CWE-755 · Improper Handling of Exceptional Conditions

573 CVEs classified under CWE-755 (Improper Handling of Exceptional Conditions). Browse by severity and year.

Top CVEs for CWE-755
CVESeverityScorePublishedSummary
CVE-2025-34193Critical9.82025-09-19Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 25.1.102 and Application versions prior to 25.1.1413 include Windows client compo…
CVE-2025-10156Critical9.82025-09-17An Improper Handling of Exceptional Conditions vulnerability in the ZIP archive scanning component of mmaitre314 picklescan allows a remote attacker to bypass…
CVE-2021-42142Critical9.82024-01-23An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers mishandle the early use of a large epoch number. This vulnerability…
CVE-2021-42141Critical9.82024-01-22An issue was discovered in Contiki-NG tinyDTLS through 2018-08-30. One incorrect handshake could complete with different epoch numbers in the packets Client_He…
CVE-2023-38406Critical9.82023-11-06bgpd/bgp_flowspec.c in FRRouting (FRR) before 8.4.3 mishandles an nlri length of zero, aka a "flowspec overflow."
CVE-2022-23121Critical9.82023-03-28This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vuln…
CVE-2021-4105Critical9.82023-02-24Improper Handling of Parameters vulnerability in BG-TEK COSLAT Firewall allows Remote Code Inclusion. This issue affects COSLAT Firewall: from 5.24.0.R.201806…
CVE-2022-48329Critical9.82023-02-20MISP before 2.4.166 unsafely allows users to use the order parameter, related to app/Model/Attribute.php, app/Model/GalaxyCluster.php, app/Model/Workflow.php…
CVE-2022-48328Critical9.82023-02-20app/Controller/Component/IndexFilterComponent.php in MISP before 2.4.167 mishandles ordered_url_params and additional_delimiters.
CVE-2022-31799Critical9.82022-06-02Bottle before 0.12.20 mishandles errors during early request binding.
CVE-2021-40391Critical9.82021-11-19An out-of-bounds write vulnerability exists in the drill format T-code tool number functionality of Gerbv 2.7.0, dev (commit b5f1eacd), and the forked version…
CVE-2021-43272Critical9.82021-11-14An improper handling of exceptional conditions vulnerability exists in Open Design Alliance ODA Viewer sample before 2022.11. ODA Viewer continues to process i…
CVE-2021-38384Critical9.82021-08-10Serverless Offline 8.0.0 returns a 403 HTTP status code for a route that has a trailing / character, which might cause a developer to implement incorrect acces…
CVE-2021-36128Critical9.82021-07-02An issue was discovered in the CentralAuth extension in MediaWiki through 1.36. Autoblocks for CentralAuth-issued suppression blocks are not properly implement…
CVE-2020-13859Critical9.82021-02-01An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices. A format error in /etc/shadow, coupled with a logic bug in the LuCI - OpenWrt Confi…
CVE-2020-24753Critical9.82020-09-17A memory corruption vulnerability in Objective Open CBOR Run-time (oocborrt) in versions before 2020-08-12 could allow an attacker to execute code via crafted…
CVE-2020-7247Critical9.82020-01-29smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via…
CVE-2009-5043Critical9.82019-10-31burn allows file names to escape via mishandled quotation marks
CVE-2019-17195Critical9.82019-10-15Connect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exceptions while parsing a JWT, which could result in an application crash (potential informa…
CVE-2019-14431Critical9.82019-07-29In MatrixSSL 3.8.3 Open through 4.2.1 Open, the DTLS server mishandles incoming network messages leading to a heap-based buffer overflow of up to 256 bytes and…