CWE-670 · Always-Incorrect Control Flow Implementation
140 CVEs classified under CWE-670 (Always-Incorrect Control Flow Implementation). Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-43359 | Critical | 9.8 | 2025-09-15 | A logic issue was addressed with improved state management. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS So… |
CVE-2022-25745 | Critical | 9.8 | 2023-04-13 | Memory corruption in modem due to improper input validation while handling the incoming CoAP message |
CVE-2020-1914 | Critical | 9.8 | 2020-10-08 | A logic vulnerability when handling the SaveGeneratorLong instruction in Facebook Hermes prior to commit b2021df620824627f5a8c96615edbd1eb7fdddfc allows attack… |
CVE-2020-17466 | Critical | 9.8 | 2020-08-11 | Turcom TRCwifiZone through 2020-08-10 allows authentication bypass by visiting manage/control.php and ignoring 302 Redirect responses. |
CVE-2019-17192 | Critical | 9.8 | 2019-10-05 | The WebRTC component in the Signal Private Messenger application through 4.47.7 for Android processes videoconferencing RTP packets before a callee chooses to… |
CVE-2026-55276 | Critical | 9.1 | 2026-06-29 | Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat meant that special roles and empty authorisation constraints were not included when… |
CVE-2025-29312 | Critical | 9.1 | 2025-03-24 | An issue in onos v2.7.0 allows attackers to trigger unexpected behavior within a device connected to a legacy switch via changing the link type from indirect t… |
CVE-2024-32971 | Critical | 9.0 | 2024-05-02 | Apollo Router is a configurable, graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. The affected versions of Apollo Rout… |
CVE-2023-31211 | High | 8.8 | 2024-01-12 | Insufficient authentication flow in Checkmk before 2.2.0p18, 2.1.0p38 and 2.0.0p39 allows attacker to use locked credentials |
CVE-2023-20558 | High | 8.8 | 2023-04-02 | Insufficient control flow management in AmdCpmOemSmm may allow a privileged attacker to tamper with the SMM handler potentially leading to an escalation of pr… |
CVE-2018-16766 | High | 8.8 | 2018-09-10 | In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecifi… |
CVE-2021-41153 | High | 8.7 | 2021-10-18 | The evm crate is a pure Rust implementation of Ethereum Virtual Machine. In `evm` crate `< 0.31.0`, `JUMPI` opcode's condition is checked after the destination… |
CVE-2024-20480 | High | 8.6 | 2024-09-25 | A vulnerability in the DHCP Snooping feature of Cisco IOS XE Software on Software-Defined Access (SD-Access) fabric edge nodes could allow an unauthenticated… |
CVE-2022-2993 | High | 8.6 | 2022-12-09 | There is an error in the condition of the last if-statement in the function smp_check_keys. It was rejecting current keys if all requirements were unmet. |
CVE-2025-49091 | High | 8.2 | 2025-06-11 | KDE Konsole before 25.04.2 allows remote code execution in a certain scenario. It supports loading URLs from the scheme handlers such as a ssh:// or telnet://… |
CVE-2024-52811 | High | 8.2 | 2024-11-25 | The ngtcp2 project is an effort to implement IETF QUIC protocol in C. In affected versions acks are not validated before being written to the qlog leading to a… |
CVE-2023-1668 | High | 8.2 | 2023-04-10 | A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP hea… |
CVE-2022-29255 | High | 8.2 | 2022-06-09 | Vyper is a Pythonic Smart Contract Language for the ethereum virtual machine. In versions prior to 0.3.4 when a calling an external contract with no return val… |
CVE-2026-7656 | High | 8.1 | 2026-06-29 | The IPv6 Neighbor Discovery handlers in subsys/net/ip/ipv6_nbr.c (handle_ra_input, handle_ns_input, handle_na_input) used an incorrect boolean expression that… |
CVE-2026-40960 | High | 8.1 | 2026-04-16 | Luanti 5 before 5.15.2 sometimes allows unintended access to an insecure environment. If at least one mod is listed as secure.trusted_mods or secure.http_mods… |