CWE-754

Medium likelihood

Improper Check for Unusual or Exceptional Conditions

Parent: CWE-703 - Improper Check or Handling of Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

588 vulnerabilities with CWE-754
CVE-2022-24323 MEDIUM
EcoStruxure Control Expert <15.0 & Process Expert <2021 - DoS via Modbus Response
CVSS 5.3
CVE-2022-24321 HIGH
ClearSCADA, EcoStruxure Geo SCADA Expert - DoS
CVSS 7.5
CVE-2022-23593 MEDIUM
TensorFlow 2.7.0-2.8.0 - Denial of Service via Scalar Shape Handling in simplifyBroadcast
CVSS 5.9
CVE-2022-23590 MEDIUM
TensorFlow < 2.7.1 - Denial of Service via Malicious GraphDef in SavedModel
CVSS 5.9
CVE-2022-23572 MEDIUM
TensorFlow < 2.5.2 - Denial of Service via Shape Inference Type Specialization Failure
CVSS 6.5
CVE-2022-21737 MEDIUM
TensorFlow < 2.5.3 - Denial of Service via Bincount Operation CHECK Failure
CVSS 6.5
CVE-2022-22180 HIGH
Juniper Junos OS - Denial of Service via IPv6 Packet Processing
CVSS 7.5
CVE-2022-22171 HIGH
Juniper Junos OS 19.4-21.3 - Unauthenticated Denial of Service via VXLAN Packet Handling
CVSS 7.5
CVE-2022-21676 HIGH
Engine.IO 4.0.0-4.1.1, 5.0.0-5.2.0, 6.0.0-6.1.0 - Denial of Service via Crafted HTTP Request
CVSS 7.5
CVE-2021-47227 MEDIUM
Linux Kernel 5.8-5.10.46 - State Corruption via FPU Restore Signal Handling
CVSS 5.5
CVE-2021-47014 HIGH
Linux Kernel 5.8-5.12.3 - Memory Corruption via act_ct Fragment Handling
CVSS 7.8
CVE-2021-47007 MEDIUM
Linux Kernel 5.8-5.10.37 5.11.21 5.12.4 - Denial of Service via F2FS Resize Filesystem
CVSS 5.5
CVE-2021-46934 LOW
Linux Kernel 4.15-4.19.223 - Denial of Service via Invalid I2C Compat IOCTL User Data
CVSS 3.3
CVE-2021-46909 MEDIUM
Linux kernel 4.13.0-4.14.232 - Denial of Service via PCI Interrupt Mapping
CVSS 5.5
CVE-2021-32846 HIGH
HyperKit 0.20210107 - Memory Corruption
CVSS 7.7
CVE-2021-44856 MEDIUM
MediaWiki < 1.35.5, 1.36.x < 1.36.3, 1.37.x < 1.37.1 - AbuseFilter Bypass via Special:ChangeContentModel
CVSS 5.3
CVE-2021-35108 MEDIUM
Snapdragon Connectivity - Privilege Escalation
CVSS 6.8
CVE-2021-42020 HIGH
Siemens RUGGEDCOM ROS - Denial of Service via TFTP Null Termination Check Bypass
CVSS 7.5
CVE-2021-3560 HIGH KEV
polkit < 0.119 - Unauthenticated Privilege Escalation via D-Bus Request
CVSS 7.8
CVE-2021-33147 MEDIUM
Intel(R) IPP Crypto <2021.2 - Info Disclosure
CVSS 5.5
CVE-2021-33139 MEDIUM
Intel(R) Wireless Bluetooth(R)/Killer(TM) Bluetooth(R) <22.100 - DoS
CVSS 5.7
CVE-2021-22285 HIGH
ABB SPIET800 and PNI800 Firmware - Denial of Service via Improper Exception Handling
CVSS 7.5
CVE-2021-22816 HIGH
Schneider Electric SCADAPack E-Series Firmware < 8.19.1 - Denial of Service via Crafted Modbus Request
CVSS 7.5
CVE-2021-37862 LOW
Mattermost < 6.0 - Email Address Spoofing via Crafted Invitation Token
CVSS 3.7
CVE-2021-43801 HIGH
Mercurius 8.10.0-8.11.1 - Denial of Service via Malformed JSON to GraphQL Endpoint
CVSS 7.5
Details
Vulnerabilities 588
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits