CWE-821

Total CVEs
11
Vulnerabilities
Avg CVSS v3
5.9
Medium
Avg CVSS v2
5.5
Medium
Latest CVE
2024
Most Recent

Severity Distribution

Critical 1
9.1%
High 4
36.4%
Medium 4
36.4%
Low 2
18.2%

External References

MITRE CWE
Official CWE definition
NIST NVD
Search CVEs by CWE

All CVEs (11)

Page 1 of 1

CVE-2022-1931

CRITICAL
CVSS:9.1(Critical)

Incorrect Synchronization in GitHub repository polonel/trudesk prior to 1.2.3.

CWE-8212022

CVE-2024-7043

HIGH
CVSS:8.1(High)

An improper access control vulnerability in open-webui/open-webui v0.3.8 allows attackers to view and delete any files. The application does not verify whether the attacker is an administrator, allowi...

CWE-8212024

CVE-2024-1902

HIGH
CVSS:7.5(High)

lunary-ai/lunary is vulnerable to a session reuse attack, allowing a removed user to change the organization name without proper authorization. The vulnerability stems from the lack of validation to c...

CWE-8212024

CVE-2024-1739

HIGH
CVSS:7.5(High)

lunary-ai/lunary is vulnerable to an authentication issue due to improper validation of email addresses during the signup process. Specifically, the server fails to treat email addresses as case insen...

CWE-8212024

CVE-2023-5088

HIGH
CVSS:7.0(High)

A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead (potentially overwriting the VM's boot code). This could be used, for...

CWE-8212023

CVE-2024-6657

MEDIUM
CVSS:6.5(Medium)

A denial of service may be caused to a single peripheral device in a BLE network when multiple central devices continuously connect and disconnect to the peripheral. A hard reset is required to recove...

CWE-8212024

CVE-2024-5755

MEDIUM
CVSS:5.3(Medium)

In lunary-ai/lunary versions <=v1.2.11, an attacker can bypass email validation by using a dot character ('.') in the email address. This allows the creation of multiple accounts with essentially the ...

CWE-8212024

CVE-2024-58133

MEDIUM
CVSS:4.0(Medium)

In chainmaker-go (aka ChainMaker) before 2.4.0, when making frequent updates to a node's configuration file and restarting this node, concurrent writes by logger.go to a map are mishandled. Creating o...

CWE-8212024

CVE-2024-58132

MEDIUM
CVSS:4.0(Medium)

In chainmaker-go (aka ChainMaker) before 2.3.6, multiple updates to a single node's configuration can cause other normal nodes to perform concurrent read and write operations on a map, leading to a pa...

CWE-8212024

CVE-2024-58131

LOW
CVSS:3.7(Low)

FISCO BCOS 3.11.0 has an issue with synchronization of the transaction pool that can, for example, be observed when a malicious node (that has modified the codebase to allow a large min_seal_time valu...

CWE-8212024

CVE-2024-4278

LOW
CVSS:2.7(Low)

An information disclosure issue has been discovered in GitLab EE affecting all versions starting from 16.5 prior to 17.2.8, from 17.3 prior to 17.3.4, and from 17.4 prior to 17.4.1. A maintainer could...

CWE-8212024