CWE-754
Medium likelihoodImproper Check for Unusual or Exceptional Conditions
The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.
588 vulnerabilities with CWE-754
CVE-2023-46765
HIGH
Huawei EMUI and HarmonyOS - Denial of Service in NFC Module
CVSS 7.5
CVE-2023-5967
MEDIUM
Mattermost < 7.8.11, 7.8.12, 8.0.0-8.0.4 - Denial of Service via Missing User Agent Header
CVSS 4.3
CVE-2023-5678
MEDIUM
OpenSSL 1.0.2-1.0.2zj, 1.1.1-1.1.1x, 3.0.0-3.0.13, 3.1.0-3.1.5 - DoS via Excessive X9.42 DH Key Length
CVSS 5.3
CVE-2023-45812
HIGH
Apollo Router 1.31.0-1.32.0 - Denial of Service via Multi-Part Response Handling
CVSS 7.5
CVE-2023-44199
HIGH
Juniper Junos OS on MX Series - Unauthenticated Denial of Service via PTP Routing Protocol Churn
CVSS 7.5
CVE-2023-44198
MEDIUM
Juniper Junos OS 20.4-22.3 - Unauthenticated SIP Packet Integrity Impact via Malformed SIP Packet
CVSS 5.8
CVE-2023-44196
MEDIUM
Juniper Junos OS Evolved MPLS Packet Handling Unauthenticated Integrity Impact
CVSS 6.5
CVE-2023-41304
MEDIUM
HarmonyOS - Parameter Verification Vulnerability in Window Module
CVSS 5.3
CVE-2023-30591
HIGH
NodeBB <= 2.8.10 - Unauthenticated Denial of Service via Crafted Socket.IO Messages
CVSS 7.5
CVE-2023-41993
HIGH
KEV
iPadOS < 17.0.1 - Remote Code Execution via Web Content Processing
CVSS 8.8
CVE-2023-41992
HIGH
KEV
iPadOS < 16.7 - Local Privilege Escalation
CVSS 7.8
CVE-2023-4828
MEDIUM
Proofpoint Insider Threat Management < 7.14.3.69 - Authenticated Configuration Tampering via Agent Credential Abuse
CVSS 6.4
CVE-2023-4583
HIGH
Firefox < 117 and Firefox ESR < 115.2 - Use-After-Free in HttpBaseChannel
CVSS 7.5
CVE-2023-29198
MEDIUM
Electron - Context Isolation Bypass
CVSS 6.0
CVE-2023-38283
MEDIUM
OpenBGPD < 8.1 - Denial of Service via BGP Path Attribute Length Handling
CVSS 5.3
CVE-2023-21230
MEDIUM
Android - Local Information Disclosure via WiFi Access Point Broadcast
CVSS 5.5
CVE-2023-21405
MEDIUM
Axis Network Door Controllers/Intercoms - DoS
CVSS 6.5
CVE-2023-37899
HIGH
Feathersjs < 4.5.18 - Denial of Service via Invalid String Conversion in Socket Handler
CVSS 7.5
CVE-2023-36835
HIGH
Juniper Junos OS on QFX10000 - Denial of Service via VXLAN Tunnel Packet Handling
CVSS 7.5
CVE-2023-21246
LOW
Android - Local Privilege Escalation via ShortcutInfo Exception Handling
CVSS 3.3
CVE-2023-38069
LOW
JetBrains IntelliJ IDEA < 2023.1.4 - License Dialog Suppression
CVSS 3.3
CVE-2023-37303
CRITICAL
MediaWiki < 1.39.3 - Denial of Service via CheckUser Extension Block Attempt
CVSS 9.8
CVE-2023-34099
MEDIUM
Shopware 5.1.4-5.7.17 - Account Hijacking via Email Address Normalization Bypass
CVSS 5.3
CVE-2023-35849
HIGH
VirtualSquare picoTCP < 2.1 - Denial of Service via Improper Header Size Check
CVSS 7.5
CVE-2023-34733
MEDIUM
Volkswagen Discover Media Infotainment System 0876 - Denial of Service via Crafted USB Media Files
CVSS 6.8
Details
Vulnerabilities
588
Exploit Likelihood
Medium