CWE-391
24 CVEs classified under CWE-391. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-71325 | Critical | 9.8 | 2026-06-17 | picklescan before 0.0.27 contains a parsing logic error in the _list_globals function when handling STACK_GLOBAL opcodes, failing to track arguments in the cor… |
CVE-2024-52316 | Critical | 9.8 | 2024-11-18 | Unchecked Error Condition vulnerability in Apache Tomcat. If Tomcat is configured to use a custom Jakarta Authentication (formerly JASPIC) ServerAuthContext co… |
CVE-2017-12187 | Critical | 9.8 | 2018-01-24 | xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing malicious X client to cause X server to crash or possibly execute arbi… |
CVE-2017-12186 | Critical | 9.8 | 2018-01-24 | xorg-x11-server before 1.19.5 was missing length validation in X-Resource extension allowing malicious X client to cause X server to crash or possibly execute… |
CVE-2017-12185 | Critical | 9.8 | 2018-01-24 | xorg-x11-server before 1.19.5 was missing length validation in MIT-SCREEN-SAVER extension allowing malicious X client to cause X server to crash or possibly ex… |
CVE-2017-12184 | Critical | 9.8 | 2018-01-24 | xorg-x11-server before 1.19.5 was missing length validation in XINERAMA extension allowing malicious X client to cause X server to crash or possibly execute ar… |
CVE-2017-12183 | Critical | 9.8 | 2018-01-24 | xorg-x11-server before 1.19.5 was missing length validation in XFIXES extension allowing malicious X client to cause X server to crash or possibly execute arbi… |
CVE-2017-12182 | Critical | 9.8 | 2018-01-24 | xorg-x11-server before 1.19.5 was missing length validation in XFree86 DRI extension allowing malicious X client to cause X server to crash or possibly execute… |
CVE-2017-12181 | Critical | 9.8 | 2018-01-24 | xorg-x11-server before 1.19.5 was missing length validation in XFree86 DGA extension allowing malicious X client to cause X server to crash or possibly execute… |
CVE-2017-12180 | Critical | 9.8 | 2018-01-24 | xorg-x11-server before 1.19.5 was missing length validation in XFree86 VidModeExtension allowing malicious X client to cause X server to crash or possibly exec… |
CVE-2017-12179 | Critical | 9.8 | 2018-01-24 | xorg-x11-server before 1.19.5 was vulnerable to integer overflow in (S)ProcXIBarrierReleasePointer functions allowing malicious X client to cause X server to c… |
CVE-2017-12178 | Critical | 9.8 | 2018-01-24 | xorg-x11-server before 1.19.5 had wrong extra length check in ProcXIChangeHierarchy function allowing malicious X client to cause X server to crash or possibly… |
CVE-2017-12177 | Critical | 9.8 | 2018-01-24 | xorg-x11-server before 1.19.5 was vulnerable to integer overflow in ProcDbeGetVisualInfo function allowing malicious X client to cause X server to crash or pos… |
CVE-2017-12176 | Critical | 9.8 | 2018-01-24 | xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or… |
CVE-2016-10526 | High | 8.6 | 2018-05-31 | A common setup to deploy to gh-pages on every commit via a CI system is to expose a github token to ENV and to use it directly in the auth part of the url. In… |
CVE-2019-14853 | High | 7.5 | 2019-11-26 | An error-handling flaw was found in python-ecdsa before version 0.13.3. During signature decoding, malformed DER signatures could raise unexpected exceptions (… |
CVE-2017-7496 | High | 7.0 | 2017-06-26 | fedora-arm-installer up to and including 1.99.16 is vulnerable to local privilege escalation due to lack of checking the error condition of mount operation fai… |
CVE-2022-22160 | Medium | 6.5 | 2022-01-19 | An Unchecked Error Condition vulnerability in the subscriber management daemon (smgd) of Juniper Networks Junos OS allows an unauthenticated adjacent attacker… |
CVE-2020-14383 | Medium | 6.5 | 2020-12-02 | A flaw was found in samba's DNS server. An authenticated user could use this flaw to the RPC server to crash. This RPC server, which also serves protocols othe… |
CVE-2022-20849 | Medium | 6.1 | 2024-11-15 | A vulnerability in the Broadband Network Gateway PPP over Ethernet (PPPoE) feature of Cisco IOS XR Software could allow an unauthenticated, adjacent attac… |