CWE-693: CWE-693
Yearly Trend
Top Affected Vendors
All CWE-693 CVEs (133)
This vulnerability in Intel CIP software allows local attackers to escalate privileges from unprivileged to privileged access. It affects systems runn...
Nov 11, 2025A protection mechanism failure in Microsoft Edge (Chromium-based) allows unauthorized attackers to execute arbitrary code over a network connection. T...
Oct 31, 2025This CVE describes a sandbox escape vulnerability in macOS where a sandboxed process can bypass security restrictions. It affects macOS systems before...
Jul 29, 2024This vulnerability in Android's DevicePolicyManagerService allows a local attacker to cause persistent denial of service through a logic error when ha...
Sep 4, 2025This vulnerability allows unauthenticated remote attackers to bypass HTTP file policies on affected Cisco devices by sending specially crafted HTTP pa...
Nov 15, 2024This vulnerability allows an unauthorized attacker to bypass a local security feature in Windows Remote Assistance. Attackers could potentially gain u...
Jan 13, 2026This vulnerability allows a malicious Android app to block emergency calls (911/112) under specific conditions due to a logic error. It affects Androi...
Sep 2, 2025This vulnerability allows attackers to create deceptive UI elements in Google Chrome through crafted HTML pages, tricking users into unintended action...
Nov 8, 2025This vulnerability allows authenticated low-privileged attackers to bypass authorization controls on REST API endpoints in Cisco Nexus Dashboard and N...
Aug 27, 2025This vulnerability allows attackers to bypass Windows Mark of the Web (MOTW) security protections over network connections. Attackers could trick user...
Apr 8, 2025This vulnerability allows unauthenticated attackers to manipulate events in TYPO3 websites using the events2 extension. Attackers can activate or dele...
Jun 21, 2024CVE-2025-67485 is a security bypass vulnerability in mad-proxy that allows attackers to circumvent HTTP/HTTPS traffic interception rules, potentially ...
Dec 10, 2025The WP Headless CMS Framework plugin for WordPress has an authentication bypass vulnerability that allows unauthenticated attackers to access restrict...
Nov 13, 2025This vulnerability allows a remote attacker to leak cross-origin data through Chrome DevTools due to insufficient policy enforcement. It affects users...
Nov 8, 2025The OOPSpam Anti-Spam WordPress plugin is vulnerable to IP header spoofing, allowing unauthenticated attackers to bypass IP-based security controls li...
Oct 31, 2025The WP Cerber Security plugin for WordPress versions up to 9.4 contains an IP protection bypass vulnerability. Attackers can circumvent IP blocking by...
Aug 31, 2024This CVE describes a Python sandbox escape vulnerability in Cisco NX-OS Software that allows authenticated local attackers with Python execution privi...
Aug 28, 2024This vulnerability allows authenticated local attackers with Python execution privileges on Cisco NX-OS devices to escape the Python sandbox and execu...
Aug 28, 2024This vulnerability allows an authorized attacker to bypass local security features in GitHub Copilot and Visual Studio Code by exploiting improper val...
Nov 11, 2025This vulnerability allows remote/synthetic users created through shared channels to receive email notifications and reset passwords using munged email...
Aug 22, 2024This vulnerability in HCL BigFix Remote Control Lite Web Portal allows attackers to bypass Content Security Policy restrictions and execute malicious ...
Dec 17, 2025Mattermost Desktop App versions up to 5.7.0 fail to properly prompt users for permission when opening external URLs, allowing attackers to force victi...
Jun 14, 2024This vulnerability in Intel Tiber Edge Platform's Edge Orchestrator software allows authenticated users with local access to potentially escalate priv...
May 13, 2025Mattermost mobile apps version 2.18.0 and earlier fail to disable autocomplete during password entry when visible password mode is selected. This allo...
Sep 16, 2024A local privilege escalation vulnerability in Avast Free Antivirus allows attackers with administrative privileges to disable real-time protection and...
Nov 11, 2025Mattermost Desktop App versions before 6.0.0 for macOS fail to enable Hardened Runtime when packaged for the Mac App Store, allowing attackers to bypa...
Dec 17, 2025Envoy proxy versions 1.33.12, 1.34.10, 1.35.6, 1.36.2 and earlier have a CONNECT tunnel desynchronization vulnerability when configured in TCP proxy m...
Dec 3, 2025HCL AION web applications are vulnerable due to missing standard security HTTP response headers. This allows attackers to more easily conduct common w...
Jan 19, 2026The Archer AXE75 V1 router may accept L2TP VPN connections without IPSec encryption even when IPSec is enabled, allowing unencrypted VPN sessions. Thi...
Feb 3, 2026Legality WHISTLEBLOWING software by DigitalPA fails to emit critical HTTP security headers by default, weakening browser-side defenses. This allows cl...
Dec 9, 2025A vulnerability in Anthropic Sandbox Runtime versions before 0.0.16 allows sandboxed processes to bypass network restrictions when the sandbox policy ...
Dec 4, 2025This vulnerability allows attackers to bypass Windows SmartScreen protection mechanisms when using ESTsoft ALZip on Windows systems. Attackers could t...
Dec 3, 2025CVE-2025-65100 is a vulnerability in Isar integration system where setting ISAR_APT_SNAPSHOT_DATE alone fails to properly configure security distribut...
Nov 19, 2025About CWE-693 (CWE-693)
Our database tracks 133 CVEs classified as CWE-693, with 23 rated critical and 63 rated high severity. The average CVSS score for CWE-693 vulnerabilities is 7.5.
External reference: View CWE-693 on MITRE CWE →
Monitor CWE-693 Vulnerabilities
Get alerted when new CWE-693 CVEs affect your infrastructure.
Start Monitoring Free