Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-358

CWE-358

Improperly Implemented Security Check for Standard

Parent: CWE-573 - Improper Following of Specification by Caller

The product does not implement or incorrectly implements one or more security-relevant checks as specified by the design of a standardized algorithm, protocol, or technique.

122 vulnerabilities with CWE-358

CVE-2021-34791 MEDIUM

Cisco Adaptive Security Appliance and Firepower Threat Defense - Unauthenticated NAT ALG Security Bypass

CVE-2021-34790 MEDIUM

Cisco Adaptive Security Appliance and Firepower Threat Defense - Unauthenticated NAT ALG Security Bypass

CVE-2021-31375 HIGH

Juniper Networks Junos OS <12.3R12-S18, <15.1R7-S9, <17.2 - RPKI Po...

CVE-2021-3448 MEDIUM

dnsmasq < 2.85 - DNS Cache Poisoning via Fixed Port Query Forwarding

CVE-2021-21387 HIGH

Wrongthink <2.3.0 - Info Disclosure

CVE-2020-9295 MEDIUM

Fortinet Antivirus Engine < 6.00145 - Malformed RAR Archive Detection Bypass

CVE-2020-10743 MEDIUM

OpenShift Container Platform - CSRF

CVE-2020-1761 MEDIUM

OpenShift <console-4 - Info Disclosure

CVE-2020-25686 LOW

dnsmasq < 2.83 - DNS Cache Poisoning via Birthday Attack

CVE-2020-25684 LOW

dnsmasq < 2.83 - DNS Cache Poisoning via Insufficient Query Attribute Matching

CVE-2020-8352 LOW

Lenovo Desktop Models - BIOS Configuration Change Detection Bypass

CVE-2020-1728 MEDIUM

Keycloak < 10.0.0 - Missing HTTP Security Headers in Admin Console

CVE-2020-7251 MEDIUM

McAfee ENS <10.6.1 - Info Disclosure

CVE-2019-14823 HIGH

JSS CryptoManager >4.4.6-4.6.0 - Privilege Escalation

CVE-2019-6742 CRITICAL

Samsung Galaxy S9 Firmware < 1.4.20.2 - Unauthenticated Remote Code Execution via GameServiceReceiver Update Mechanism

CVE-2019-3894 HIGH

Wildfly 11.0.0-15.0.0 - Security Identity Confusion via ElytronManagedThread

CVE-2019-3806 HIGH

PowerDNS Recursor >=4.1.3 <4.1.9 - Privilege Escalation

CVE-2018-20934 MEDIUM

cPanel 61.9999.55-70.0.22 - Unauthenticated E-mail Account Suspension Bypass

CVE-2018-16860 HIGH

Samba <4.8.12, <4.9.8, <4.10.3 - Privilege Escalation

CVE-2018-16857 HIGH

Samba 4.9.0-4.9.3 - Improperly Implemented Security Check for Standard

CVE-2018-7685 HIGH

libzypp < 17.5.0 - Improperly Implemented Security Check for Corrupted RPM Cache

CVE-2018-1243 HIGH

Dell EMC iDRAC6 <2.91 - iDRAC7/iDRAC8 <2.60.60.60 - iDRAC9 <3.21.21...

CVE-2018-0268 CRITICAL

Cisco DNA Center - Privilege Escalation

CVE-2018-1275 CRITICAL

Spring Framework 4.3.0-4.3.15 - Remote Code Execution via STOMP over WebSocket

CVE-2018-1270 CRITICAL

Spring Framework < 4.3.16 and 5.0 < 5.0.5 - Remote Code Execution via STOMP over WebSocket

Previous Page 4 of 5 Next

Details

Vulnerabilities 122

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy