CWE-694
9 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-694page 1 of 1
- CVE-2020-15185LOWCVSS 2.2EG 2.22020-09-17
In Helm before versions 2.16.11 and 3.3.2, a Helm repository can contain duplicates of the same chart, with the last one always used. If a repository is compromised, this lowers the level of access that an attacker needs to inject a bad ch…
- CVE-2020-15187LOWCVSS 3.0EG 3.02020-09-17
In Helm before versions 2.16.11 and 3.3.2, a Helm plugin can contain duplicates of the same entry, with the last one always used. If a plugin is compromised, this lowers the level of access that an attacker needs to modify a plugin's insta…
- CVE-2021-3436MEDIUMCVSS 4.3EG 4.32021-10-05
BT: Possible to overwrite an existing bond during keys distribution phase when the identity address of the bond is known. Zephyr versions >= 1.14.2, >= 2.4.0, >= 2.5.0 contain Use of Multiple Resources with Duplicate Identifier (CWE-694). …
- CVE-2022-23721LOWCVSS 3.8EG 3.82023-04-25
PingID integration for Windows login prior to 2.9 does not handle duplicate usernames, which can lead to a username collision when two people with the same username are provisioned onto the same machine at different times.
- CVE-2023-20100MEDIUMCVSS 6.8EG 6.82023-03-23
A vulnerability in the access point (AP) joining process of the Control and Provisioning of Wireless Access Points (CAPWAP) protocol of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, remote attack…
- CVE-2024-41146MEDIUMCVSS 4.6EG 4.62024-12-12
Use of Multiple Resources with Duplicate Identifier (CWE-694) in the Controller 6000 and Controller 7000 Platforms could allow an attacker with physical access to HBUS communication cabling to perform a Denial-of-Service attack against HBU…
- CVE-2025-13609HIGHCVSS 8.2EG 8.22025-11-24
A vulnerability has been identified in keylime where an attacker can exploit this flaw by registering a new agent using a different Trusted Platform Module (TPM) device but claiming an existing agent's unique identifier (UUID). This action…
- CVE-2025-59048HIGHCVSS 8.1EG 8.12025-10-23
OpenBao's AWS Plugin generates AWS access credentials based on IAM policies. Prior to version 0.1.1, the AWS Plugin is vulnerable to cross-account IAM role Impersonation in the AWS auth method. The vulnerability allows an IAM role from an …
- CVE-2026-5794MEDIUMCVSS 4.9EG 4.92026-04-28
A vulnerability affecting the detailed versions of Cryptobox allows a legitimate user to prevent another to login by triggering an account lockout via sending a specially crafted request.
Map vulnerabilities like CWE-694 to your infrastructure
EchelonGraph correlates every CVE — across CWE-694 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →