CWE-657 is a common weakness enumeration in software security. This database tracks 13 CVE vulnerabilities classified under this weakness type.

How many CVEs are classified as CWE-657?

There are 13 CVE vulnerabilities classified as CWE-657 with an average CVSS score of 5.8538461538462.

What is the severity distribution for CWE-657?

CWE-657 contains 0 critical, 4 high, 8 medium, and 1 low severity vulnerabilities.

CWE-657

Total CVEs

Vulnerabilities

Avg CVSS v3

5.9

Medium

Avg CVSS v2

4.5

Medium

Latest CVE

2024

Most Recent

Severity Distribution

Critical 0

High 4

30.8%

Medium 8

61.5%

Low 1

7.7%

External References

MITRE CWE

Official CWE definition

NIST NVD

Search CVEs by CWE

All CVEs (13)

Page 1 of 1

CVE-2023-29320

HIGH

CVSS:7.8(High)

Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Violation of Secure Design Principles vulnerability that could result in arbitrary code execu...

CWE-6572023

CVE-2019-0061

HIGH

CVSS:7.8(High)

The management daemon (MGD) is responsible for all configuration and management operations in Junos OS. The Junos CLI communicates with MGD over an internal unix-domain socket and is granted special p...

CWE-6572019

CVE-2024-57957

HIGH

CVSS:7.5(High)

Vulnerability of improper log information control in the UI framework module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CWE-6572024

CVE-2023-52714

HIGH

CVSS:7.5(High)

Vulnerability of defects introduced in the design process in the hwnff module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CWE-6572023

CVE-2022-28244

MEDIUM

CVSS:6.3(Medium)

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by a violation of secure design principles through bypassing the content se...

CWE-6572022

CVE-2019-5478

MEDIUM

CVSS:5.5(Medium)

A weakness was found in Encrypt Only boot mode in Zynq UltraScale+ devices. This could lead to an adversary being able to modify the control fields of the boot image leading to an incorrect secure boo...

CWE-6572019

CVE-2021-36061

MEDIUM

CVSS:5.4(Medium)

Adobe Connect version 11.2.2 (and earlier) is affected by a secure design principles violation vulnerability via the 'pbMode' parameter. An unauthenticated attacker could leverage this vulnerability t...

CWE-6572021

CVE-2022-30683

MEDIUM

CVSS:5.3(Medium)

Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a Violation of Secure Design Principles vulnerability that could lead to bypass the security feature of the encryption mechanism...

CWE-6572022

CVE-2020-8133

MEDIUM

CVSS:5.3(Medium)

A wrong generation of the passphrase for the encrypted block in Nextcloud Server 19.0.1 allowed an attacker to overwrite blocks in a file.

CWE-6572020

CVE-2017-6032

MEDIUM

CVSS:5.3(Medium)

A Violation of Secure Design Principles issue was discovered in Schneider Electric Modicon Modbus Protocol. The Modicon Modbus protocol has a session-related weakness making it susceptible to brute-fo...

CWE-6572017

CVE-2019-15611

MEDIUM

CVSS:4.9(Medium)

Violation of Secure Design Principles in the iOS App 2.23.0 causes the app to leak its login and token to other Nextcloud services when search e.g. for federated users or registering for push notifica...

CWE-6572019

CVE-2021-28583

MEDIUM

CVSS:4.2(Medium)

Magento versions 2.4.2 (and earlier), 2.4.1-p1 (and earlier) and 2.3.6-p1 (and earlier) are affected by a Violation of Secure Design Principles vulnerability in RMA PDF filename formats. Successful ex...

CWE-6572021

CVE-2021-44714

LOW

CVSS:3.3(Low)

Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a Violation of Secure Design Principles that could lead to a Security fe...

CWE-6572021