Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-358

CWE-358

Improperly Implemented Security Check for Standard

Parent: CWE-573 - Improper Following of Specification by Caller

The product does not implement or incorrectly implements one or more security-relevant checks as specified by the design of a standardized algorithm, protocol, or technique.

122 vulnerabilities with CWE-358

CVE-2024-27842 HIGH

macOS Sonoma <14.5 - Privilege Escalation

CVE-2024-2617 HIGH

Hitachi Energy RTU500 CMU Firmware 13.2.1-13.2.6, 13.4.1-13.4.3, 13.5.1-13.5.2 - Authenticated Firmware Update Bypass

CVE-2024-3845 MEDIUM

Google Chrome <124.0.6367.60 - CSRF

CVE-2024-3844 MEDIUM

Google Chrome < 124.0.6367.60 - UI Spoofing via Crafted Chrome Extension

CVE-2024-3838 MEDIUM

Google Chrome < 124.0.6367.60 - UI Spoofing via Autofill

CVE-2024-25545 HIGH

Weave Desktop 7.78.10-7.84.1 - Local Code Execution via nwjs Framework Script Injection

CVE-2024-23592 MEDIUM

Lenovo Synaptics Fingerprint Readers - Authentication Bypass via Fingerprint Replay

CVE-2024-2174 HIGH

Google Chrome <122.0.6261.111 - Heap Corruption

CVE-2023-2585 LOW

Keycloak - Auth Bypass

CVE-2023-40445 HIGH

iPadOS 17.0 - Improperly Implemented Security Check for Standard

CVE-2023-4501 CRITICAL

OpenText (Micro Focus) Visual COBOL <9.0 - Auth Bypass

CVE-2023-3266 CRITICAL

CypberPower PowerPanel Enterprise - Auth Bypass

CVE-2023-39403 CRITICAL

Huawei EMUI and HarmonyOS - Improper Authorization in installd Module

CVE-2023-28601 HIGH

Zoom for Windows <5.14.0 - Memory Corruption

CVE-2023-28113 MEDIUM

russh <0.36.2-0.37.1 - Info Disclosure

CVE-2023-22393 HIGH

Juniper Networks Junos OS/Junos OS Evolved - DoS

CVE-2022-38732 HIGH

SnapCenter < 4.7 - Missing Content Security Policy

CVE-2022-2324 HIGH

SonicWall Hosted Email Security <10.0.17.7319 - Info Disclosure

CVE-2022-27220 MEDIUM

SINEMA Remote Connect Server < V3.0 SP2 - Info Disclosure

CVE-2022-27219 MEDIUM

SINEMA Remote Connect Server < V3.0 SP2 - Info Disclosure

CVE-2022-25152 CRITICAL

ITarian < 6.35.37347.20040 - Authenticated Arbitrary Code Execution via Procedure Approval Bypass

CVE-2022-22156 MEDIUM

Juniper Networks Junos OS - Privilege Escalation

CVE-2021-26105 MEDIUM

FortiSandbox <= 3.1.4 and <= 3.2.2 - Authenticated Stack-Based Buffer Overflow via Profile Parser

CVE-2021-26328 MEDIUM

AMD EPYC 7003 Series Firmware < milanpi_1.0.0.8 - Memory Integrity Loss via SNP_INIT Execution Mode Check Bypass

CVE-2021-42017 MEDIUM

Siemens RUGGEDCOM ROS - Improper Certificate Validation via CBC Encryption Mode

Previous Page 3 of 5 Next

Details

Vulnerabilities 122

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy