CWE-754

Medium likelihood

Improper Check for Unusual or Exceptional Conditions

Parent: CWE-703 - Improper Check or Handling of Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

588 vulnerabilities with CWE-754
CVE-2025-20201 MEDIUM
Cisco IOS XE - Privilege Escalation
CVSS 6.7
CVE-2025-20200 MEDIUM
Cisco IOS XE - Privilege Escalation
CVSS 6.7
CVE-2025-20198 MEDIUM
Cisco IOS XE - Privilege Escalation
CVSS 4.6
CVE-2025-43715 HIGH
Nullsoft Scriptable Install System < 3.11 - Local Privilege Escalation via Temporary Plugins Directory Race Condition
CVSS 8.1
CVE-2025-32997 MEDIUM
http-proxy-middleware < 2.0.9 and 3.x < 3.0.5 - Request Body Processing After Parser Failure
CVSS 4.0
CVE-2025-0129 CRITICAL
Palo Alto Networks Prisma Access Browser - Privilege Escalation
CVE-2025-0128 HIGH
Palo Alto Networks PAN-OS Unauthenticated DoS via SCEP Authentication
CVE-2025-30660 HIGH
Juniper Junos DoS via GRE Traffic (Multiple Versions)
CVSS 7.5
CVE-2025-30655 MEDIUM
Juniper Junos OS and Junos OS Evolved - Denial of Service via 'show bgp neighbor' CLI Command
CVSS 5.5
CVE-2025-21597 MEDIUM
Juniper Junos OS and Junos OS Evolved - Unauthenticated Denial of Service via BGP Peer Flap Timing
CVSS 5.3
CVE-2025-21594 HIGH
Juniper Junos OS on MX Series - Denial of Service via Crafted IPv6 Traffic in DS-Lite NAT Scenario
CVSS 7.5
CVE-2025-3359 MEDIUM
GNUPlot - Memory Corruption
CVSS 6.2
CVE-2025-32051 MEDIUM
Red Hat Enterprise Linux - Denial of Service via Malformed Data URI in libsoup
CVSS 5.9
CVE-2025-2704 HIGH
OpenVPN 2.6.1-2.6.13 - Denial of Service via TLS-crypt-v2 Handshake Packet Replay
CVSS 7.5
CVE-2025-30258 LOW
GnuPG < 2.4.8 - Denial of Service via Crafted Subkey Certificate Import
CVSS 2.7
CVE-2025-0116 MEDIUM
PAN-OS 10.1.0-10.1.14-h11, 10.2.0-10.2.14, 11.1.0-11.1.8, 11.2.0-11.2.5 - DoS via Crafted LLDP Frame
CVE-2025-0112 MEDIUM
Palo Alto Networks Cortex XDR - Privilege Escalation
CVE-2025-0503 LOW
Mattermost <9.11.7 - Info Disclosure
CVSS 3.1
CVE-2025-20637 HIGH
MediaTek Software Development Kit < 7.6.7.0 - Remote Denial of Service via Uncaught Exception
CVSS 7.5
CVE-2025-24161 MEDIUM
iPadOS < 17.7.4 - Denial of Service via File Parsing
CVSS 5.5
CVE-2025-23197 MEDIUM
matrix-hookshot 5.4.1 and 6.0.1 - Denial of Service via GitHub Organization Handling
CVSS 6.5
CVE-2025-22445 LOW
Mattermost 10.x <= 10.2 - Incorrect Security Configuration Reporting in UI
CVSS 3.5
CVE-2024-26008 MEDIUM
Fortinet Fortios < 7.2.8 - Improper Condition Check
CVSS 5.3
CVE-2024-52504 HIGH
SIPROTEC 4 - Unauthenticated Denial of Service via File Transfer Interruption
CVSS 7.5
CVE-2024-28036 MEDIUM
Intel(R) Arc GPU - Authenticated Denial of Service via Local Access
CVSS 5.6
Details
Vulnerabilities 588
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits