Vulnerabilities > Incorrect Comparison
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-15 | CVE-2021-0295 | Incorrect Comparison vulnerability in Juniper Junos A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) of Juniper Networks Junos OS on the QFX10K Series switches allows an attacker to trigger a packet forwarding loop, leading to a partial Denial of Service (DoS). | 2.9 |
| 2021-07-12 | CVE-2021-27293 | Incorrect Comparison vulnerability in Restsharp RestSharp < 106.11.8-alpha.0.13 uses a regular expression which is vulnerable to Regular Expression Denial of Service (ReDoS) when converting strings into DateTimes. | 5.0 |
| 2021-06-30 | CVE-2021-35970 | Incorrect Comparison vulnerability in Voxmedia Coral Talk Talk 4 in Coral before 4.12.1 allows remote attackers to discover e-mail addresses and other sensitive information via GraphQL because permission checks use an incorrect data type. | 5.0 |
| 2021-06-30 | CVE-2021-35973 | Incorrect Comparison vulnerability in Netgear Wac104 Firmware 1.0.4.13 NETGEAR WAC104 devices before 1.0.4.15 are affected by an authentication bypass vulnerability in /usr/sbin/mini_httpd, allowing an unauthenticated attacker to invoke any action by adding the ¤tsetting.htm substring to the HTTP query, a related issue to CVE-2020-27866. | 10.0 |
| 2021-06-24 | CVE-2021-23999 | Incorrect Comparison vulnerability in Mozilla Thunderbird If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content. | 6.8 |
| 2021-06-01 | CVE-2020-1920 | Incorrect Comparison vulnerability in Facebook React-Native A regular expression denial of service (ReDoS) vulnerability in the validateBaseUrl function can cause the application to use excessive resources, become unresponsive, or crash. | 7.5 |
| 2021-04-28 | CVE-2020-22784 | Incorrect Comparison vulnerability in Etherpad Ueberdb In Etherpad UeberDB < 0.4.4, due to MySQL omitting trailing spaces on char / varchar columns during comparisons, retrieving database records using UeberDB's MySQL connector could allow bypassing access controls enforced on key names. | 5.0 |
| 2021-03-26 | CVE-2020-25580 | Incorrect Comparison vulnerability in Freebsd 11.4/12.2 In FreeBSD 12.2-STABLE before r369346, 11.4-STABLE before r369345, 12.2-RELEASE before p4 and 11.4-RELEASE before p8 a regression in the login.access(5) rule processor has the effect of causing rules to fail to match even when they should not. | 5.0 |
| 2021-03-23 | CVE-2021-20219 | Incorrect Comparison vulnerability in Linux Kernel A denial of service vulnerability was found in n_tty_receive_char_special in drivers/tty/n_tty.c of the Linux kernel. | 2.1 |
| 2021-01-27 | CVE-2020-23361 | Incorrect Comparison vulnerability in PHPlist 3.5.3 phpList 3.5.3 allows type juggling for login bypass because == is used instead of === for password hashes, which mishandles hashes that begin with 0e followed by exclusively numerical characters. | 7.5 |