CWE-684 is a common weakness enumeration in software security. This database tracks 12 CVE vulnerabilities classified under this weakness type.

How many CVEs are classified as CWE-684?

There are 12 CVE vulnerabilities classified as CWE-684 with an average CVSS score of 6.6916666666667.

What is the severity distribution for CWE-684?

CWE-684 contains 3 critical, 2 high, 6 medium, and 1 low severity vulnerabilities.

CWE-684

Total CVEs

Vulnerabilities

Avg CVSS v3

6.7

Medium

Avg CVSS v2

5.5

Medium

Latest CVE

2024

Most Recent

Severity Distribution

Critical 3

25%

High 2

16.7%

Medium 6

50%

Low 1

8.3%

External References

MITRE CWE

Official CWE definition

NIST NVD

Search CVEs by CWE

All CVEs (12)

Page 1 of 1

CVE-2024-50357

CRITICAL

CVSS:9.8(Critical)

FutureNet NXR series routers provided by Century Systems Co., Ltd. have REST-APIs, which are configured as disabled in the initial (factory default) configuration. But, REST-APIs are unexpectedly enab...

CWE-6842024

CVE-2023-24845

CRITICAL

CVSS:9.8(Critical)

A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801, RUGGEDCOM i801NC, RUGGEDCOM i802, RUGGEDCOM i802NC, RUGGEDCOM i803, RUGGEDCOM i803NC, RUGGEDCOM M2100, RUGGEDCO...

CWE-6842023

CVE-2024-6425

CRITICAL

CVSS:9.1(Critical)

Incorrect Provision of Specified Functionality vulnerability in MESbook 20221021.03 version. An unauthenticated remote attacker can register user accounts without being authenticated from the route "/...

CWE-6842024

CVE-2023-5363

HIGH

CVSS:7.5(High)

Issue summary: A bug has been identified in the processing of key and initialisation vector (IV) lengths. This can lead to potential truncation or overruns during the initialisation of some symmetric ...

CWE-6842023

CVE-2024-20317

HIGH

CVSS:7.4(High)

A vulnerability in the handling of specific Ethernet frames by Cisco IOS XR Software for various Cisco Network Convergence System (NCS) platforms could allow an unauthenticated, adjacent attacker to c...

CWE-6842024

CVE-2024-6502

MEDIUM

CVSS:6.5(Medium)

An issue was discovered in GitLab CE/EE affecting all versions starting from 8.2 prior to 17.1.6 starting from 17.2 prior to 17.2.4, and starting from 17.3 prior to 17.3.1, which allows an attacker to...

CWE-6842024

CVE-2023-4258

MEDIUM

CVSS:6.5(Medium)

In Bluetooth mesh implementation If provisionee has a public key that is sent OOB then during provisioning it can be sent back and will be accepted by provisionee.

CWE-6842023

CVE-2022-23728

MEDIUM

CVSS:6.1(Medium)

Attacker can reset the device with AT Command in the process of rebooting the device. The LG ID is LVE-SMP-210011.

CWE-6842022

CVE-2023-5158

MEDIUM

CVSS:5.5(Medium)

A flaw was found in vringh_kiov_advance in drivers/vhost/vringh.c in the host side of a virtio ring in the Linux Kernel. This issue may result in a denial of service from guest to host via zero length...

CWE-6842023

CVE-2024-8974

MEDIUM

CVSS:4.3(Medium)

Information disclosure in Gitlab EE/CE affecting all versions from 15.6 prior to 17.2.8, 17.3 prior to 17.3.4, and 17.4 prior to 17.4.1 in specific conditions it was possible to disclose to an unautho...

CWE-6842024

CVE-2024-5005

MEDIUM

CVSS:4.3(Medium)

An issue has been discovered discovered in GitLab EE/CE affecting all versions starting from 11.4 before 17.2.9, all versions starting from 17.3 before 17.3.5, all versions starting from 17.4 before 1...

CWE-6842024

CVE-2020-11054

LOW

CVSS:3.5(Low)

In qutebrowser versions less than 1.11.1, reloading a page with certificate errors shows a green URL. After a certificate error was overridden by the user, qutebrowser displays the URL as yellow (colo...

CWE-6842020