Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-670

CWE-670

Always-Incorrect Control Flow Implementation

Parent: CWE-691 - Insufficient Control Flow Management

The code contains a control flow path that does not reflect the algorithm that the path is intended to implement, leading to incorrect behavior any time this path is navigated.

134 vulnerabilities with CWE-670

CVE-2024-32896 HIGH KEV

Android - Local Privilege Escalation via Logic Error

CVE-2024-37153 HIGH

evmos < 18.1.0 - Always-Incorrect Control Flow Implementation in ICS20 Transfer

CVE-2024-35195 MEDIUM

Requests < 2.32.0 - Always-Incorrect Control Flow Implementation in Session Certificate Verification

CVE-2024-35312 MEDIUM

Tor Arti 1.2.2 - Always-Incorrect Control Flow Implementation

CVE-2024-35190 MEDIUM

Asterisk <18.23.0 - Info Disclosure

CVE-2024-32971 CRITICAL

Apollo Router - Unintended Operations

CVE-2024-33431 MEDIUM

phiola v2.0-rc22 - Denial of Service via Crafted WAV File

CVE-2024-3376 HIGH

SourceCodester Computer Laboratory Management System 1.0 - RCE

CVE-2024-30246 HIGH

Tuleap 14.11.99.34-15.7.99.5, 14.12-1-14.12-5 - Unauthenticated Information Disclosure and Data Deletion

CVE-2024-0313 MEDIUM

Temporary Bypass - Privilege Escalation

CVE-2023-52781 MEDIUM

Linux Kernel 3.16.79-3.17 - Always-Incorrect Control Flow Implementation in BOS Descriptor Parsing

CVE-2023-52742 MEDIUM

Linux Kernel 2.6.14-4.14.306 - Incorrect Control Flow Implementation in plusb.c

CVE-2023-46840 MEDIUM

Xen >= 4.17 - Always-Incorrect Control Flow Implementation

CVE-2023-31211 HIGH

Checkmk <2.2.0p18-2.0.0p39 - Auth Bypass

CVE-2023-49798 MEDIUM

OpenZeppelin Contracts <4.9.4 - Info Disclosure

CVE-2023-41338 MEDIUM

Fiber < 2.49.2 - Unauthenticated Localhost Access Control Bypass via X-Forwarded-For Header

CVE-2023-23623 HIGH

Electron 22.0.0-beta.1-22.0.0 - Always-Incorrect Control Flow Implementation via Disabled Sandbox

CVE-2023-41058 HIGH

Parse Server < 5.5.5 - Always-Incorrect Control Flow Implementation in beforeFind Trigger

CVE-2023-41052 LOW

vyperlang/vyper < 0.3.9 and pypi/vyper < 0.3.10rc1 - Always-Incorrect Control Flow Implementation in Builtin Functions

CVE-2023-40015 LOW

vyperlang/vyper < 0.3.9 - Always-Incorrect Control Flow Implementation

CVE-2023-41376 HIGH

Nokia SR OS/SR Linux <22.10 - Info Disclosure

CVE-2023-28711 MEDIUM

Intel Hyperscan Library < 5.4.1 - Authenticated Denial of Service via Local Access

CVE-2023-39152 MEDIUM

Jenkins Gradle Plugin 2.8 - Info Disclosure

CVE-2023-32675 LOW

vyperlang/vyper < 0.3.8 - Incorrect Fund Transfer via Nonpayable Default Function

CVE-2023-30629 HIGH

vyper 0.3.1-0.3.7 - Always-Incorrect Control Flow Implementation in raw_call

Previous Page 3 of 6 Next

Details

Vulnerabilities 134

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy