Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-436

CWE-436

Interpretation Conflict

Parent: CWE-435 - Improper Interaction Between Multiple Correctly-Behaving Entities

Product A handles inputs or steps differently than Product B, which causes A to perform incorrect actions based on its perception of B's state.

109 vulnerabilities with CWE-436

CVE-2022-38115 MEDIUM

SolarWinds Security Event Manager < 2022.2 - Insecure HTTP Method Exposure

CVE-2022-20915 HIGH

Cisco IOS XE - Unauthenticated Denial of Service via IPv6 VPN over MPLS with Zone-Based Firewall

CVE-2022-36051 HIGH

ZITADEL 1.42.0-1.87.0 and 2.0.0-2.1.9 - Unauthorized Authorization Grant via Actions Feature

CVE-2022-36048 MEDIUM

Zulip < 5.6 - Information Disclosure via Crafted Remote Image URL

CVE-2022-35962 HIGH

Zulip Mobile <27.189 - Info Disclosure

CVE-2022-29254 LOW

silverstripe-omnipay - Info Disclosure

CVE-2022-23773 HIGH

GO < 1.16.14 - Interpretation Conflict

CVE-2022-0011 MEDIUM

PAN-OS 8.1.0-8.1.20, 9.0.x, 9.1.0-9.1.11, 10.0.0-10.0.7, 10.1.0-10.1.2 & Prisma Access 2.1-2.2 URL Filtering Bypass

CVE-2021-45327 CRITICAL

Gitea < 1.11.2 - Remote Code Execution via HTTP Permission Method Trust

CVE-2021-34699 HIGH

Cisco IOS - Authenticated Denial of Service via TrustSec CLI Parser

CVE-2021-1587 HIGH

Cisco NX-OS - Denial of Service via TRILL OAM EtherType Packet Handling

CVE-2021-39137 MEDIUM

go-ethereum 1.10.0-1.10.8 - Consensus Chain Split via Interpretation Conflict

CVE-2021-28474 HIGH

Microsoft SharePoint Server - Remote Code Execution

CVE-2021-21366 MEDIUM

xmldom < 0.5.0 - XML Processing Syntax Manipulation via Malicious Document Parsing

CVE-2021-0207 HIGH

Juniper Junos OS - Denial of Service via Malformed Traffic Handling

CVE-2020-3564 MEDIUM

Cisco ASA & FTD FTP Inspection Bypass via Flow Tracking

CVE-2020-3200 HIGH

Cisco IOS - Authenticated Denial of Service via SSH Connection State Machine

CVE-2020-10134 MEDIUM

Bluetooth Core < 5.2 - Unauthenticated Credential Acquisition via Pairing Method Confusion

CVE-2020-10193 HIGH

ESET Cyber Security < 1294 - Virus Detection Bypass via Crafted RAR Compression Information

CVE-2020-10180 CRITICAL

ESET Cyber Security < 1294 - Virus Detection Bypass via Crafted BZ2 Checksum

CVE-2020-9399 MEDIUM

Avast Antivirus < 12.0 - Virus Detection Bypass via Crafted ZIP Archive

CVE-2020-9363 HIGH

Sophos Cloud Optix < 2020-01-14 - Virus Detection Bypass via Crafted ZIP Archive

CVE-2020-9362 HIGH

Quick Heal AntiVirus Products - Virus Detection Bypass via Malformed ZIP Archive GPFLAG

CVE-2020-9342 MEDIUM

F-Secure Cloud Protection < 17.0.605.474 - Virus Detection Bypass via GZIP

CVE-2020-9264 MEDIUM

ESET Cyber Security < 1296 - Virus Detection Bypass via ZIP Archive Compression Information Field

Previous Page 4 of 5 Next

Details

Vulnerabilities 109

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy