VYPR

CWE-358

Improperly Implemented Security Check for Standard

BaseDraft

Description

The product does not implement or incorrectly implements one or more security-relevant checks as specified by the design of a standardized algorithm, protocol, or technique.

Hierarchy (View 1000)

Children

none

CVEs mapped to this weakness (55)

page 1 of 3
  • CVE-2018-0268CriMay 17, 2018
    risk 0.65cvss 10.0epss 0.05

    A vulnerability in the container management subsystem of Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to bypass authentication and gain elevated privileges. This vulnerability is due to an insecure default configuration of the…

  • CVE-2018-1270CriApr 6, 2018
    risk 0.63cvss 9.8epss 0.77

    Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker)…

  • CVE-2018-1275CriApr 11, 2018
    risk 0.61cvss 9.8epss 0.58

    Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.16 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker)…

  • CVE-2016-10229CriApr 4, 2017
    risk 0.58cvss 9.8epss 0.13

    udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSG_PEEK flag.

  • CVE-2025-66600HigFeb 9, 2026
    risk 0.57cvss epss 0.00

    A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product lacks HSTS (HTTP Strict Transport Security) configuration. When an attacker performs a Man in the middle (MITM) attack, communications with the web server could be sniffed. …

  • CVE-2017-15663HigJan 10, 2018
    risk 0.53cvss 7.5epss 0.13

    In Flexense Disk Pulse Enterprise v10.1.18, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVER_GET_INFO packet sent to control port 9120.

  • CVE-2017-15665HigJan 10, 2018
    risk 0.52cvss 7.5epss 0.09

    In Flexense DiskBoss Enterprise 8.5.12, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVER_GET_INFO packet sent to control port 8094.

  • CVE-2017-15664HigJan 10, 2018
    risk 0.52cvss 7.5epss 0.09

    In Flexense Sync Breeze Enterprise v10.1.16, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVER_GET_INFO packet sent to control port 9121.

  • CVE-2017-15662HigJan 10, 2018
    risk 0.52cvss 7.5epss 0.09

    In Flexense VX Search Enterprise v10.1.12, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVER_GET_INFO packet sent to control port 9123.

  • CVE-2024-27842HigMay 14, 2024
    risk 0.51cvss 7.8epss 0.00

    The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5. An app may be able to execute arbitrary code with kernel privileges.

  • CVE-2018-7685HigAug 31, 2018
    risk 0.51cvss 7.8epss 0.00

    The decoupled download and installation steps in libzypp before 17.5.0 could lead to a corrupted RPM being left in the cache, where a later call would not display the corrupted RPM warning and allow installation, a problem caused by malicious warnings only displayed during…

  • CVE-2026-1486HigFeb 9, 2026
    risk 0.50cvss 8.8epss 0.00

    A flaw was found in Keycloak. A vulnerability exists in the jwt-authorization-grant flow where the server fails to verify if an Identity Provider (IdP) is enabled before issuing tokens. The issuer lookup mechanism (lookupIdentityProviderFromIssuer) retrieves the IdP…

  • CVE-2018-1243HigJul 2, 2018
    risk 0.49cvss 7.5epss 0.02

    Dell EMC iDRAC6, versions prior to 2.91, iDRAC7/iDRAC8, versions prior to 2.60.60.60 and iDRAC9, versions prior to 3.21.21.21, contain a weak CGI session ID vulnerability. The sessions invoked via CGI binaries use 96-bit numeric-only session ID values, which makes it easier for…

  • CVE-2017-15107HigJan 23, 2018
    risk 0.49cvss 7.5epss 0.03

    A vulnerability was found in the implementation of DNSSEC in Dnsmasq up to and including 2.78. Wildcard synthesized NSEC records could be improperly interpreted to prove the non-existence of hostnames that actually exist.

  • CVE-2017-7177HigMar 18, 2017
    risk 0.49cvss 7.5epss 0.01

    Suricata before 3.2.1 has an IPv4 defragmentation evasion issue caused by lack of a check for the IP protocol during fragment matching.

  • CVE-2016-3017HigFeb 1, 2017
    risk 0.49cvss 7.5epss 0.02

    IBM Security Access Manager for Web could allow a remote attacker to obtain sensitive information due to security misconfigurations.

  • CVE-2024-27758HigMar 12, 2024
    risk 0.48cvss 8.4epss 0.01

    In RPyC before 6.0.0, when a server exposes a method that calls the attribute named __array__ for a client-provided netref (e.g., np.array(client_netref)), a remote attacker can craft a class that results in remote code execution.

  • CVE-2025-32086HigAug 12, 2025
    risk 0.47cvss 7.2epss 0.00

    Improperly implemented security check for standard in the DDRIO configuration for some Intel(R) Xeon(R) 6 Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2024-2617HigApr 30, 2024
    risk 0.47cvss 7.2epss 0.01

    A vulnerability exists in the RTU500 that allows for authenticated and authorized users to bypass secure update, if secure update feature was not enabled on all CMUs of a RTU500. If a malicious actor successfully exploits this vulnerability, they could use it to update the…

  • CVE-2017-15091HigJan 23, 2018
    risk 0.46cvss 7.1epss 0.01

    An issue has been found in the API component of PowerDNS Authoritative 4.x up to and including 4.0.4 and 3.x up to and including 3.4.11, where some operations that have an impact on the state of the server are still allowed even though the API has been configured as read-only…