Improper Check for Unusual or Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

CVEs (584)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-15815 1Faststone 1Image Viewer Nov 21, 2024 Mar 26, 2019 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 FastStone Image Viewer 6.5 has an Exception Handler Chain Corrupted issue starting at image00400000+0x00000000003ef68a via a crafted image file.
CVE-2018-12189 1Intel 2Converged Security Management Engine Firmware Trusted Execution Engine Firmware Nov 21, 2024 Mar 14, 2019 N/A· v4 4.4 MEDIUM· v3 2.1 LOW· v2 Unhandled exception in Content Protection subsystem in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before 3.1.60 or 4.0.10 may allow privileged user to potentially modify data via local...Show more Unhandled exception in Content Protection subsystem in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before 3.1.60 or 4.0.10 may allow privileged user to potentially modify data via local access.Show less
CVE-2019-9633 1Gnome 1Glib Nov 21, 2024 Mar 8, 2019 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 gio/gsocketclient.c in GNOME GLib 2.59.2 does not ensure that a parent GTask remains alive during the execution of a connection-attempting enumeration, which allows remote attackers to cause a denial of service (g_socket...Show more gio/gsocketclient.c in GNOME GLib 2.59.2 does not ensure that a parent GTask remains alive during the execution of a connection-attempting enumeration, which allows remote attackers to cause a denial of service (g_socket_client_connected_callback mishandling and application crash) via a crafted web site, as demonstrated by GNOME Web (aka Epiphany).Show less
CVE-2019-5763 4Debian FedoraprojectGoogle+1 more 6Chrome Debian LinuxEnterprise Linux Desktop+3 more Nov 21, 2024 Feb 19, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Failure to check error conditions in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2018-7833 1Schneider Electric 4Modicom Bmxnor0200h Firmware Modicom M340 FirmwareModicom Premium Firmware+1 more Nov 21, 2024 Dec 17, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An Improper Check for Unusual or Exceptional Conditions vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 where an unauthenticated user can send a specially crafte...Show more An Improper Check for Unusual or Exceptional Conditions vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 where an unauthenticated user can send a specially crafted XML data via a POST request to cause the web server to become unavailableShow less
CVE-2018-18690 3Canonical DebianLinux 3Debian Linux Linux KernelUbuntu Linux Nov 21, 2024 Oct 26, 2018 N/A· v4 5.5 MEDIUM· v3 4.9 MEDIUM· v2 In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attri...Show more In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_shortform_addname in fs/xfs/libxfs/xfs_attr.c mishandles ATTR_REPLACE operations with conversion of an attr from short to long form.Show less
CVE-2018-7789 1Schneider Electric 1Modicon M221 Firmware May 29, 2026 Aug 29, 2018 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 An Improper Check for Unusual or Exceptional Conditions vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized u...Show more An Improper Check for Unusual or Exceptional Conditions vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to remotely reboot Modicon M221 using crafted programing protocol frames.Show less
CVE-2018-13013 1Safensoft 3Enterprise Suite SyswatchTpsecure Nov 21, 2024 Jun 29, 2018 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Improper check of unusual conditions when launching msiexec.exe in safensec.com (SysWatch service) in SAFE'N'SEC SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure, and SoftControl/SafenSoft Enterprise Suite...Show more Improper check of unusual conditions when launching msiexec.exe in safensec.com (SysWatch service) in SAFE'N'SEC SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure, and SoftControl/SafenSoft Enterprise Suite before 4.4.9 allows the local attacker to bypass a code-signing protection mechanism and install/execute an unauthorized program by modifying the system configuration and installing a forged MSI file. (The intended behavior is that the component SysWatch does not allow installation of MSI files unless they are signed by a limited list of certificates.)Show less
CVE-2018-7287 1Digium 1Asterisk Nov 21, 2024 Feb 22, 2018 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in res_http_websocket.c in Asterisk 15.x through 15.2.1. If the HTTP server is enabled (default is disabled), WebSocket payloads of size 0 are mishandled (with a busy loop).
CVE-2017-12119 1Ethereum 1Cpp Ethereum Nov 21, 2024 Jan 19, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An exploitable unhandled exception vulnerability exists in multiple APIs of CPP-Ethereum JSON-RPC. Specially crafted JSON requests can cause an unhandled exception resulting in denial of service. An attacker can send mal...Show more An exploitable unhandled exception vulnerability exists in multiple APIs of CPP-Ethereum JSON-RPC. Specially crafted JSON requests can cause an unhandled exception resulting in denial of service. An attacker can send malicious JSON to trigger this vulnerability.Show less
CVE-2018-0005 1Juniper 1Junos Nov 21, 2024 Jan 10, 2018 N/A· v4 8.8 HIGH· v3 5.8 MEDIUM· v2 QFX and EX Series switches configured to drop traffic when the MAC move limit is exceeded will forward traffic instead of dropping traffic. This can lead to denials of services or other unintended conditions. Affected re...Show more QFX and EX Series switches configured to drop traffic when the MAC move limit is exceeded will forward traffic instead of dropping traffic. This can lead to denials of services or other unintended conditions. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D40; 15.1X53 versions prior to 15.1X53-D55; 15.1 versions prior to 15.1R7.Show less
CVE-2017-17815 2Canonical Nasm 2Netwide Assembler Ubuntu Linux May 13, 2026 Dec 21, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in is_mmacro() in asm/preproc.c that will cause a remote denial of service attack, because of a missing check for the relationship between minimum a...Show more In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in is_mmacro() in asm/preproc.c that will cause a remote denial of service attack, because of a missing check for the relationship between minimum and maximum parameter counts.Show less
CVE-2017-1000407 4Canonical DebianLinux+1 more 10Debian Linux Enterprise Linux DesktopEnterprise Linux Server+7 more May 13, 2026 Dec 11, 2017 N/A· v4 7.4 HIGH· v3 6.1 MEDIUM· v2 The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic.
CVE-2017-10895 1Sdnsproxy Project 1Sdnsproxy May 13, 2026 Dec 1, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 sDNSProxy.exe ver1.1.0.0 and earlier allows remote attackers to cause a denial of service via unspecified vectors.
CVE-2017-10894 1Streamrelay 1Streamrelay May 13, 2026 Dec 1, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 StreamRelay.NET.exe ver2.14.0.7 and earlier allows remote attackers to cause a denial of service via unspecified vectors.
CVE-2017-17085 2Debian Wireshark 2Debian Linux Wireshark May 13, 2026 Dec 1, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the CIP Safety dissector could crash. This was addressed in epan/dissectors/packet-cipsafety.c by validating the packet length.
CVE-2017-17084 2Debian Wireshark 2Debian Linux Wireshark May 13, 2026 Dec 1, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the IWARP_MPA dissector could crash. This was addressed in epan/dissectors/packet-iwarp-mpa.c by validating a ULPDU length.
CVE-2017-17083 2Debian Wireshark 2Debian Linux Wireshark May 13, 2026 Dec 1, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the NetBIOS dissector could crash. This was addressed in epan/dissectors/packet-netbios.c by ensuring that write operations are bounded by the beginning of a buffer.
CVE-2017-17044 1Xen 1Xen May 13, 2026 Nov 28, 2017 N/A· v4 6.5 MEDIUM· v3 4.9 MEDIUM· v2 An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to cause a denial of service (infinite loop and host OS hang) by leveraging the mishandling of Populate on Demand (PoD) errors.
CVE-2017-13142 1Imagemagick 1Imagemagick May 13, 2026 Aug 23, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, a crafted PNG file could trigger a crash because there was an insufficient check for short files.

Previous 1...26 27 282930 Next