CWE-248

Uncaught Exception

Parent: CWE-705 - Incorrect Control Flow Scoping

An exception is thrown from a function, but it is not caught.

206 vulnerabilities with CWE-248
CVE-2025-29785 HIGH
quic-go 0.50.0 - Denial of Service via Path Probe Packet Handling
CVSS 7.5
CVE-2025-48943 MEDIUM
vLLM 0.8.0-0.8.9 - Denial of Service via Invalid Regex in Structured Output
CVSS 6.5
CVE-2025-48942 MEDIUM
vllm 0.8.0-0.9.0 - Denial of Service via Invalid JSON Schema in /v1/completions API
CVSS 6.5
CVE-2025-47944 HIGH
multer 1.4.4-lts.1-2.0.0 - Denial of Service via Malformed Multi-Part Upload Request
CVSS 7.5
CVE-2025-23166 HIGH
Node.js < 20.19.1, 22.0-22.14.9, 23.0-23.10.9, 24.0 - Denial of Service via SignTraits::DeriveBits Exception
CVSS 7.5
CVE-2025-20054 MEDIUM
Intel(R) Processors - Authenticated Denial of Service via Core Management Mechanism
CVSS 6.5
CVE-2025-3891 HIGH
Apache HTTP Server - Denial of Service via Empty POST Request with OIDCPreservePost Enabled
CVSS 7.5
CVE-2025-43855 HIGH
tRPC 11.0.0-11.1.1 - Unauthenticated Denial of Service via Invalid WebSocket ConnectionParams
CVE-2025-32944 MEDIUM
PeerTube < 7.1.1 - Authenticated Denial of Service via Archive Import Filename Handling
CVSS 6.5
CVE-2025-20664 HIGH
MediaTek Software Development Kit < 7.4.0.1 - Information Disclosure via Uncaught Exception in WLAN AP Driver
CVSS 7.5
CVE-2025-20663 HIGH
MediaTek Software Development Kit < 7.4.0.1 - Remote Information Disclosure via Uncaught Exception in WLAN AP Driver
CVSS 7.5
CVE-2025-3083 HIGH
MongoDB <5.0.31, <6.0.20, <7.0.16 - DoS
CVSS 7.5
CVE-2025-24836 HIGH
Qardio Heart Health iOS <2.7.4 & Android <2.5.1 - DoS via Bluetooth Command Flood
CVSS 7.1
CVE-2025-20097 MEDIUM
Intel Server M50FCP/D50DNP < R01.02.0002 - DoS via OpenBMC Uncaught Exception
CVSS 4.3
CVE-2025-0158 MEDIUM
IBM EntireX 11.1 - Denial of Service via Unhandled Error
CVSS 5.5
CVE-2025-20176 HIGH
Cisco IOS - Authenticated Denial of Service via SNMP Request Parsing
CVSS 7.7
CVE-2025-20173 HIGH
Cisco IOS Software - Cisco IOS XE Software - DoS
CVSS 7.7
CVE-2025-20172 HIGH
Cisco IOS - Authenticated Denial of Service via SNMP Request Parsing
CVSS 7.7
CVE-2025-20171 HIGH
Cisco IOS Software - Cisco IOS XE Software - DoS
CVSS 7.7
CVE-2025-20637 HIGH
MediaTek Software Development Kit < 7.6.7.0 - Remote Denial of Service via Uncaught Exception
CVSS 7.5
CVE-2025-24883 HIGH
go-ethereum 1.14.0-1.14.12 - Denial of Service via Crafted Message
CVE-2025-0648 MEDIUM
M-Files Server <25.1.14445.5, <24.8 LTS SR3 - DoS
CVSS 4.9
CVE-2024-52903 MEDIUM
IBM Db2 12.1.0-12.1.1 - Denial of Service via Crafted Query
CVSS 5.3
CVE-2024-49705 MEDIUM
SoftCOM iKSORIS < 79.0 - Denial of Service via Unhandled Session Cookie Parameter
CVSS 6.5
CVE-2024-58112 HIGH
HarmonyOS - Denial of Service in ArkUI SVG Parsing Module
CVSS 7.5
Details
Vulnerabilities 206
Links
MITRE CWE Entry Search this CWE With Exploits