Weaknesses of type CWE-693
558 resultsCVE-2023-25945MEDIUMProtection mechanism failure in some Intel(R) OFU software before version 14.1.31 may allow an authenticated user to potentially enable escaEPSS 0.2%CVE-2025-48571MEDIUMIn multiple functions of btm_sec.cc, there is a possible way for an attacker to intercept SMS messages due to a logic error in the code. ThiEPSS 0.2%CVE-2025-24523MEDIUMProtection mechanism failure for some Edge Orchestrator software before version 24.11.1 for Intel(R) Tiber(TM) Edge Platform may allow an auEPSS 0.2%CVE-2024-36287LOWBypass of TCC restrictions on macOSEPSS 0.2%CVE-2026-5276MEDIUMInsufficient policy enforcement in WebUSB in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to obtain potentially sensitiveEPSS 0.2%CVE-2023-42938HIGHA logic issue was addressed with improved checks. This issue is fixed in iTunes 12.13.1 for Windows. A local attacker may be able to elevateEPSS 0.2%CVE-2026-7909LOWInappropriate implementation in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the rendEPSS 0.2%CVE-2026-11292MEDIUMInsufficient policy enforcement in Blink in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass content security policyEPSS 0.2%CVE-2025-46281HIGHA logic issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.2. An app may be able to break out of its sandbox.EPSS 0.2%CVE-2023-25080MEDIUMProtection mechanism failure in some Intel(R) Distribution of OpenVINO toolkit software before version 2023.0.0 may allow an authenticated uEPSS 0.2%CVE-2026-53845LOWOpenClaw < 2026.5.6 - Skill-Command Dispatch Hook Bypass via Before-Tool-Call Hook SkippingEPSS 0.2%CVE-2026-40311MEDIUMImageMagick: Heap-use-after-free via XMP profile could result in a crash when printing valuesEPSS 0.2%CVE-2025-31224HIGHA logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6. An aEPSS 0.2%CVE-2025-58406MEDIUMLack of HTTP Response HeadersEPSS 0.2%CVE-2026-11264MEDIUMPolicy bypass in Content Security Policy in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass content security policyEPSS 0.2%CVE-2026-11260MEDIUMInappropriate implementation in Permissions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass content security polEPSS 0.2%CVE-2026-8563MEDIUMInsufficient policy enforcement in IFrame Sandbox in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to bypass naEPSS 0.2%CVE-2026-49316MEDIUMIndian Scout Bobber 2025 WCM CAN bus-off attack silently bypasses anti-theft shutdownEPSS 0.2%CVE-2021-33081HIGHProtection mechanism failure in firmware for some Intel(R) SSD DC Products may allow a privileged user to potentially enable information disEPSS 0.2%CVE-2026-8583MEDIUMInsufficient policy enforcement in WebXR in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised tEPSS 0.2%