CWE-682
Incorrect Calculation
Description
The product performs a calculation that generates incorrect or unintended results that are later used in security-critical decisions or resource management.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-128 · CAPEC-129
CVEs mapped to this weakness (64)
page 4 of 4| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-1026 | 0.00 | — | 0.03 | Apr 15, 2020 | A Security Feature Bypass vulnerability exists in the MSR JavaScript Cryptography Library that is caused by multiple bugs in the library’s Elliptic Curve Cryptography (ECC) implementation.An attacker could potentially abuse these bugs to learn information about a… | |||
| CVE-2018-20999 | — | 0.00 | — | 0.02 | Aug 26, 2019 | An issue was discovered in the orion crate before 0.11.2 for Rust. reset() calls cause incorrect results. | ||
| CVE-2017-2618 | Med | 0.00 | 5.5 | 0.00 | Jul 27, 2018 | A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10. An empty (null) write to this file can crash the system by causing the system to attempt to access unmapped kernel memory. | ||
| CVE-2011-3062 | 0.00 | — | 0.02 | Mar 30, 2012 | Off-by-one error in the OpenType Sanitizer in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted OpenType file. |
- CVE-2020-1026Apr 15, 2020risk 0.00cvss —epss 0.03
A Security Feature Bypass vulnerability exists in the MSR JavaScript Cryptography Library that is caused by multiple bugs in the library’s Elliptic Curve Cryptography (ECC) implementation.An attacker could potentially abuse these bugs to learn information about a…
- CVE-2018-20999Aug 26, 2019risk 0.00cvss —epss 0.02
An issue was discovered in the orion crate before 0.11.2 for Rust. reset() calls cause incorrect results.
- risk 0.00cvss 5.5epss 0.00
A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10. An empty (null) write to this file can crash the system by causing the system to attempt to access unmapped kernel memory.
- CVE-2011-3062Mar 30, 2012risk 0.00cvss —epss 0.02
Off-by-one error in the OpenType Sanitizer in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted OpenType file.