Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-697

CWE-697

Incorrect Comparison

The product compares two entities in a security-relevant context, but the comparison is incorrect.

150 vulnerabilities with CWE-697

CVE-2024-6641 MEDIUM

WP Hardening - Security Feature Bypass

CVE-2024-41657 HIGH

Casdoor <= 1.577.0 - Authenticated Cross-Origin Request Forgery via Origin Header Prefix Check

CVE-2024-41958 MEDIUM

mailcow < 2024-07 - Authenticated Two-Factor Authentication Bypass

CVE-2024-32862 MEDIUM

ExacqVision Web Service < 24.03 - Permissive Cross-domain Security Policy with Untrusted Domains

CVE-2024-24621 CRITICAL

Softaculous Webuzo < 4.2.9 - Unauthenticated Authentication Bypass via Password Reset

CVE-2024-5217 CRITICAL KEV

ServiceNow Washington DC and Vancouver - Unauthenticated Remote Code Execution

CVE-2024-39742 HIGH

IBM MQ Operator 2.0.0-2.0.23 and 3.2.2 - Authentication Bypass via Partial String Comparison

CVE-2024-38522 MEDIUM

hush_line < 0.1.0 - Content Security Policy Bypass

CVE-2024-4032 HIGH

CPython ipaddress Module IP Address Classification Flaw

CVE-2024-34340 CRITICAL

Cacti < 1.2.27 - Type Juggling Authentication Bypass via Loose MD5 Comparison

CVE-2024-2223 HIGH

Bitdefender GravityZone Update Server - Server-Side Request Forgery via Regex Bypass

CVE-2024-28246 MEDIUM

KaTeX 0.11.0-0.16.9 - Cross-Site Scripting via Uppercase Protocol Bypass

CVE-2024-29026 HIGH

owncast < 0.1.2 - Unauthenticated Admin Password Leak via Lenient CORS Policy

CVE-2024-23903 MEDIUM

Jenkins GitLab Branch Source Plugin <684 - Info Disclosure

CVE-2023-45213 MEDIUM

Westermo L206-f2g Firmware - Permissive CORS Policy

CVE-2023-50940 MEDIUM

IBM PowerSC 1.3, 2.0, 2.1 - Permissive Cross-domain Security Policy with Untrusted Domains

CVE-2023-49994 MEDIUM

Espeak-ng <1.52-dev - Memory Corruption

CVE-2023-46660 MEDIUM

Jenkins Zanata Plugin <0.6 - Info Disclosure

CVE-2023-46658 MEDIUM

Jenkins MSTeams Webhook Trigger Plugin <0.1.1 - Info Disclosure

CVE-2023-46657 MEDIUM

Jenkins Gogs Plugin <1.0.15 - Info Disclosure

CVE-2023-46656 MEDIUM

Jenkins Multibranch Scan Webhook Trigger Plugin <1.0.9 - Info Discl...

CVE-2023-46009 HIGH

gifsicle 1.94 - Denial of Service via Floating Point Exception in resize_stream

CVE-2023-45133 CRITICAL

Babel traverse <7.23.2 and 8.0.0-alpha.4 - Code Execution via path.evaluate

CVE-2023-44378 HIGH

gnark < 0.9.0 - Incorrect Comparison via Field Overflow

CVE-2023-23766 MEDIUM

GitHub Enterprise Server - Info Disclosure

Previous Page 2 of 6 Next

Details

Vulnerabilities 150

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy