Common Weakness Enumeration

CWE-755

Discouraged

Improper Handling of Exceptional Conditions

Abstraction: Class · Status: Incomplete

The product does not handle or incorrectly handles an exceptional condition.

686 vulnerabilities reference this CWE, most recent first.

GHSA-V9X5-9RJ9-J343

Vulnerability from github – Published: 2024-02-29 21:30 – Updated: 2024-08-01 15:31
VLAI
Details

D-Link DIR-823G A1V1.0.2B05 was discovered to contain a Null-pointer dereferences in sub_4110f4(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-27662"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-395",
      "CWE-755"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-02-29T20:15:41Z",
    "severity": "MODERATE"
  },
  "details": "D-Link DIR-823G A1V1.0.2B05 was discovered to contain a Null-pointer dereferences in sub_4110f4(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.",
  "id": "GHSA-v9x5-9rj9-j343",
  "modified": "2024-08-01T15:31:29Z",
  "published": "2024-02-29T21:30:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27662"
    },
    {
      "type": "WEB",
      "url": "https://calm-healer-839.notion.site/D-LINK-DIR-823G-NPD-0x4116F0-5befc4a65457482c8c4dcb16910ab820?pvs=4"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-VCJX-VHG2-3WR3

Vulnerability from github – Published: 2022-05-24 17:33 – Updated: 2022-05-24 17:33
VLAI
Details

Visual Components (owned by KUKA) is a robotic simulator that allows simulating factories and robots in order toimprove planning and decision-making processes. Visual Components software requires a special license which can beobtained from a network license server. The network license server binds to all interfaces (0.0.0.0) and listensfor packets over UDP port 5093. No authentication/authorization is required in order to communicate with theserver. The protocol being used is a property protocol by RMS Sentinel which provides the licensing infrastructurefor the network license server. RMS Sentinel license manager service exposes UDP port 5093 which provides sensitivesystem information that could be leveraged for further exploitation without any kind of authentication. Thisinformation includes detailed hardware and OS characteristics.After a decryption process, a textual protocol is found which contains a simple header with the requested command,application-identifier, and some arguments. The protocol is vulnerable to DoS through an arbitrary pointerderreference. This flaw allows an attacker to to pass a specially crafted package that, when processed by theservice, causes an arbitrary pointer from the stack to be dereferenced, causing an uncaught exception thatterminates the service. This can be further contructed in combination with RVDP#710 which exploits an informationdisclosure leak, or with RVDP#711 for an stack-overflow and potential code execution.Beyond denying simulations, Visual Components provides capabilities to interface with industrial machinery andautomate certain processes (e.g. testing, benchmarking, etc.) which depending on the DevOps setup might beintegrated into the industrial flow. Accordingly, a DoS in the simulation might have higher repercusions, dependingon the Industrial Control System (ICS) ICS infrastructure.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-10292"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119",
      "CWE-755"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-11-06T12:15:00Z",
    "severity": "HIGH"
  },
  "details": "Visual Components (owned by KUKA) is a robotic simulator that allows simulating factories and robots in order toimprove planning and decision-making processes. Visual Components software requires a special license which can beobtained from a network license server. The network license server binds to all interfaces (0.0.0.0) and listensfor packets over UDP port 5093. No authentication/authorization is required in order to communicate with theserver. The protocol being used is a property protocol by RMS Sentinel which provides the licensing infrastructurefor the network license server. RMS Sentinel license manager service exposes UDP port 5093 which provides sensitivesystem information that could be leveraged for further exploitation without any kind of authentication. Thisinformation includes detailed hardware and OS characteristics.After a decryption process, a textual protocol is found which contains a simple header with the requested command,application-identifier, and some arguments. The protocol is vulnerable to DoS through an arbitrary pointerderreference. This flaw allows an attacker to to pass a specially crafted package that, when processed by theservice, causes an arbitrary pointer from the stack to be dereferenced, causing an uncaught exception thatterminates the service. This can be further contructed in combination with RVDP#710 which exploits an informationdisclosure leak, or with RVDP#711 for an stack-overflow and potential code execution.Beyond denying simulations, Visual Components provides capabilities to interface with industrial machinery andautomate certain processes (e.g. testing, benchmarking, etc.) which depending on the DevOps setup might beintegrated into the industrial flow. Accordingly, a DoS in the simulation might have higher repercusions, dependingon the Industrial Control System (ICS) ICS infrastructure.",
  "id": "GHSA-vcjx-vhg2-3wr3",
  "modified": "2022-05-24T17:33:17Z",
  "published": "2022-05-24T17:33:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10292"
    },
    {
      "type": "WEB",
      "url": "https://www.visualcomponents.com/products/visual-components"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-VFR8-H6PW-GFPC

Vulnerability from github – Published: 2022-05-12 00:01 – Updated: 2022-05-20 00:00
VLAI
Details

Local privilege escalation in Windows products of ESET allows user who is logged into the system to exploit repair feature of the installer to run malicious code with higher privileges. This issue affects: ESET, spol. s r.o. ESET NOD32 Antivirus 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Internet Security 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Smart Security Premium 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Endpoint Antivirus 6.0 versions prior to 9.0.2046.0; 6.0 versions prior to 8.1.2050.0; 6.0 versions prior to 8.0.2053.0. ESET, spol. s r.o. ESET Endpoint Security 6.0 versions prior to 9.0.2046.0; 6.0 versions prior to 8.1.2050.0; 6.0 versions prior to 8.0.2053.0. ESET, spol. s r.o. ESET Server Security for Microsoft Windows Server 8.0 versions prior to 9.0.12012.0. ESET, spol. s r.o. ESET File Security for Microsoft Windows Server 8.0.12013.0. ESET, spol. s r.o. ESET Mail Security for Microsoft Exchange Server 6.0 versions prior to 8.0.10020.0. ESET, spol. s r.o. ESET Mail Security for IBM Domino 6.0 versions prior to 8.0.14011.0. ESET, spol. s r.o. ESET Security for Microsoft SharePoint Server 6.0 versions prior to 8.0.15009.0.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-37851"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-755"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-05-11T15:15:00Z",
    "severity": "HIGH"
  },
  "details": "Local privilege escalation in Windows products of ESET allows user who is logged into the system to exploit repair feature of the installer to run malicious code with higher privileges. This issue affects: ESET, spol. s r.o. ESET NOD32 Antivirus 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Internet Security 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Smart Security Premium 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Endpoint Antivirus 6.0 versions prior to 9.0.2046.0; 6.0 versions prior to 8.1.2050.0; 6.0 versions prior to 8.0.2053.0. ESET, spol. s r.o. ESET Endpoint Security 6.0 versions prior to 9.0.2046.0; 6.0 versions prior to 8.1.2050.0; 6.0 versions prior to 8.0.2053.0. ESET, spol. s r.o. ESET Server Security for Microsoft Windows Server 8.0 versions prior to 9.0.12012.0. ESET, spol. s r.o. ESET File Security for Microsoft Windows Server 8.0.12013.0. ESET, spol. s r.o. ESET Mail Security for Microsoft Exchange Server 6.0 versions prior to 8.0.10020.0. ESET, spol. s r.o. ESET Mail Security for IBM Domino 6.0 versions prior to 8.0.14011.0. ESET, spol. s r.o. ESET Security for Microsoft SharePoint Server 6.0 versions prior to 8.0.15009.0.",
  "id": "GHSA-vfr8-h6pw-gfpc",
  "modified": "2022-05-20T00:00:37Z",
  "published": "2022-05-12T00:01:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37851"
    },
    {
      "type": "WEB",
      "url": "https://support.eset.com/en/ca8268"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-VJFX-X9XG-H5H6

Vulnerability from github – Published: 2022-05-24 17:47 – Updated: 2023-06-26 21:30
VLAI
Details

Improper handling of exceptional conditions in Bixby prior to version 3.0.53.02 allows attacker to execute the actions registered by the user.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-25380"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-703",
      "CWE-755"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-04-09T18:15:00Z",
    "severity": "HIGH"
  },
  "details": "Improper handling of exceptional conditions in Bixby prior to version 3.0.53.02 allows attacker to execute the actions registered by the user.",
  "id": "GHSA-vjfx-x9xg-h5h6",
  "modified": "2023-06-26T21:30:51Z",
  "published": "2022-05-24T17:47:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25380"
    },
    {
      "type": "WEB",
      "url": "https://security.samsungmobile.com"
    },
    {
      "type": "WEB",
      "url": "https://security.samsungmobile.com/serviceWeb.smsb"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-VM2C-WQQR-V3GC

Vulnerability from github – Published: 2022-05-24 19:02 – Updated: 2022-05-24 19:02
VLAI
Details

rxvt-unicode 9.22, rxvt 2.7.10, mrxvt 0.5.4, and Eterm 0.9.7 allow (potentially remote) code execution because of improper handling of certain escape sequences (ESC G Q). A response is terminated by a newline.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-33477"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-755"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-05-20T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "rxvt-unicode 9.22, rxvt 2.7.10, mrxvt 0.5.4, and Eterm 0.9.7 allow (potentially remote) code execution because of improper handling of certain escape sequences (ESC G Q). A response is terminated by a newline.",
  "id": "GHSA-vm2c-wqqr-v3gc",
  "modified": "2022-05-24T19:02:49Z",
  "published": "2022-05-24T19:02:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33477"
    },
    {
      "type": "WEB",
      "url": "https://www.openwall.com/lists/oss-security/2021/05/17/1"
    },
    {
      "type": "WEB",
      "url": "https://www.openwall.com/lists/oss-security/2017/05/01/20"
    },
    {
      "type": "WEB",
      "url": "https://sourceforge.net/projects/rxvt/files/rxvt-dev"
    },
    {
      "type": "WEB",
      "url": "https://sourceforge.net/projects/materm/files/mrxvt%20source"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202209-07"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202105-17"
    },
    {
      "type": "WEB",
      "url": "https://packetstormsecurity.com/files/162621/rxvt-2.7.0-rxvt-unicode-9.22-Code-Execution.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UXAKO6N6NKTR6Z6KVAPEXSZQMRU52SGA"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SLPVEPBH37EBR4R54RMC6GD33J37HJXD"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZWGE2RJONBEHSPCBUAW72NTRTIFKZAX"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DUV4LDVZVW7KCGPAMFZD4ZJ4FVLPOX4C"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AO52OLNOOKOCZSJCN3R7Q25XA32BWNWP"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6RFMU5YXXNYYVA7G2DAHRXXHO6JKVFUT"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00012.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00011.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00010.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00026.html"
    },
    {
      "type": "WEB",
      "url": "https://git.enlightenment.org/apps/eterm.git/log"
    },
    {
      "type": "WEB",
      "url": "http://cvs.schmorp.de/rxvt-unicode/Changes?view=log"
    },
    {
      "type": "WEB",
      "url": "http://cvs.schmorp.de/rxvt-unicode/src/command.C?r1=1.582\u0026r2=1.583"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-VQP7-JHJ6-766W

Vulnerability from github – Published: 2022-06-22 00:00 – Updated: 2022-06-30 00:00
VLAI
Details

A maliciously crafted PDF file may be used to dereference a pointer for read or write operation while parsing PDF files in Autodesk Navisworks 2022. The vulnerability exists because the application fails to handle a crafted PDF file, which causes an unhandled exception. An attacker can leverage this vulnerability to cause a crash or read sensitive data or execute arbitrary code.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-27872"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-755"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-06-21T15:15:00Z",
    "severity": "HIGH"
  },
  "details": "A maliciously crafted PDF file may be used to dereference a pointer for read or write operation while parsing PDF files in Autodesk Navisworks 2022. The vulnerability exists because the application fails to handle a crafted PDF file, which causes an unhandled exception. An attacker can leverage this vulnerability to cause a crash or read sensitive data or execute arbitrary code.",
  "id": "GHSA-vqp7-jhj6-766w",
  "modified": "2022-06-30T00:00:35Z",
  "published": "2022-06-22T00:00:55Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27872"
    },
    {
      "type": "WEB",
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0011"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-VR4V-H7XQ-HWC6

Vulnerability from github – Published: 2022-05-24 17:00 – Updated: 2022-12-01 00:30
VLAI
Details

A flaw was found in the Ceph RGW configuration with Beast as the front end handling client requests. An unauthenticated attacker could crash the Ceph RGW server by sending valid HTTP headers and terminating the connection, resulting in a remote denial of service for Ceph RGW clients.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-10222"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-755"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-11-08T15:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A flaw was found in the Ceph RGW configuration with Beast as the front end handling client requests. An unauthenticated attacker could crash the Ceph RGW server by sending valid HTTP headers and terminating the connection, resulting in a remote denial of service for Ceph RGW clients.",
  "id": "GHSA-vr4v-h7xq-hwc6",
  "modified": "2022-12-01T00:30:43Z",
  "published": "2022-05-24T17:00:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10222"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2019:2577"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2019:2579"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2019-10222"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1739292"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10222"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html"
    },
    {
      "type": "WEB",
      "url": "https://tracker.ceph.com/issues/40018"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-VRGP-3VGJ-937C

Vulnerability from github – Published: 2022-05-24 17:05 – Updated: 2022-10-07 18:15
VLAI
Details

selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-20218"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-755"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-01-02T14:16:00Z",
    "severity": "HIGH"
  },
  "details": "selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error.",
  "id": "GHSA-vrgp-3vgj-937c",
  "modified": "2022-10-07T18:15:42Z",
  "published": "2022-05-24T17:05:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20218"
    },
    {
      "type": "WEB",
      "url": "https://github.com/sqlite/sqlite/commit/a6c1a71cde082e09750465d5675699062922e387"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00016.html"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202007-26"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4298-1"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-VWWF-CXX3-3HPV

Vulnerability from github – Published: 2024-01-24 21:30 – Updated: 2025-06-20 21:31
VLAI
Details

An assertion failure discovered in in check_certificate_request() in Contiki-NG tinyDTLS through master branch 53a0d97 allows attackers to cause a denial of service.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-42145"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-755"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-01-24T19:15:08Z",
    "severity": "HIGH"
  },
  "details": "An assertion failure discovered in in check_certificate_request() in Contiki-NG tinyDTLS through master branch 53a0d97 allows attackers to cause a denial of service.",
  "id": "GHSA-vwwf-cxx3-3hpv",
  "modified": "2025-06-20T21:31:54Z",
  "published": "2024-01-24T21:30:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-42145"
    },
    {
      "type": "WEB",
      "url": "https://seclists.org/fulldisclosure/2024/Jan/18"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2024/Jan/18"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-VWWX-M7WP-54F6

Vulnerability from github – Published: 2022-05-24 19:10 – Updated: 2022-05-24 19:10
VLAI
Details

Improper conditions check in some Intel(R) Ethernet Controllers 800 series Linux drivers before version 1.4.11 may allow an authenticated user to potentially enable information disclosure via local access.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-0003"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-755"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-08-11T13:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Improper conditions check in some Intel(R) Ethernet Controllers 800 series Linux drivers before version 1.4.11 may allow an authenticated user to potentially enable information disclosure via local access.",
  "id": "GHSA-vwwx-m7wp-54f6",
  "modified": "2022-05-24T19:10:45Z",
  "published": "2022-05-24T19:10:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-0003"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20210827-0008"
    },
    {
      "type": "WEB",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00515.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.