Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-684

CWE-684

Incorrect Provision of Specified Functionality

Parent: CWE-710 - Improper Adherence to Coding Standards

The code does not function according to its published specifications, potentially leading to incorrect usage.

27 vulnerabilities with CWE-684

CVE-2026-44597 LOW

Tor < 0.4.9.7 - Out-of-Bounds Read via Malformed END/TRUNCATE/TRUNCATED Cell

CVE-2026-40685 MEDIUM

Exim < 4.99.2 - Heap-Based Buffer Overflow via Malformed JSON Header Processing

CVE-2026-40684 MEDIUM

Exim < 4.99.2 - Denial of Service via Malformed DNS PTR Record

CVE-2026-42255 HIGH

Technitium DnsServer < 15.0.0 - DNS Traffic Amplification via Cyclic Name Server Delegation

CVE-2026-35381 LOW

uutils coreutils cut Local Logic Error and Data Integrity Issue in Output Filtering

CVE-2026-35379 LOW

uutils coreutils tr Local Logic Error and Data Integrity Issue in Character Class Handling

CVE-2026-34478 HIGH

Apache Log4j Core: Log injection in Rfc5424Layout due to silent configuration incompatibility

CVE-2026-3598 HIGH

RustDesk Server Pro <=1.7.5 - Info Disclosure

CVE-2026-30791 HIGH

RustDesk Client <1.4.5 - Info Disclosure

CVE-2025-66384 HIGH

MISP < 2.5.24 - Invalid File Upload Validation in EventsController

CVE-2025-55174 LOW

KDE Skanpage <25.08.0 - Info Disclosure

CVE-2025-58325 HIGH

FortiOS <7.6.0 - Privilege Escalation

CVE-2025-54568 LOW

Akamai Rate Control alpha-2025 - Incorrect Rate Limiting via Per-Node Accounting

CVE-2025-54567 MEDIUM

QEMU < 10.0.3 - Incorrect VF Enable Bit Write Mask Handling

CVE-2025-47227 HIGH

Netmake ScriptCase <9.12.006 - Auth Bypass

CVE-2024-50357 CRITICAL

FutureNet NXR-G110 21.15.7-21.15.9 & NXR-G050 21.12.5-21.12.11 - Unauthenticated REST-API Access via Default Credentials

CVE-2024-5005 MEDIUM

GitLab EE/CE <17.2.9-17.4.2 - Info Disclosure

CVE-2024-8974 LOW

GitLab 15.6-17.2.7, 17.3-17.3.3, 17.4-17.4.0 - Unauthenticated Private Project Path Disclosure

CVE-2024-20317 HIGH

Cisco IOS XR - Unauthenticated Denial of Service via Ethernet Frame Classification

CVE-2024-6502 MEDIUM

GitLab CE/EE <17.1.6-17.2.4-17.3.1 - Info Disclosure

CVE-2024-6425 CRITICAL

MESbook 20221021.03 - Info Disclosure

CVE-2023-5363 HIGH

OpenSSL 3.0.0-3.0.11 and 3.1.0-3.1.3 - Loss of Confidentiality via IV Truncation in Symmetric Cipher Initialization

CVE-2023-4258 HIGH

Zephyr < 3.4.0 - Bluetooth Mesh Provisioning Authentication Bypass via Public Key Reuse

CVE-2023-5158 MEDIUM

Linux Kernel < 5.12.19 - Denial of Service via Zero Length Descriptor in vringh_kiov_advance

CVE-2023-24845 CRITICAL

Siemens RUGGEDCOM ROS < 4.3.8 - Unauthenticated Network Traffic Injection via Mirror Port

Page 1 of 2 Next

Details

Vulnerabilities 27

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy