VYPR

CWE-755

Improper Handling of Exceptional Conditions

ClassIncompleteLikelihood: Medium

Description

The product does not handle or incorrectly handles an exceptional condition.

Hierarchy (View 1000)

CVEs mapped to this weakness (140)

page 3 of 7
  • CVE-2026-40074HigApr 10, 2026
    risk 0.42cvss 7.5epss 0.00

    SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte. Prior to 2.57.1, redirect, when called from inside the handle server hook with a location parameter containing characters that are invalid in a HTTP header, will cause an unhandled…

  • CVE-2025-59530HigOct 10, 2025
    risk 0.42cvss 7.5epss 0.00

    quic-go is an implementation of the QUIC protocol in Go. In versions prior to 0.49.0, 0.54.1, and 0.55.0, a misbehaving or malicious server can cause a denial-of-service (DoS) attack on the quic-go client by triggering an assertion failure, leading to a process crash. This…

  • CVE-2025-58047HigAug 28, 2025
    risk 0.42cvss 7.5epss 0.01

    Volto is a React based frontend for the Plone Content Management System. In versions from 19.0.0-alpha.1 to before 19.0.0-alpha.4, 18.0.0 to before 18.24.0, 17.0.0 to before 17.22.1, and prior to 16.34.0, an anonymous user could cause the NodeJS server part of Volto to quit with…

  • CVE-2024-51766MedNov 22, 2024
    risk 0.42cvss 6.5epss 0.00

    A potential security vulnerability has been identified in the HPE NonStop DISK UTIL (T9208) product. This vulnerability could be exploited to cause a denial of service (DoS) to NonStop server. It exists in all prior DISK UTIL product versions of L-series and J-series.

  • CVE-2018-16781MedSep 10, 2018
    risk 0.42cvss 6.5epss 0.01

    ffjpeg.dll in ffjpeg before 2018-08-22 allows remote attackers to cause a denial of service (FPE signal) via a progressive JPEG file that lacks an AC Huffman table.

  • CVE-2018-1269MedJun 6, 2018
    risk 0.42cvss 6.5epss 0.01

    Cloud Foundry Loggregator, versions 89.x prior to 89.5 or 96.x prior to 96.1 or 99.x prior to 99.1 or 101.x prior to 101.9 or 102.x prior to 102.2, does not handle errors thrown while constructing certain http requests. A remote authenticated user may construct malicious…

  • CVE-2017-9658MedApr 30, 2018
    risk 0.42cvss 6.5epss 0.01

    Certain 802.11 network management messages have been determined to invoke wireless access point blacklisting security defenses when not required, which can necessitate intervention by hospital staff to reset the device and reestablish a network connection to the Wi-Fi access…

  • CVE-2017-9657MedApr 30, 2018
    risk 0.42cvss 6.5epss 0.01

    Under specific 802.11 network conditions, a partial re-association of the Philips IntelliVue MX40 Version B.06.18 WLAN monitor to the central monitoring station is possible. In this state, the central monitoring station can indicate the MX40 is not connected or associated to the…

  • CVE-2017-17044MedNov 28, 2017
    risk 0.42cvss 6.5epss 0.00

    An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to cause a denial of service (infinite loop and host OS hang) by leveraging the mishandling of Populate on Demand (PoD) errors.

  • CVE-2023-43686MedJun 9, 2026
    risk 0.40cvss 6.2epss 0.00

    An issue was discovered in Malwarebytes 4.x and 5.x (and Nebula 2020-10-21 and later). A large number of Firefox preference files can cause the parser to ignore other browser configuration files, leading to a denial of service.

  • CVE-2026-48961HigMay 27, 2026
    risk 0.40cvss 7.3epss 0.00

    IO::Compress versions from 2.207 before 2.220 for Perl ship a zipdetails CLI tool that crashes with undefined subroutine on Info-ZIP Unix Extra Field with 8-byte UID or GID. When decode_ux() in bin/zipdetails handles an Info-ZIP Unix Extra Field (tag 0x7875) with UID Size or…

  • CVE-2026-48036higJun 10, 2026
    risk 0.38cvss epss 0.00

    **Affected:** `@hulumi/drift` `< 1.4.0` — **Fixed in:** `1.4.0` — **Severity:** Medium — **CWE-755 (Improper Handling of Exceptional Conditions)** #### Summary `@hulumi/drift` runs four adapters that each ask a different question about whether a resource has drifted…

  • CVE-2024-47609MedOct 1, 2024
    risk 0.38cvss epss 0.01

    Tonic is a native gRPC client & server implementation with async/await support. When using tonic::transport::Server there is a remote DoS attack that can cause the server to exit cleanly on accepting a TCP/TLS stream. This can be triggered by causing the accept call to error out…

  • CVE-2018-0272MedApr 19, 2018
    risk 0.38cvss 5.9epss 0.01

    A vulnerability in the Secure Sockets Layer (SSL) Engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper error handling while processing SSL traffic. An attacker…

  • CVE-2017-3887MedApr 7, 2017
    risk 0.38cvss 5.9epss 0.01

    A vulnerability in the detection engine that handles Secure Sockets Layer (SSL) packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition because the Snort process unexpectedly restarts. This…

  • CVE-2024-37284MedJan 21, 2025
    risk 0.36cvss 5.5epss 0.00

    Improper handling of alternate encoding occurs when Elastic Defend on Windows systems attempts to scan a file or process encoded as a multibyte character. This leads to an uncaught exception causing Elastic Defend to crash which in turn will prevent it from quarantining the file…

  • CVE-2024-50001MedOct 21, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix error path in multi-packet WQE transmit Remove the erroneous unmap in case no DMA mapping was established The multi-packet WQE transmit code attempts to obtain a DMA mapping for the skb. This…

  • CVE-2017-7518MedJul 30, 2018
    risk 0.36cvss 5.5epss 0.01

    A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/process inside a guest could…

  • CVE-2017-11140MedJul 10, 2017
    risk 0.36cvss 5.5epss 0.02

    The ReadJPEGImage function in coders/jpeg.c in GraphicsMagick 1.3.26 creates a pixel cache before a successful read of a scanline, which allows remote attackers to cause a denial of service (resource consumption) via crafted JPEG files.

  • CVE-2021-22922MedAug 5, 2021
    risk 0.35cvss 6.5epss 0.04

    When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the metalink XML file.The metalink XML file points out to the client how to get the same contentfrom a set of different URLs, potentially hosted by…