Vulnerabilities > Incorrect Comparison
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-26 | CVE-2020-25580 | Incorrect Comparison vulnerability in Freebsd 11.4/12.2 In FreeBSD 12.2-STABLE before r369346, 11.4-STABLE before r369345, 12.2-RELEASE before p4 and 11.4-RELEASE before p8 a regression in the login.access(5) rule processor has the effect of causing rules to fail to match even when they should not. | 5.3 |
| 2021-01-27 | CVE-2020-23360 | Incorrect Comparison vulnerability in Oscommerce 2.3.4.1 oscommerce v2.3.4.1 has a functional problem in user registration and password rechecking, where a non-identical password can bypass the checks in /catalog/admin/administrators.php and /catalog/password_reset.php | 9.8 |
| 2021-01-27 | CVE-2020-23359 | Incorrect Comparison vulnerability in Webidsupport Webid 1.2.2 WeBid 1.2.2 admin/newuser.php has an issue with password rechecking during registration because it uses a loose comparison to check the identicalness of two passwords. | 9.8 |
| 2021-01-11 | CVE-2020-13559 | Incorrect Comparison vulnerability in Freyrscada Iec-60879-5-104 Server Simulator 21.04.028 A denial-of-service vulnerability exists in the traffic-logging functionality of FreyrSCADA IEC-60879-5-104 Server Simulator 21.04.028. | 7.5 |
| 2021-01-11 | CVE-2021-3116 | Incorrect Comparison vulnerability in Proxy.Py Project Proxy.Py before_upstream_connection in AuthPlugin in http/proxy/auth.py in proxy.py before 2.3.1 accepts incorrect Proxy-Authorization header data because of a boolean confusion (and versus or). | 7.5 |
| 2020-11-24 | CVE-2019-20925 | Incorrect Comparison vulnerability in Mongodb An unauthenticated client can trigger denial of service by issuing specially crafted wire protocol messages, which cause the message decompressor to incorrectly allocate memory. | 7.5 |
| 2020-09-02 | CVE-2020-15811 | Incorrect Comparison vulnerability in multiple products An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. | 6.5 |
| 2020-07-30 | CVE-2020-15131 | Incorrect Comparison vulnerability in Simpleledger Slp-Validate 1.0.0/1.2.1 In SLP Validate (npm package slp-validate) before version 1.2.2, there is a vulnerability to false-positive validation outcomes for the NFT1 Child Genesis transaction type. | 7.5 |
| 2020-07-30 | CVE-2020-15130 | Incorrect Comparison vulnerability in Simpleledger Slpjs In SLPJS (npm package slpjs) before version 0.27.4, there is a vulnerability to false-positive validation outcomes for the NFT1 Child Genesis transaction type. | 7.5 |
| 2020-05-25 | CVE-2020-13485 | Incorrect Comparison vulnerability in Verbb Knock The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP header. | 9.1 |