Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-670

CWE-670

Always-Incorrect Control Flow Implementation

Parent: CWE-691 - Insufficient Control Flow Management

The code contains a control flow path that does not reflect the algorithm that the path is intended to implement, leading to incorrect behavior any time this path is navigated.

134 vulnerabilities with CWE-670

CVE-2023-1668 HIGH

Open vSwitch 1.5.0-2.13.10 - Always-Incorrect Control Flow Implementation in IP Packet Handling

CVE-2023-20558 HIGH

AmdCpmOemSmm - Privilege Escalation

CVE-2023-0400 MEDIUM

DLP for Windows <11.10.0 - Privilege Escalation

CVE-2023-20921 HIGH

Android - Local Privilege Escalation via AccessibilityManagerService Logic Error

CVE-2023-20915 HIGH

Android - Local Privilege Escalation via PhoneAccountRegistrar Logic Error

CVE-2022-49393 MEDIUM

Linux Kernel 5.18-5.18.2 - Denial of Service via Incorrect List Iterator in fastrpc_req_mem_unmap_impl

CVE-2022-29609 MEDIUM

ONOS 2.5.1 - Always-Incorrect Control Flow Implementation in Intent Framework

CVE-2022-29607 HIGH

ONOS 2.5.1 - Always-Incorrect Control Flow Implementation in Intent Framework

CVE-2022-29605 HIGH

ONOS 2.5.1 - Always-Incorrect Control Flow Implementation in IntentManager

CVE-2022-25745 CRITICAL

Qualcomm Modem Firmware - Memory Corruption via CoAP Message Handling

CVE-2022-2993 HIGH

Zephyrproject Zephyr Project Zephyr <= 3.1.0 - Insufficient Condition Check in smp_check_keys

CVE-2022-41884 MEDIUM

TensorFlow < 2.8.4 - Denial of Service via Numpy Array Shape Validation

CVE-2022-45196 HIGH

Hyperledger Fabric 2.3 - Denial of Service via Crafted Channel Transaction

CVE-2022-39354 MEDIUM

SputnikVM <0.36.0 - Info Disclosure

CVE-2022-26461 MEDIUM

Android - Local Privilege Escalation via vow API Misuse

CVE-2022-35917 MEDIUM

Solana Pay <0.2.1 - Info Disclosure

CVE-2022-31111 MEDIUM

Frontier - Incorrect Balance Conversion in EVM Compatibility Layer

CVE-2022-31116 HIGH

ultrajson < 5.4.0 - Key Confusion and Value Overwrite via Improper Surrogate Pair Decoding

CVE-2022-31017 LOW

Zulip 2.1.0-5.2 - Unauthorized Message Exposure via Stream Edit Event

CVE-2022-29255 HIGH

vyper < 0.3.4 - Always-Incorrect Control Flow Implementation in External Contract Calls

CVE-2022-26890 HIGH

F5 BIG-IP <16.1.2.1, <15.1.5, <14.1.4.6, <13.1.5 - DoS

CVE-2022-21655 HIGH

envoyproxy/envoy < 1.18.6 - Denial of Service via Internal Redirect to Direct Response Route

CVE-2022-21679 MEDIUM

Istio 1.12.0-1.12.1 - Authorization Policy Bypass via Incorrect Envoy API Usage

CVE-2021-43819 HIGH

Stargate-Bukkit <0.11.5.1 - Info Disclosure

CVE-2021-45852 MEDIUM

Projectworlds Hospital Management System 1.0 - Info Disclosure

Previous Page 4 of 6 Next

Details

Vulnerabilities 134

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy