CWE-474 is a common weakness enumeration in software security. This database tracks 7 CVE vulnerabilities classified under this weakness type.

How many CVEs are classified as CWE-474?

There are 7 CVE vulnerabilities classified as CWE-474 with an average CVSS score of 6.8714285714286.

What is the severity distribution for CWE-474?

CWE-474 contains 0 critical, 4 high, 3 medium, and 0 low severity vulnerabilities.

CWE-474

Total CVEs

Vulnerabilities

Avg CVSS v3

6.9

Medium

Avg CVSS v2

5.0

Medium

Latest CVE

2024

Most Recent

Severity Distribution

Critical 0

High 4

57.1%

Medium 3

42.9%

Low 0

External References

MITRE CWE

Official CWE definition

NIST NVD

Search CVEs by CWE

All CVEs (7)

Page 1 of 1

CVE-2024-5839

HIGH

CVSS:8.8(High)

Inappropriate Implementation in Memory Allocator in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security se...

CWE-4742024

CVE-2024-5836

HIGH

CVSS:8.8(High)

Inappropriate Implementation in DevTools in Google Chrome prior to 126.0.6478.54 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrom...

CWE-4742024

CVE-2024-1672

HIGH

CVSS:8.8(High)

Inappropriate implementation in Content Security Policy in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security ...

CWE-4742024

CVE-2024-1694

HIGH

CVSS:7.8(High)

Inappropriate implementation in Google Updator prior to 1.3.36.351 in Google Chrome allowed a local attacker to bypass discretionary access control via a malicious file. (Chromium security severity: H...

CWE-4742024

CVE-2021-0294

MEDIUM

CVSS:5.3(Medium)

A vulnerability in Juniper Networks Junos OS, which only affects the release 18.4R2-S5, where a function is inconsistently implemented on Juniper Networks Junos QFX5000 Series and EX4600 Series, and i...

CWE-4742021

CVE-2024-7001

MEDIUM

CVSS:4.3(Medium)

Inappropriate implementation in HTML in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML ...

CWE-4742024

CVE-2024-2628

MEDIUM

CVSS:4.3(Medium)

Inappropriate implementation in Downloads in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted URL. (Chromium security severity: Medium)

CWE-4742024