Common Weakness Enumeration

CWE-754

Allowed-with-Review

Improper Check for Unusual or Exceptional Conditions

Abstraction: Class · Status: Incomplete

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

908 vulnerabilities reference this CWE, most recent first.

GHSA-2663-JM96-PP8F

Vulnerability from github – Published: 2024-12-18 21:30 – Updated: 2024-12-18 21:30
VLAI
Details

IBM MQ 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, 9.4 CD, IBM MQ Appliance 9.3 LTS, 9.3 CD, 9.4 LTS, and IBM MQ for HPE NonStop 8.1.0 through 8.1.0.25 could allow an authenticated user to cause a denial-of-service due to messages with improperly set values.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-51470"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-754"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-18T20:15:23Z",
    "severity": "MODERATE"
  },
  "details": "IBM MQ\u00a09.1 LTS, 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, 9.4 CD, IBM MQ Appliance\u00a09.3 LTS, 9.3 CD, 9.4 LTS, and IBM MQ for HPE NonStop 8.1.0 through 8.1.0.25\u00a0could allow an authenticated user to cause a denial-of-service due to messages with improperly set values.",
  "id": "GHSA-2663-jm96-pp8f",
  "modified": "2024-12-18T21:30:56Z",
  "published": "2024-12-18T21:30:56Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-51470"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7177593"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7178085"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7179137"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-26FJ-M6R6-QG3J

Vulnerability from github – Published: 2022-05-24 19:08 – Updated: 2022-05-24 19:08
VLAI
Details

On Juniper Networks Junos OS devices with Multipath or add-path feature enabled, processing a specific BGP UPDATE can lead to a routing process daemon (RPD) crash and restart, causing a Denial of Service (DoS). Continued receipt and processing of this UPDATE message will create a sustained Denial of Service (DoS) condition. This BGP UPDATE message can propagate to other BGP peers with vulnerable Junos versions on which Multipath or add-path feature is enabled, and cause RPD to crash and restart. This issue affects both IBGP and EBGP deployments in IPv4 or IPv6 network. Junos OS devices that do not have the BGP Multipath or add-path feature enabled are not affected by this issue. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S18; 15.1 versions prior to 15.1R7-S9; 17.3 versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S13, 17.4R3-S4; 18.1 versions prior to 18.1R3-S12; 18.2 versions prior to 18.2R3-S7; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R2-S6, 18.4R3-S6; 19.1 versions prior to 19.1R3-S3;

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-0282"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-754"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-07-15T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "On Juniper Networks Junos OS devices with Multipath or add-path feature enabled, processing a specific BGP UPDATE can lead to a routing process daemon (RPD) crash and restart, causing a Denial of Service (DoS). Continued receipt and processing of this UPDATE message will create a sustained Denial of Service (DoS) condition. This BGP UPDATE message can propagate to other BGP peers with vulnerable Junos versions on which Multipath or add-path feature is enabled, and cause RPD to crash and restart. This issue affects both IBGP and EBGP deployments in IPv4 or IPv6 network. Junos OS devices that do not have the BGP Multipath or add-path feature enabled are not affected by this issue. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S18; 15.1 versions prior to 15.1R7-S9; 17.3 versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S13, 17.4R3-S4; 18.1 versions prior to 18.1R3-S12; 18.2 versions prior to 18.2R3-S7; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R2-S6, 18.4R3-S6; 19.1 versions prior to 19.1R3-S3;",
  "id": "GHSA-26fj-m6r6-qg3j",
  "modified": "2022-05-24T19:08:07Z",
  "published": "2022-05-24T19:08:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-0282"
    },
    {
      "type": "WEB",
      "url": "https://kb.juniper.net/JSA11186"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-273R-MGR4-V34F

Vulnerability from github – Published: 2022-01-13 16:14 – Updated: 2022-01-21 13:25
VLAI
Summary
Uncaught Exception in engine.io
Details

Impact

A specially crafted HTTP request can trigger an uncaught exception on the Engine.IO server, thus killing the Node.js process.

RangeError: Invalid WebSocket frame: RSV2 and RSV3 must be clear at Receiver.getInfo (/.../node_modules/ws/lib/receiver.js:176:14) at Receiver.startLoop (/.../node_modules/ws/lib/receiver.js:136:22) at Receiver._write (/.../node_modules/ws/lib/receiver.js:83:10) at writeOrBuffer (internal/streams/writable.js:358:12)

This impacts all the users of the engine.io package starting from version 4.0.0, including those who uses depending packages like socket.io.

Patches

A fix has been released for each major branch:

Version range Fixed version
engine.io@4.x.x 4.1.2
engine.io@5.x.x 5.2.1
engine.io@6.x.x 6.1.1

Previous versions (< 4.0.0) are not impacted.

For socket.io users:

Version range engine.io version Needs minor update?
socket.io@4.4.x ~6.1.0 -
socket.io@4.3.x ~6.0.0 Please upgrade to socket.io@4.4.x
socket.io@4.2.x ~5.2.0 -
socket.io@4.1.x ~5.1.1 Please upgrade to socket.io@4.4.x
socket.io@4.0.x ~5.0.0 Please upgrade to socket.io@4.4.x
socket.io@3.1.x ~4.1.0 -
socket.io@3.0.x ~4.0.0 Please upgrade to socket.io@3.1.x or socket.io@4.4.x (see here)

In most cases, running npm audit fix should be sufficient. You can also use npm update engine.io --depth=9999.

Workarounds

There is no known workaround except upgrading to a safe version.

For more information

If you have any questions or comments about this advisory:

Thanks to Marcus Wejderot from Mevisio for the responsible disclosure.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "engine.io"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.0.0"
            },
            {
              "fixed": "4.1.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "engine.io"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.0.0"
            },
            {
              "fixed": "5.2.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "engine.io"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "6.0.0"
            },
            {
              "fixed": "6.1.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-21676"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-754",
      "CWE-755"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-01-12T19:26:23Z",
    "nvd_published_at": "2022-01-12T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "### Impact\n\nA specially crafted HTTP request can trigger an uncaught exception on the Engine.IO server, thus killing the Node.js process.\n\n\u003e RangeError: Invalid WebSocket frame: RSV2 and RSV3 must be clear\n\u003e   at Receiver.getInfo (/.../node_modules/ws/lib/receiver.js:176:14)\n\u003e   at Receiver.startLoop (/.../node_modules/ws/lib/receiver.js:136:22)\n\u003e   at Receiver._write (/.../node_modules/ws/lib/receiver.js:83:10)\n\u003e   at writeOrBuffer (internal/streams/writable.js:358:12)\n\nThis impacts all the users of the [`engine.io`](https://www.npmjs.com/package/engine.io) package starting from version `4.0.0`, including those who uses depending packages like [`socket.io`](https://www.npmjs.com/package/socket.io).\n\n### Patches\n\nA fix has been released for each major branch:\n\n| Version range | Fixed version |\n| --- | --- |\n| `engine.io@4.x.x` | `4.1.2` |\n| `engine.io@5.x.x` | `5.2.1` |\n| `engine.io@6.x.x` | `6.1.1` |\n\nPrevious versions (`\u003c 4.0.0`) are not impacted.\n\nFor `socket.io` users:\n\n| Version range | `engine.io` version | Needs minor update? |\n| --- | --- | --- |\n| `socket.io@4.4.x` | `~6.1.0` | -\n| `socket.io@4.3.x` | `~6.0.0` | Please upgrade to `socket.io@4.4.x`\n| `socket.io@4.2.x` | `~5.2.0` | -\n| `socket.io@4.1.x` | `~5.1.1` | Please upgrade to `socket.io@4.4.x`\n| `socket.io@4.0.x` | `~5.0.0` | Please upgrade to `socket.io@4.4.x`\n| `socket.io@3.1.x` | `~4.1.0` | -\n| `socket.io@3.0.x` | `~4.0.0` | Please upgrade to `socket.io@3.1.x` or `socket.io@4.4.x` (see [here](https://socket.io/docs/v4/migrating-from-3-x-to-4-0/))\n\nIn most cases, running `npm audit fix` should be sufficient. You can also use  `npm update engine.io --depth=9999`.\n\n### Workarounds\n\nThere is no known workaround except upgrading to a safe version.\n\n### For more information\n\nIf you have any questions or comments about this advisory:\n\n* Open an issue in [`engine.io`](https://github.com/socketio/engine.io)\n\nThanks to Marcus Wejderot from Mevisio for the responsible disclosure.\n",
  "id": "GHSA-273r-mgr4-v34f",
  "modified": "2022-01-21T13:25:59Z",
  "published": "2022-01-13T16:14:17Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/socketio/engine.io/security/advisories/GHSA-273r-mgr4-v34f"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21676"
    },
    {
      "type": "WEB",
      "url": "https://github.com/socketio/engine.io/commit/66f889fc1d966bf5bfa0de1939069153643874ab"
    },
    {
      "type": "WEB",
      "url": "https://github.com/socketio/engine.io/commit/a70800d7e96da32f6e6622804ef659ebc58659db"
    },
    {
      "type": "WEB",
      "url": "https://github.com/socketio/engine.io/commit/c0e194d44933bd83bf9a4b126fca68ba7bf5098c"
    },
    {
      "type": "WEB",
      "url": "https://github.com/socketio/engine.io"
    },
    {
      "type": "WEB",
      "url": "https://github.com/socketio/engine.io/releases/tag/4.1.2"
    },
    {
      "type": "WEB",
      "url": "https://github.com/socketio/engine.io/releases/tag/5.2.1"
    },
    {
      "type": "WEB",
      "url": "https://github.com/socketio/engine.io/releases/tag/6.1.1"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20220209-0002"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Uncaught Exception in engine.io"
}

GHSA-273R-RM8G-7F3X

Vulnerability from github – Published: 2021-12-13 21:33 – Updated: 2021-12-13 20:20
VLAI
Summary
Uncaught Exception in mercurius
Details

Impact

Any users from Mercurius@8.10.0 to 8.11.1 are subjected to a denial of service attack by sending a malformed JSON to /graphql unless they are using a custom error handler.

Patches

The vulnerability has been fixed in https://github.com/mercurius-js/mercurius/pull/678 and shipped as v8.11.2.

Workarounds

Use a custom error handler.

References

See https://github.com/mercurius-js/mercurius/issues/677

For more information

If you have any questions or comments about this advisory: * Open an issue in https://github.com/mercurius-js/mercurius * Email us at hello@matteocollina.com

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "mercurius"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "8.10.0"
            },
            {
              "fixed": "8.11.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-43801"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-754"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-12-13T20:20:28Z",
    "nvd_published_at": "2021-12-13T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "### Impact\n\nAny users from Mercurius@8.10.0 to 8.11.1 are subjected to a denial of service attack by sending a malformed JSON to `/graphql` unless they are using a custom error handler.\n\n### Patches\n\nThe vulnerability has been fixed in https://github.com/mercurius-js/mercurius/pull/678 and shipped as v8.11.2.\n\n### Workarounds\n\nUse a custom error handler.\n\n### References\n\nSee https://github.com/mercurius-js/mercurius/issues/677\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in https://github.com/mercurius-js/mercurius\n* Email us at [hello@matteocollina.com](mailto:hello@matteocollina.com)\n",
  "id": "GHSA-273r-rm8g-7f3x",
  "modified": "2021-12-13T20:20:28Z",
  "published": "2021-12-13T21:33:04Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/mercurius-js/mercurius/security/advisories/GHSA-273r-rm8g-7f3x"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43801"
    },
    {
      "type": "WEB",
      "url": "https://github.com/mercurius-js/mercurius/issues/677"
    },
    {
      "type": "WEB",
      "url": "https://github.com/mercurius-js/mercurius/pull/678/commits/732b2f895312da8deadd7b173dcd2d141d54b223"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/mercurius-js/mercurius"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Uncaught Exception in mercurius"
}

GHSA-292Q-V67V-F66G

Vulnerability from github – Published: 2026-01-27 12:31 – Updated: 2026-01-27 12:31
VLAI
Details

A vulnerability in the Pix-Link LV-WR21Q router's language module allows remote attackers to trigger a denial of service (DoS) by sending a specially crafted HTTP POST request containing non-existing language parameter. This renders the server unable to serve correct lang.js file, which causes administrator panel to not work, resulting in DoS until the language settings is reverted to a correct value. The Denial of Service affects only the administrator panel and does not affect other router functionalities.

The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version V108_108 was tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-12387"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-754"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-01-27T12:15:57Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability in the Pix-Link LV-WR21Q router\u0027s language module allows remote attackers to trigger a denial of service (DoS) by sending a specially crafted HTTP POST request containing non-existing language parameter. This renders the server unable to serve correct lang.js file, which causes administrator panel to not work, resulting in DoS until the language settings is reverted to a correct value. The Denial of Service affects only the administrator panel and does not affect other router functionalities.\n\nThe vendor was notified early about this vulnerability, but didn\u0027t respond with the details of vulnerability or vulnerable version range. Only version V108_108 was tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.",
  "id": "GHSA-292q-v67v-f66g",
  "modified": "2026-01-27T12:31:18Z",
  "published": "2026-01-27T12:31:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12387"
    },
    {
      "type": "WEB",
      "url": "https://cert.pl/en/posts/2026/01/CVE-2025-12386"
    },
    {
      "type": "WEB",
      "url": "https://github.com/wcyb/security_research"
    },
    {
      "type": "WEB",
      "url": "https://www.pix-link.com/lv-wr21q"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-2CJ7-MG3X-9MHQ

Vulnerability from github – Published: 2023-11-06 18:30 – Updated: 2026-05-12 12:31
VLAI
Details

Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow.

Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service.

While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn't make any of these checks, and is therefore vulnerable for excessively large P and Q parameters.

Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn't check for an excessively large Q.

An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack.

DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate().

Also vulnerable are the OpenSSL pkey command line application when using the "-pubcheck" option, as well as the OpenSSL genpkey command line application.

The OpenSSL SSL/TLS implementation is not affected by this issue.

The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-5678"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-606",
      "CWE-754"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-11-06T16:15:42Z",
    "severity": "HIGH"
  },
  "details": "Issue summary: Generating excessively long X9.42 DH keys or checking\nexcessively long X9.42 DH keys or parameters may be very slow.\n\nImpact summary: Applications that use the functions DH_generate_key() to\ngenerate an X9.42 DH key may experience long delays.  Likewise, applications\nthat use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check()\nto check an X9.42 DH key or X9.42 DH parameters may experience long delays.\nWhere the key or parameters that are being checked have been obtained from\nan untrusted source this may lead to a Denial of Service.\n\nWhile DH_check() performs all the necessary checks (as of CVE-2023-3817),\nDH_check_pub_key() doesn\u0027t make any of these checks, and is therefore\nvulnerable for excessively large P and Q parameters.\n\nLikewise, while DH_generate_key() performs a check for an excessively large\nP, it doesn\u0027t check for an excessively large Q.\n\nAn application that calls DH_generate_key() or DH_check_pub_key() and\nsupplies a key or parameters obtained from an untrusted source could be\nvulnerable to a Denial of Service attack.\n\nDH_generate_key() and DH_check_pub_key() are also called by a number of\nother OpenSSL functions.  An application calling any of those other\nfunctions may similarly be affected.  The other functions affected by this\nare DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate().\n\nAlso vulnerable are the OpenSSL pkey command line application when using the\n\"-pubcheck\" option, as well as the OpenSSL genpkey command line application.\n\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\n\nThe OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.",
  "id": "GHSA-2cj7-mg3x-9mhq",
  "modified": "2026-05-12T12:31:34Z",
  "published": "2023-11-06T18:30:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5678"
    },
    {
      "type": "WEB",
      "url": "https://www.openssl.org/news/secadv/20231106.txt"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20231130-0010"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00000.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00033.html"
    },
    {
      "type": "WEB",
      "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6"
    },
    {
      "type": "WEB",
      "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db925ae2e65d0d925adef429afc37f75bd1c2017"
    },
    {
      "type": "WEB",
      "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=710fee740904b6290fef0dd5536fbcedbc38ff0c"
    },
    {
      "type": "WEB",
      "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=34efaef6c103d636ab507a0cc34dca4d3aecc055"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-915275.html"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-794697.html"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-769027.html"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-613116.html"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-556635.html"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-398330.html"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-341067.html"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-331112.html"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-277137.html"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-128433.html"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-093430.html"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2023/11/06/2"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2024/03/11/1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-2FHX-5JJ5-PJHV

Vulnerability from github – Published: 2026-02-10 18:30 – Updated: 2026-02-10 18:30
VLAI
Details

Improper conditions check in some firmware for some Intel(R) NPU Drivers within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable data corruption. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (low) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-33030"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-754"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-02-10T17:16:17Z",
    "severity": "LOW"
  },
  "details": "Improper conditions check in some firmware for some Intel(R) NPU Drivers within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable data corruption. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (low) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.",
  "id": "GHSA-2fhx-5jj5-pjhv",
  "modified": "2026-02-10T18:30:40Z",
  "published": "2026-02-10T18:30:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-33030"
    },
    {
      "type": "WEB",
      "url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01403.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-2GHJ-FM9G-W3JM

Vulnerability from github – Published: 2026-03-11 18:30 – Updated: 2026-03-11 18:30
VLAI
Details

A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on macOS allows a local administrator to disable the agent. This issue could be leveraged by malware to perform malicious activity without detection.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-0230"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-754"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-11T18:16:21Z",
    "severity": "MODERATE"
  },
  "details": "A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on macOS allows a local administrator to disable the agent. This issue could be leveraged by malware to perform malicious activity without detection.",
  "id": "GHSA-2ghj-fm9g-w3jm",
  "modified": "2026-03-11T18:30:33Z",
  "published": "2026-03-11T18:30:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0230"
    },
    {
      "type": "WEB",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0230"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:D/RE:M/U:Amber",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-2GMM-FH28-FR6W

Vulnerability from github – Published: 2024-11-09 00:30 – Updated: 2024-11-12 18:30
VLAI
Details

vmir e8117 was discovered to contain a segmentation violation via the import_function function at /src/vmir_wasm_parser.c.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-35424"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-754"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-08T22:15:16Z",
    "severity": "MODERATE"
  },
  "details": "vmir e8117 was discovered to contain a segmentation violation via the import_function function at /src/vmir_wasm_parser.c.",
  "id": "GHSA-2gmm-fh28-fr6w",
  "modified": "2024-11-12T18:30:51Z",
  "published": "2024-11-09T00:30:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35424"
    },
    {
      "type": "WEB",
      "url": "https://github.com/andoma/vmir/issues/21"
    },
    {
      "type": "WEB",
      "url": "https://gist.github.com/haruki3hhh/58fa3df36ca7d0c972c7481cf80ffd80"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-2H6C-J3GF-XP9R

Vulnerability from github – Published: 2023-02-10 19:52 – Updated: 2023-02-10 19:52
VLAI
Summary
IPFS go-bitfield vulnerable to DoS via malformed size arguments
Details

Impact

When feeding untrusted user input into the size parameter of NewBitfield and FromBytes functions, an attacker can trigger panics.

This happen when the size is a not a multiple of 8 or is negative. There were already a note in the NewBitfield documentation:

``` Panics if size is not a multiple of 8. ````

But it incomplete and missing from FromBytes's documentation.

This has been replaced by returning an (Bitfield, error) and returning a non nil error if the size is wrong.

Patches

  • https://github.com/ipfs/go-bitfield/commit/5e1d256fe043fc4163343ccca83862c69c52e579

Workarounds

  • Ensure size%8 == 0 && size >= 0 yourself before calling NewBitfield or FromBytes

References

  • https://github.com/ipfs/go-unixfs/security/advisories/GHSA-q264-w97q-q778
Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/ipfs/go-bitfield"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.1.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-23626"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1284",
      "CWE-754"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-02-10T19:52:45Z",
    "nvd_published_at": "2023-02-09T21:15:00Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\nWhen feeding untrusted user input into the size parameter of `NewBitfield` and `FromBytes` functions, an attacker can trigger `panic`s.\n\nThis happen when the `size` is a not a multiple of `8` or is negative.\nThere were already a note in the `NewBitfield` documentation:\n\u003e ```\n\u003e Panics if size is not a multiple of 8.\n\u003e ````\n\nBut it incomplete and missing from `FromBytes`\u0027s documentation.\n\nThis has been replaced by returning an `(Bitfield, error)` and returning a non nil error if the size is wrong.\n\n### Patches\n- https://github.com/ipfs/go-bitfield/commit/5e1d256fe043fc4163343ccca83862c69c52e579\n\n### Workarounds\n- Ensure `size%8 == 0 \u0026\u0026 size \u003e= 0` yourself before calling `NewBitfield` or `FromBytes`\n\n### References\n- https://github.com/ipfs/go-unixfs/security/advisories/GHSA-q264-w97q-q778\n",
  "id": "GHSA-2h6c-j3gf-xp9r",
  "modified": "2023-02-10T19:52:45Z",
  "published": "2023-02-10T19:52:45Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/ipfs/go-bitfield/security/advisories/GHSA-2h6c-j3gf-xp9r"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23626"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ipfs/go-bitfield/commit/5e1d256fe043fc4163343ccca83862c69c52e579"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/ipfs/go-bitfield"
    },
    {
      "type": "WEB",
      "url": "https://pkg.go.dev/vuln/GO-2023-1558"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "IPFS go-bitfield vulnerable to DoS via malformed size arguments"
}

Mitigation MIT-3
Requirements

Strategy: Language Selection

  • Use a language that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
  • Choose languages with features such as exception handling that force the programmer to anticipate unusual conditions that may generate exceptions. Custom exceptions may need to be developed to handle unusual business-logic conditions. Be careful not to pass sensitive exceptions back to the user (CWE-209, CWE-248).
Mitigation
Implementation

Check the results of all functions that return a value and verify that the value is expected.

Mitigation
Implementation

If using exception handling, catch and throw specific exceptions instead of overly-general exceptions (CWE-396, CWE-397). Catch and handle exceptions as locally as possible so that exceptions do not propagate too far up the call stack (CWE-705). Avoid unchecked or uncaught exceptions where feasible (CWE-248).

Mitigation MIT-39
Implementation
  • Ensure that error messages only contain minimal details that are useful to the intended audience and no one else. The messages need to strike the balance between being too cryptic (which can confuse users) or being too detailed (which may reveal more than intended). The messages should not reveal the methods that were used to determine the error. Attackers can use detailed information to refine or optimize their original attack, thereby increasing their chances of success.
  • If errors must be captured in some detail, record them in log messages, but consider what could occur if the log messages can be viewed by attackers. Highly sensitive information such as passwords should never be saved to log files.
  • Avoid inconsistent messaging that might accidentally tip off an attacker about internal state, such as whether a user account exists or not.
  • Exposing additional information to a potential attacker in the context of an exceptional condition can help the attacker determine what attack vectors are most likely to succeed beyond DoS.
Mitigation MIT-5
Implementation

Strategy: Input Validation

  • Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
  • When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
  • Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
Mitigation MIT-38
Architecture and Design Implementation

If the program must fail, ensure that it fails gracefully (fails closed). There may be a temptation to simply let the program fail poorly in cases such as low memory conditions, but an attacker may be able to assert control before the software has fully exited. Alternately, an uncontrolled failure could cause cascading problems with other downstream components; for example, the program could send a signal to a downstream process so the process immediately knows that a problem has occurred and has a better chance of recovery.

Mitigation
Architecture and Design

Use system limits, which should help to prevent resource exhaustion. However, the product should still handle low resource conditions since they may still occur.

No CAPEC attack patterns related to this CWE.