CWE-687

3 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →

CVEs classified under CWE-687page 1 of 1

CVE-2024-36985HIGHCVSS 8.8EG 8.8
2024-07-01
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10, a low-privileged user that does not hold the admin or power Splunk roles could cause a Remote Code Execution through an external lookup that references the “splunk_archiver“…
CVE-2024-49603MEDIUMCVSS 4.3EG 4.3
2024-12-09
Dell PowerScale OneFS Versions 8.2.2.x through 9.9.0.x contain an incorrect specified argument vulnerability. A remote low privileged legitimate user could potentially exploit this vulnerability, leading to information disclosure.
CVE-2025-22620MEDIUMCVSS 5.0EG 5.0
2025-01-20
gitoxide is an implementation of git written in Rust. Prior to 0.17.0, gix-worktree-state specifies 0777 permissions when checking out executable files, intending that the umask will restrict them appropriately. But one of the strategies i…

Map vulnerabilities like CWE-687 to your infrastructure

EchelonGraph correlates every CVE — across CWE-687 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.

Start Free Scan →