CWE-187 · Partial String Comparison
8 CVEs classified under CWE-187 (Partial String Comparison). Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-35031 | Critical | 10.0 | 2026-04-14 | Jellyfin is an open source self hosted media server. Versions prior to 10.11.7 contain a vulnerability chain in the subtitle upload endpoint (POST /Videos/{ite… |
CVE-2024-41110 | Critical | 10.0 | 2024-07-24 | Moby is an open-source project created by Docker for software containerization. A security vulnerability has been detected in certain versions of Docker Engine… |
CVE-2022-31802 | Critical | 9.8 | 2022-06-24 | In CODESYS Gateway Server V2 for versions prior to V2.3.9.38 only a part of the the specified password is been compared to the real CODESYS Gateway password. A… |
CVE-2024-39742 | High | 8.1 | 2024-07-08 | IBM MQ Operator 3.2.2 and IBM MQ Operator 2.0.24 could allow a user to bypass authentication under certain configurations due to a partial string comparison vu… |
CVE-2026-34785 | High | 7.5 | 2026-04-02 | Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Static determines whether a request should be served as a stati… |
CVE-2026-44837 | Medium | 5.9 | 2026-05-26 | view_component is a framework for building reusable, testable, and encapsulated view components in Ruby on Rails. From 3.0.0 to 4.9.0, the system test entrypoi… |
CVE-2025-23384 | Low | 3.7 | 2025-03-11 | A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2D… |
CVE-2026-30874 | | 2026-03-19 | OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to 24.10.6, a vulnerability in the hotplug_call function allows an at… |