CWE-755 · Improper Handling of Exceptional Conditions
573 CVEs classified under CWE-755 (Improper Handling of Exceptional Conditions). Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-34193 | Critical | 9.8 | 2025-09-19 | Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 25.1.102 and Application versions prior to 25.1.1413 include Windows client compo… |
CVE-2025-10156 | Critical | 9.8 | 2025-09-17 | An Improper Handling of Exceptional Conditions vulnerability in the ZIP archive scanning component of mmaitre314 picklescan allows a remote attacker to bypass… |
CVE-2021-42142 | Critical | 9.8 | 2024-01-23 | An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers mishandle the early use of a large epoch number. This vulnerability… |
CVE-2021-42141 | Critical | 9.8 | 2024-01-22 | An issue was discovered in Contiki-NG tinyDTLS through 2018-08-30. One incorrect handshake could complete with different epoch numbers in the packets Client_He… |
CVE-2023-38406 | Critical | 9.8 | 2023-11-06 | bgpd/bgp_flowspec.c in FRRouting (FRR) before 8.4.3 mishandles an nlri length of zero, aka a "flowspec overflow." |
CVE-2022-23121 | Critical | 9.8 | 2023-03-28 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vuln… |
CVE-2021-4105 | Critical | 9.8 | 2023-02-24 | Improper Handling of Parameters vulnerability in BG-TEK COSLAT Firewall allows Remote Code Inclusion. This issue affects COSLAT Firewall: from 5.24.0.R.201806… |
CVE-2022-48329 | Critical | 9.8 | 2023-02-20 | MISP before 2.4.166 unsafely allows users to use the order parameter, related to app/Model/Attribute.php, app/Model/GalaxyCluster.php, app/Model/Workflow.php… |
CVE-2022-48328 | Critical | 9.8 | 2023-02-20 | app/Controller/Component/IndexFilterComponent.php in MISP before 2.4.167 mishandles ordered_url_params and additional_delimiters. |
CVE-2022-31799 | Critical | 9.8 | 2022-06-02 | Bottle before 0.12.20 mishandles errors during early request binding. |
CVE-2021-40391 | Critical | 9.8 | 2021-11-19 | An out-of-bounds write vulnerability exists in the drill format T-code tool number functionality of Gerbv 2.7.0, dev (commit b5f1eacd), and the forked version… |
CVE-2021-43272 | Critical | 9.8 | 2021-11-14 | An improper handling of exceptional conditions vulnerability exists in Open Design Alliance ODA Viewer sample before 2022.11. ODA Viewer continues to process i… |
CVE-2021-38384 | Critical | 9.8 | 2021-08-10 | Serverless Offline 8.0.0 returns a 403 HTTP status code for a route that has a trailing / character, which might cause a developer to implement incorrect acces… |
CVE-2021-36128 | Critical | 9.8 | 2021-07-02 | An issue was discovered in the CentralAuth extension in MediaWiki through 1.36. Autoblocks for CentralAuth-issued suppression blocks are not properly implement… |
CVE-2020-13859 | Critical | 9.8 | 2021-02-01 | An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices. A format error in /etc/shadow, coupled with a logic bug in the LuCI - OpenWrt Confi… |
CVE-2020-24753 | Critical | 9.8 | 2020-09-17 | A memory corruption vulnerability in Objective Open CBOR Run-time (oocborrt) in versions before 2020-08-12 could allow an attacker to execute code via crafted… |
CVE-2020-7247 | Critical | 9.8 | 2020-01-29 | smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via… |
CVE-2009-5043 | Critical | 9.8 | 2019-10-31 | burn allows file names to escape via mishandled quotation marks |
CVE-2019-17195 | Critical | 9.8 | 2019-10-15 | Connect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exceptions while parsing a JWT, which could result in an application crash (potential informa… |
CVE-2019-14431 | Critical | 9.8 | 2019-07-29 | In MatrixSSL 3.8.3 Open through 4.2.1 Open, the DTLS server mishandles incoming network messages leading to a heap-based buffer overflow of up to 256 bytes and… |