CWE-754 · Improper Check for Unusual or Exceptional Conditions

589 CVEs classified under CWE-754 (Improper Check for Unusual or Exceptional Conditions). Browse by severity and year.

Top CVEs for CWE-754
CVESeverityScorePublishedSummary
CVE-2026-4689Critical10.02026-03-24Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34…
CVE-2026-24054Critical10.02026-01-29Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines (VMs) that perform like containers. In versions…
CVE-2021-0211Critical10.02021-01-15An improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved Routing Protocol Daemon (RPD) service allows an attac…
CVE-2026-8091Critical9.82026-05-07Incorrect boundary conditions in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150, Thunderbird 150, Firefox ESR 140.10.1, Thund…
CVE-2024-52316Critical9.82024-11-18Unchecked Error Condition vulnerability in Apache Tomcat. If Tomcat is configured to use a custom Jakarta Authentication (formerly JASPIC) ServerAuthContext co…
CVE-2024-7826Critical9.82024-10-03Improper Check for Unusual or Exceptional Conditions vulnerability in Webroot SecureAnywhere - Web Shield on Windows, ARM, 64 bit, 32 bit (wrURL.Dll modules) a…
CVE-2024-3729Critical9.82024-05-02The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to improper missing encryption exception handling on the 'fea_encrypt' function in all ver…
CVE-2023-37303Critical9.82023-06-30An issue was discovered in the CheckUser extension for MediaWiki through 1.39.3. In certain situations, an attempt to block a user fails after a temporary brow…
CVE-2017-20166Critical9.82023-01-10Ecto 2.2.0 lacks a certain protection mechanism associated with the interaction between is_nil and raise.
CVE-2022-20130Critical9.82022-06-15In transportDec_OutOfBandConfig of tpdec_lib.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code executi…
CVE-2021-33622Critical9.82021-06-15Sylabs Singularity 3.5.x and 3.6.x, and SingularityPRO before 3.5-8, has an Incorrect Check of a Function's Return Value.
CVE-2020-28037Critical9.82020-11-02is_blog_installed in wp-includes/functions.php in WordPress before 5.5.2 improperly determines whether WordPress is already installed, which might allow an att…
CVE-2020-8986Critical9.82020-03-24lib/NSSDropbox.php in ZendTo prior to 5.22-2 Beta failed to properly check for equality when validating the session cookie, allowing an attacker to gain admini…
CVE-2020-10571Critical9.82020-03-14An issue was discovered in psd-tools before 1.9.4. The Cython implementation of RLE decoding did not check for malicious data.
CVE-2019-19646Critical9.82019-12-09pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns.
CVE-2019-15900Critical9.82019-10-18An issue was discovered in slicer69 doas before 6.2 on certain platforms other than OpenBSD. On platforms without strtonum(3), sscanf was used without checking…
CVE-2019-0036Critical9.82019-04-10When configuring a stateless firewall filter in Junos OS, terms named using the format "internal-n" (e.g. "internal-1", "internal-2", etc.) are silently ignore…
CVE-2020-15202Critical9.02020-09-25In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `Shard` API in TensorFlow expects the last argument to be a function taking two `int64…
CVE-2026-21693High8.82026-01-07iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color manage…
CVE-2024-43044High8.82024-08-07Jenkins 2.470 and earlier, LTS 2.452.3 and earlier allows agent processes to read arbitrary files from the Jenkins controller file system by using the `ClassLo…