CVEbaza.plSłownik CWECWE-687
Common Weakness Enumeration

CWE-687

Function Call With Incorrectly Specified Argument Value

Kategoria: VariantCVE: 3
Opis

Produkt wywołuje funkcję, procedurę lub rutynę, ale osoba wywołująca określa argument zawierający błędną wartość, co może prowadzić do powstania słabości w bezpieczeństwie. Ten błąd może powodować nieprawidłowe zachowanie programu lub jego podatność na ataki.

Description (EN)

The product calls a function, procedure, or routine, but the caller specifies an argument that contains the wrong value, which may lead to resultant weaknesses.

Podatności CVE z CWE-687 (3)
8.8
CVSS
HIGH
CVE-2024-36985

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10, a low-privileged user that does not hold the admin or power Splunk roles could cause a Remote Code Execution through an external lookup that references the “splunk_archiver“ application.

pub. 2024-07-01
5.0
CVSS
MEDIUM
CVE-2025-22620

gitoxide is an implementation of git written in Rust. Prior to 0.17.0, gix-worktree-state specifies 0777 permissions when checking out executable files, intending that the umask will restrict them appropriately. But one of the strategies it uses to set permissions is not subject to the umask. This causes files in a repository to be world-writable in some situations. This vulnerability is fixed in 0.17.0.

pub. 2025-01-20
4.3
CVSS
MEDIUM
CVE-2024-49603

Dell PowerScale OneFS Versions 8.2.2.x through 9.9.0.x contain an incorrect specified argument vulnerability. A remote low privileged legitimate user could potentially exploit this vulnerability, leading to information disclosure.

pub. 2024-12-09
Informacje
ID: CWE-687
Typ: Variant
Podatności: 3
MITRE CWE ↗
← Słownik CWE