CWE-754

Medium likelihood

Improper Check for Unusual or Exceptional Conditions

Parent: CWE-703 - Improper Check or Handling of Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

588 vulnerabilities with CWE-754
CVE-2021-25525 LOW
Samsung Pay < 4.0.65 - Unauthenticated NFC Access via Exception Handling Issue
CVSS 2.0
CVE-2021-41135 MEDIUM
Cosmos-SDK 0.43.0-0.44.2 - Consensus Halt via Non-Deterministic Grant Expiration Validation
CVSS 6.5
CVE-2021-31364 MEDIUM
Juniper Junos OS SRX300/SRX500/SRX1500/SRX5000 with SPC2 < 20.4R2 - Unauthenticated DoS via Flow Daemon Race Condition
CVSS 5.9
CVE-2021-31361 MEDIUM
Juniper Junos OS on QFX and PTX Series - Unauthenticated Denial of Service via VXLAN Encapsulated IP Packets
CVSS 5.3
CVE-2021-31351 HIGH
Juniper Junos OS - Denial of Service via MS-MPC/MS-MIC Packet Processing
CVSS 7.5
CVE-2021-25481 MEDIUM
Exynos CP <SMR Oct-2021 Release 1 - Privilege Escalation
CVSS 6.4
CVE-2021-39162 HIGH
Envoy < 1.18.4 and Pomerium < 0.15.1 - Denial of Service via H/2 GOAWAY and SETTINGS Frame
CVSS 8.6
CVE-2021-39196 HIGH
pcapture < 3.12 - Authenticated Unauthorized Packet Capture via REST API
CVSS 7.7
CVE-2021-40523 HIGH
Contiki 3.0 - Denial of Service via Telnet Option Negotiation Buffer Exhaustion
CVSS 7.5
CVE-2021-33605 MEDIUM
com.vaadin:vaadin-checkbox-flow <2.0.0 - RCE
CVSS 4.3
CVE-2021-32780 HIGH
Envoy 1.18.0-1.18.3 - Denial of Service via H/2 GOAWAY and SETTINGS Frame Sequence
CVSS 8.6
CVE-2021-0408 MEDIUM
Android - Out-of-bounds Read in ASF Extractor
CVSS 5.5
CVE-2021-38599 HIGH
wal-g < 1.1 - Unintended Cleartext Backup Upload in Non-LibSodium Builds
CVSS 7.5
CVE-2021-0002 HIGH
Intel Ethernet Controller E810 Firmware < 1.4.11 - Authenticated Denial of Service via Local Access
CVSS 7.1
CVE-2021-21563 MEDIUM
Dell EMC PowerScale OneFS 8.1.2-9.1.0.x - Authenticated Denial of Service in Auditing Component
CVSS 6.5
CVE-2021-22447 HIGH
Huawei Smartphone - Info Disclosure
CVSS 7.5
CVE-2021-0288 MEDIUM
Juniper Junos OS MX/EX9200 DoS via MPLS Packet Processing
CVSS 6.5
CVE-2021-0287 MEDIUM
Juniper Networks Junos OS <19.4R1-S4 - DoS
CVSS 6.5
CVE-2021-0286 HIGH
Juniper Networks Junos OS Evolved - DoS
CVSS 7.5
CVE-2021-0282 HIGH
Juniper Junos OS - Denial of Service via BGP UPDATE with Multipath or Add-Path
CVSS 7.5
CVE-2021-0281 MEDIUM
Juniper Networks Junos OS <17.3R3-S12, <17.4 - DoS
CVSS 5.9
CVE-2021-26038 HIGH
Joomla! 2.5.0-3.9.27 - Privilege Escalation via com_installer Install Action
CVSS 7.5
CVE-2021-32946 HIGH
Drawings SDK <2022.4 - DoS/Code Injection
CVSS 7.8
CVE-2021-33622 CRITICAL
Sylabs Singularity <3.5-8 - Memory Corruption
CVSS 9.8
CVE-2021-21439 MEDIUM
OTRS 6.0.1-6.0.29 and 7.0.0-7.0.26 - Denial of Service via Malicious Email URL
CVSS 6.5
Details
Vulnerabilities 588
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits