vulnerability in Leoeditor LEO 6.2.1 Leo Editor v6.2.1 was discovered to contain a regular expression denial of service (ReDoS) vulnerability in the component plugins/importers/dart.py. | 7.5 |
| 2021-09-20 | CVE-2021-39514 | Incorrect Comparison vulnerability in Jpeg Libjpeg An issue was discovered in libjpeg through 2020021. | 4.3 |
| 2021-09-08 | CVE-2021-1904 | Incorrect Comparison vulnerability in Qualcomm products Child process can leak information from parent process due to numeric pids are getting compared and these pid can be reused in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | 2.1 |
| 2021-08-24 | CVE-2021-32779 | Incorrect Comparison vulnerability in Envoyproxy Envoy Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. | 8.3 |
| 2021-08-06 | CVE-2021-37550 | Incorrect Comparison vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2021.2.16363, time-unsafe comparisons were used. | 5.0 |
| 2021-07-15 | CVE-2021-0295 | Incorrect Comparison vulnerability in Juniper Junos A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) of Juniper Networks Junos OS on the QFX10K Series switches allows an attacker to trigger a packet forwarding loop, leading to a partial Denial of Service (DoS). | 2.9 |
| 2021-07-12 | CVE-2021-27293 | Incorrect Comparison vulnerability in Restsharp RestSharp < 106.11.8-alpha.0.13 uses a regular expression which is vulnerable to Regular Expression Denial of Service (ReDoS) when converting strings into DateTimes. | 5.0 |
| 2021-06-30 | CVE-2021-35970 | Incorrect Comparison vulnerability in Voxmedia Coral Talk Talk 4 in Coral before 4.12.1 allows remote attackers to discover e-mail addresses and other sensitive information via GraphQL because permission checks use an incorrect data type. | 5.0 |
| 2021-06-30 | CVE-2021-35973 | Incorrect Comparison vulnerability in Netgear Wac104 Firmware 1.0.4.13 NETGEAR WAC104 devices before 1.0.4.15 are affected by an authentication bypass vulnerability in /usr/sbin/mini_httpd, allowing an unauthenticated attacker to invoke any action by adding the ¤tsetting.htm substring to the HTTP query, a related issue to CVE-2020-27866. | 10.0 |
| 2021-06-24 | CVE-2021-23999 | Incorrect Comparison vulnerability in Mozilla Thunderbird If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content. | 6.8 |