Vulnerabilities > Improper Handling of Exceptional Conditions

DATE CVE VULNERABILITY TITLE RISK
2017-07-20 CVE-2017-11472 Improper Handling of Exceptional Conditions vulnerability in Linux Kernel
The acpi_ns_terminate() function in drivers/acpi/acpica/nsutils.c in the Linux kernel before 4.12 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table.
local
low complexity
linux CWE-755
7.1
2017-07-10 CVE-2017-11140 Improper Handling of Exceptional Conditions vulnerability in Graphicsmagick 1.3.26
The ReadJPEGImage function in coders/jpeg.c in GraphicsMagick 1.3.26 creates a pixel cache before a successful read of a scanline, which allows remote attackers to cause a denial of service (resource consumption) via crafted JPEG files.
local
low complexity
graphicsmagick CWE-755
5.5
2017-06-26 CVE-2017-7496 Improper Handling of Exceptional Conditions vulnerability in Fedoraproject ARM Installer 1.99.16
fedora-arm-installer up to and including 1.99.16 is vulnerable to local privilege escalation due to lack of checking the error condition of mount operation failure on unsafely created temporary directories.
local
high complexity
fedoraproject CWE-755
7.0
2017-06-26 CVE-2017-6678 Improper Handling of Exceptional Conditions vulnerability in Cisco Virtualized Packet Core
A vulnerability in the ingress UDP packet processing functionality of Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) Software 19.2 through 21.0 could allow an unauthenticated, remote attacker to cause both control function (CF) instances on an affected system to reload, resulting in a denial of service (DoS) condition.
network
low complexity
cisco CWE-755
7.5
2017-06-15 CVE-2017-0193 Improper Handling of Exceptional Conditions vulnerability in Microsoft products
Windows Hyper-V in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to gain elevated privileges on a target guest operating system when Windows Hyper-V instruction emulation fails to properly enforce privilege levels, aka "Hypervisor Code Integrity Elevation of Privilege Vulnerability".
local
low complexity
microsoft CWE-755
7.8
2017-06-06 CVE-2017-5664 Improper Handling of Exceptional Conditions vulnerability in Apache Tomcat
The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page.
network
low complexity
apache CWE-755
7.5
2017-05-12 CVE-2017-0622 Improper Handling of Exceptional Conditions vulnerability in Linux Kernel 3.10
An elevation of privilege vulnerability in the Goodix touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel.
local
high complexity
linux CWE-755
7.0
2017-05-03 CVE-2017-6628 Improper Handling of Exceptional Conditions vulnerability in Cisco Wide Area Application Services 6.2.1/6.2.1A/6.2.3A
A vulnerability in SMART-SSL Accelerator functionality for Cisco Wide Area Application Services (WAAS) 6.2.1, 6.2.1a, and 6.2.3a could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition where the WAN optimization could stop functioning while the process restarts.
network
high complexity
cisco CWE-755
6.8
2017-04-07 CVE-2017-3887 Improper Handling of Exceptional Conditions vulnerability in Cisco Firepower Threat Defense 6.0.1/6.1.0/6.2.0
A vulnerability in the detection engine that handles Secure Sockets Layer (SSL) packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition because the Snort process unexpectedly restarts.
network
high complexity
cisco CWE-755
5.9
2017-04-06 CVE-2017-3832 Improper Handling of Exceptional Conditions vulnerability in Cisco Wireless LAN Controller Firmware 8.3.102.0
A vulnerability in the web management interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
network
low complexity
cisco CWE-755
7.5