CWE-449
14 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-449page 1 of 1
- CVE-2023-36535HIGHCVSS 7.1EG 7.12023-08-08
Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow an authenticated user to enable information disclosure via network access.
- CVE-2023-39209MEDIUMCVSS 5.9EG 5.92023-08-08
Improper input validation in Zoom Desktop Client for Windows before 5.15.5 may allow an authenticated user to enable an information disclosure via network access.
- CVE-2023-39215HIGHCVSS 7.1EG 7.12023-09-12
Improper authentication in Zoom clients may allow an authenticated user to conduct a denial of service via network access.
- CVE-2023-43585HIGHCVSS 7.1EG 7.12023-12-13
Improper access control in Zoom Mobile App for iOS and Zoom SDKs for iOS before version 5.16.5 may allow an authenticated user to conduct a disclosure of information via network access.
- CVE-2023-43588LOWCVSS 3.5EG 3.52023-11-15
Insufficient control flow management in some Zoom clients may allow an authenticated user to conduct an information disclosure via network access.
- CVE-2024-24698MEDIUMCVSS 4.9EG 4.92024-02-14
Improper authentication in some Zoom clients may allow a privileged user to conduct a disclosure of information via local access.
- CVE-2024-38083MEDIUMCVSS 4.3EG 4.32024-06-13
Microsoft Edge (Chromium-based) Spoofing Vulnerability
- CVE-2024-43577MEDIUMCVSS 4.3EG 4.32024-10-18
Microsoft Edge (Chromium-based) Spoofing Vulnerability
- CVE-2024-49041MEDIUMCVSS 4.3EG 4.32024-12-06
Microsoft Edge (Chromium-based) Spoofing Vulnerability
- CVE-2025-13637MEDIUMCVSS 4.3EG 5.32025-12-02
Inappropriate implementation in Downloads in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass download protections via a crafted HTML page. (Chromium security s…
- CVE-2025-21404MEDIUMCVSS 4.3EG 4.32025-02-06
Microsoft Edge (Chromium-based) Spoofing Vulnerability
- CVE-2025-26643MEDIUMCVSS 5.4EG 5.42025-03-07
The UI performs the wrong action in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.
- CVE-2025-49736MEDIUMCVSS 4.3EG 4.32025-08-12
The ui performs the wrong action in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing over a network.
- CVE-2025-56139MEDIUMCVSS 5.3EG 5.32025-09-03
LinkedIn Mobile Application for Android version 4.1.1087.2 fails to update link preview metadata (image, title, description) when a user replaces the original URL in a post or comment before publishing. As a result, the stale preview remai…
Map vulnerabilities like CWE-449 to your infrastructure
EchelonGraph correlates every CVE — across CWE-449 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →