Description
The product does not sufficiently protect all possible paths that a user can take to access restricted functionality or resources.
CVE vulnerabilities with CWE-424 (32)
10.0
CVSS
CRITICAL
CVE-2025-48827
pub. 2025-05-27
9.3
CVSS
CRITICAL
CVE-2023-52952
pub. 2024-10-08
9.0
CVSS
CRITICAL
CVE-2025-48828
pub. 2025-05-27
9.0
CVSS
CRITICAL
CVE-2024-58136
pub. 2025-04-10🚩 CISA KEV⚡ EXPLOIT
8.7
CVSS
HIGH
CVE-2024-8781
pub. 2024-11-18
8.4
CVSS
HIGH
CVE-2024-3459
pub. 2024-05-14
8.2
CVSS
HIGH
CVE-2025-68939
pub. 2025-12-26
7.4
CVSS
HIGH
CVE-2024-3460
pub. 2024-05-14
7.3
CVSS
HIGH
CVE-2026-0237
pub. 2026-05-13
7.1
CVSS
HIGH
CVE-2025-6250
pub. 2025-07-28
7.1
CVSS
HIGH
CVE-2023-5165
pub. 2023-09-25
7.1
CVSS
HIGH
CVE-2023-0629
pub. 2023-03-13
7.1
CVSS
HIGH
CVE-2019-18996
pub. 2019-12-18
6.8
CVSS
MEDIUM
CVE-2026-4270
pub. 2026-03-16
6.8
CVSS
MEDIUM
CVE-2022-1742
pub. 2022-06-24
6.7
CVSS
MEDIUM
CVE-2025-49163
pub. 2025-06-03
6.7
CVSS
MEDIUM
CVE-2023-20272
pub. 2023-11-21
6.7
CVSS
MEDIUM
CVE-2023-46176
pub. 2023-11-03
6.5
CVSS
MEDIUM
CVE-2024-8311
pub. 2024-09-12
6.5
CVSS
MEDIUM
CVE-2021-3793
pub. 2021-11-12
Showing 20 of 32 vulnerabilities