CWE-783
Operator Precedence Logic Error
Description
The product uses an expression in which operator precedence causes incorrect logic to be used.
Hierarchy (View 1000)
Parents
Children
none
CVEs mapped to this weakness (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-7270 | Hig | 0.51 | 7.8 | 0.00 | Apr 30, 2026 | An operator precedence bug in the kernel results in a scenario where a buffer overflow causes attacker-controlled data to overwrite adjacent execve(2) argument buffers. The bug may be exploitable by an unprivileged user to obtain superuser privileges. | ||
| CVE-2026-0209 | Med | 0.45 | — | 0.00 | Apr 14, 2026 | Under certain administrative conditions, FlashArray Purity may apply snapshot retention policies earlier or later than configured. | ||
| CVE-2025-24210 | Med | 0.36 | 5.5 | 0.00 | Mar 31, 2025 | A logic error was addressed with improved error handling. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. Parsing an image may lead to disclosure of user… | ||
| CVE-2024-27886 | Med | 0.36 | 5.5 | 0.00 | Jul 29, 2024 | A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sonoma 14.4, macOS Ventura 13.7. An unprivileged app may be able to log keystrokes in other apps including those using secure input mode. | ||
| CVE-2025-27512 | Low | 0.07 | — | 0.00 | Mar 17, 2025 | Zincati is an auto-update agent for Fedora CoreOS hosts. Zincati ships a polkit rule which allows the `zincati` system user to use the actions `org.projectatomic.rpmostree1.deploy` to deploy updates to the system and `org.projectatomic.rpmostree1.finalize-deployment` to reboot… |
- risk 0.51cvss 7.8epss 0.00
An operator precedence bug in the kernel results in a scenario where a buffer overflow causes attacker-controlled data to overwrite adjacent execve(2) argument buffers. The bug may be exploitable by an unprivileged user to obtain superuser privileges.
- risk 0.45cvss —epss 0.00
Under certain administrative conditions, FlashArray Purity may apply snapshot retention policies earlier or later than configured.
- risk 0.36cvss 5.5epss 0.00
A logic error was addressed with improved error handling. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. Parsing an image may lead to disclosure of user…
- risk 0.36cvss 5.5epss 0.00
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sonoma 14.4, macOS Ventura 13.7. An unprivileged app may be able to log keystrokes in other apps including those using secure input mode.
- risk 0.07cvss —epss 0.00
Zincati is an auto-update agent for Fedora CoreOS hosts. Zincati ships a polkit rule which allows the `zincati` system user to use the actions `org.projectatomic.rpmostree1.deploy` to deploy updates to the system and `org.projectatomic.rpmostree1.finalize-deployment` to reboot…