CWE-358: CWE-358

This vulnerability allows attackers to bypass disabled Identity Provider (IdP) checks in Keycloak's JWT authorization grant flow. An attacker with a d...

This vulnerability in Zoom for Windows allows a malicious user to manipulate protected memory buffers, potentially compromising the integrity of the Z...

This is a macOS kernel privilege escalation vulnerability that allows a malicious application to execute arbitrary code with kernel-level privileges. ...

This vulnerability in Weave Desktop v7.78.10 allows a local attacker to execute arbitrary code by exploiting the nwjs framework component with a craft...

This vulnerability allows attackers to bypass Content Security Policy (CSP) protections in Whale browser by exploiting a specific scheme in dual-tab e...

CVE-2025-59147 is a detection bypass vulnerability in Suricata where crafted traffic with multiple SYN packets containing different sequence numbers w...

This vulnerability in iOS/iPadOS prevents devices from properly locking, allowing unauthorized physical access to unlocked devices. It affects users o...

This vulnerability involves improper security checks in a call module, allowing attackers to bypass intended restrictions. Successful exploitation cou...

This vulnerability in Intel Xeon 6 processors allows a privileged user to bypass security checks in DDRIO configuration when using Intel SGX or TDX te...

This CVE describes a stack-based buffer overflow vulnerability in FortiSandbox's profile parser that allows authenticated attackers to execute arbitra...

This vulnerability in Google Chrome allows attackers to bypass navigation restrictions through a crafted HTML page, potentially redirecting users to m...

A content sniffing vulnerability in Yokogawa's FAST/TOOLS software allows attackers to execute malicious scripts by exploiting unspecified MIME types....

This vulnerability in Yokogawa FAST/TOOLS involves insecure response header settings that could allow attackers to redirect users to malicious website...

This vulnerability involves improper security checks in Huawei's card module, allowing attackers to potentially disrupt system availability. It affect...

This vulnerability allows remote unauthenticated attackers to bypass DNS filtering protections on Fortinet devices when Apple devices are used. It aff...

A permissions bypass vulnerability in macOS allows USB accessories connected during boot to circumvent USB Restricted Mode security controls. This aff...

This vulnerability affects Fortinet's antivirus engine in FortiOS and FortiClient, causing delayed detection of malicious files within malformed RAR a...

IBM WebSphere Application Server versions 9.0 and 8.5 have a security weakness in system administration security settings that could allow attackers t...

This vulnerability in BullWall Ransomware Containment allows authenticated attackers to bypass detection by encrypting a single file when detection th...

This vulnerability allows attackers to spoof BLE connection responses to devices running vulnerable Zephyr RTOS versions. By sending unsolicited conne...

This CVE describes an injection vulnerability in Fortinet's SSL-VPN web user interface that could allow remote unauthenticated attackers to perform ph...

This vulnerability in Google Chrome's FedCM (Federated Credential Management) implementation allows attackers to spoof UI elements through specific us...

HCL Unica Platform has a misconfigured Content Security Policy (CSP) that could allow attackers to load malicious resources in users' browsers. This c...

FAST/TOOLS industrial control system software lacks HSTS configuration, allowing attackers to perform MITM attacks and intercept web communications. T...