CWE-703
150 CVEs classified under CWE-703. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-13026 | Critical | 9.8 | 2025-11-11 | Sandbox escape due to incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 145 and Thunderbird 145. |
CVE-2025-13023 | Critical | 9.8 | 2025-11-11 | Sandbox escape due to incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 145 and Thunderbird 145. |
CVE-2025-13022 | Critical | 9.8 | 2025-11-11 | Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 145 and Thunderbird 145. |
CVE-2025-13021 | Critical | 9.8 | 2025-11-11 | Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 145 and Thunderbird 145. |
CVE-2024-21894 | Critical | 9.8 | 2024-04-04 | A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send… |
CVE-2021-3329 | Critical | 9.6 | 2023-02-26 | Lack of proper validation in HCI Host stack initialization can cause a crash of the bluetooth stack |
CVE-2023-0397 | Critical | 9.6 | 2023-01-19 | A malicious / defect bluetooth controller can cause a Denial of Service due to unchecked input in le_read_buffer_size_complete. |
CVE-2024-39815 | Critical | 9.1 | 2024-08-12 | Improper check or handling of exceptional conditions vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software ver… |
CVE-2023-45927 | Critical | 9.1 | 2024-03-27 | S-Lang 2.3.2 was discovered to contain an arithmetic exception via the function tt_sprintf(). |
CVE-2021-23859 | Critical | 9.1 | 2021-12-08 | An unauthenticated attacker is able to send a special HTTP request, that causes a service to crash. In case of a standalone VRM or BVMS with VRM installation t… |
CVE-2019-5031 | High | 8.8 | 2019-10-02 | An exploitable memory corruption vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader, version 9.4.1.16828. A specially crafted P… |
CVE-2026-0011 | High | 8.4 | 2026-03-02 | In enableSystemPackageLPw of Settings.java, there is a possible way to prevent location access from working due to a logic error in the code. This could lead t… |
CVE-2024-21525 | High | 8.3 | 2024-07-10 | All versions of the package node-twain are vulnerable to Improper Check or Handling of Exceptional Conditions due to the length of the source data not being ch… |
CVE-2024-22053 | High | 8.2 | 2024-04-04 | A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send… |
CVE-2024-10781 | High | 8.1 | 2024-11-26 | The Spam protection, Anti-Spam, FireWall by CleanTalk plugin for WordPress is vulnerable to unauthorized Arbitrary Plugin Installation due to an missing empty… |
CVE-2024-4611 | High | 8.1 | 2024-05-29 | The AppPresser plugin for WordPress is vulnerable to improper missing encryption exception handling on the 'decrypt_value' and on the 'doCookieAuth' functions… |
CVE-2018-12551 | High | 8.1 | 2019-03-27 | When Eclipse Mosquitto version 1.0 to 1.5.5 (inclusive) is configured to use a password file for authentication, any malformed data in the password file will b… |
CVE-2024-27832 | High | 7.8 | 2024-06-10 | The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. An app… |
CVE-2018-5463 | High | 7.8 | 2018-04-09 | A structured exception handler overflow vulnerability in Leao Consultoria e Desenvolvimento de Sistemas (LCDS) LTDA ME LAquis SCADA 4.1.0.3391 and earlier may… |
CVE-2022-20924 | High | 7.7 | 2022-11-15 | A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense… |