VYPR

CWE-754

Improper Check for Unusual or Exceptional Conditions

ClassIncompleteLikelihood: Medium

Description

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

Hierarchy (View 1000)

CVEs mapped to this weakness (226)

page 4 of 12
  • CVE-2017-17084HigDec 1, 2017
    risk 0.49cvss 7.5epss 0.03

    In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the IWARP_MPA dissector could crash. This was addressed in epan/dissectors/packet-iwarp-mpa.c by validating a ULPDU length.

  • CVE-2017-17083HigDec 1, 2017
    risk 0.49cvss 7.5epss 0.03

    In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the NetBIOS dissector could crash. This was addressed in epan/dissectors/packet-netbios.c by ensuring that write operations are bounded by the beginning of a buffer.

  • CVE-2017-11144HigJul 10, 2017
    risk 0.49cvss 7.5epss 0.06

    In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, the openssl extension PEM sealing code did not check the return value of the OpenSSL sealing function, which could lead to a crash of the PHP interpreter, related to an interpretation conflict for a negative number…

  • CVE-2016-8209HigMay 8, 2017
    risk 0.49cvss 7.5epss 0.01

    Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management…

  • CVE-2026-5343HigMay 28, 2026
    risk 0.48cvss 7.4epss 0.00

    Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal SAML SSO - Service Provider allows Privilege Escalation. This issue affects SAML SSO - Service Provider: from 0.0.0 before 3.1.4.

  • CVE-2025-20625HigAug 12, 2025
    risk 0.48cvss 7.4epss 0.00

    Improper conditions check for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.110.0.5 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

  • CVE-2018-0005HigJan 10, 2018
    risk 0.48cvss 7.4epss 0.01

    QFX and EX Series switches configured to drop traffic when the MAC move limit is exceeded will forward traffic instead of dropping traffic. This can lead to denials of services or other unintended conditions. Affected releases are Juniper Networks Junos OS: 14.1X53 versions…

  • CVE-2017-1000407HigDec 11, 2017
    risk 0.48cvss 7.4epss 0.01

    The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic.

  • CVE-2024-10945HigNov 12, 2024
    risk 0.47cvss 7.3epss 0.00

    A Local Privilege Escalation vulnerability exists in the affected product. The vulnerability requires a local, low privileged threat actor to replace certain files during update and exists due to a failure to perform proper security checks before installation.

  • CVE-2024-34694HigJun 14, 2024
    risk 0.46cvss 8.1epss 0.01

    LNbits is a Lightning wallet and accounts system. Paying invoices in Eclair that do not get settled within the internal timeout (about 30s) lead to a payment being considered failed, even though it may still be in flight. This vulnerability can lead to a total loss of funds for…

  • CVE-2024-4611HigMay 29, 2024
    risk 0.46cvss 8.1epss 0.01

    The AppPresser plugin for WordPress is vulnerable to improper missing encryption exception handling on the 'decrypt_value' and on the 'doCookieAuth' functions in all versions up to, and including, 4.3.2. This makes it possible for unauthenticated attackers to log in as any…

  • CVE-2024-34360HigMay 14, 2024
    risk 0.46cvss 8.2epss 0.01

    go-spacemesh is a Go implementation of the Spacemesh protocol full node. Nodes can publish activations transactions (ATXs) which reference the incorrect previous ATX of the Smesher that created the ATX. ATXs are expected to form a single chain from the newest to the first ATX…

  • CVE-2017-0610HigMay 12, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…

  • CVE-2026-20754MedMay 12, 2026
    risk 0.45cvss epss 0.00

    Improper conditions check in some firmware for some Intel(R) NPU Drivers within Ring 1: Device Drivers may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may…

  • CVE-2025-12387MedJan 27, 2026
    risk 0.45cvss epss 0.01

    A vulnerability in the Pix-Link LV-WR21Q router's language module allows remote attackers to trigger a denial of service (DoS) by sending a specially crafted HTTP POST request containing non-existing language parameter. This renders the server unable to serve correct lang.js…

  • CVE-2025-64342MedNov 17, 2025
    risk 0.45cvss epss 0.00

    ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. When the ESP32 is in advertising mode, if it receives a connection request containing an invalid Access Address (AA) of 0x00000000 or 0xFFFFFFFF, advertising may stop unexpectedly. In this case, the…

  • CVE-2026-21009MedApr 13, 2026
    risk 0.44cvss 6.8epss 0.00

    Improper check for exceptional conditions in Recents prior to SMR Apr-2026 Release 1 allows physical attacker to bypass App Pinning.

  • CVE-2026-21007MedApr 13, 2026
    risk 0.44cvss 6.8epss 0.00

    Improper check for exceptional conditions in Device Care prior to SMR Apr-2026 Release 1 allows physical attackers to bypass Knox Guard.

  • CVE-2025-20070MedFeb 10, 2026
    risk 0.44cvss 6.7epss 0.00

    Improper conditions check for the Intel(R) Optane(TM) PMem management software before versions CR_MGMT_02.00.00.4052, CR_MGMT_03.00.00.0538 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined…

  • CVE-2025-0116MedMar 12, 2025
    risk 0.44cvss epss 0.00

    A Denial of Service (DoS) vulnerability in Palo Alto Networks PAN-OS software causes the firewall to unexpectedly reboot when processing a specially crafted LLDP frame sent by an unauthenticated adjacent attacker. Repeated attempts to initiate this condition causes the firewall…