68 matches found
PT-2025-25989
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been identified, related to the dsa tree change tag proto function. This function may cause unexpected behavior when dsa tree notify fails,...
PT-2025-25879 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns an error handling path in the cm3605 probe function. A commit introduced a new error handling path that should redirect to the existing error handling path to preven...
PT-2025-23454 · Mediatek · Mediatek Chip Ims Service
Name of the Vulnerable Software and Affected Versions: MediaTek chip IMS service affected versions not specified Description: The issue is related to incorrect error handling in the ims service, which could lead to a system crash and result in a remote denial of service. This can occur if a UE...
CVE-2025-5263
Error handling for script execution was incorrectly isolated from web content, which could have allowed cross-origin leak attacks. This vulnerability affects Firefox 139, Firefox ESR 115.24, Firefox ESR 128.11, Thunderbird 139, and Thunderbird 128.11...
CVE-2025-5263 Error handling for script execution was incorrectly isolated from web content
Error handling for script execution was incorrectly isolated from web content, which could have allowed cross-origin leak attacks. This vulnerability was fixed in Firefox 139, Firefox ESR 115.24, Firefox ESR 128.11, Thunderbird 139, and Thunderbird 128.11...
CVE-2025-5263
Error handling for script execution was incorrectly isolated from web content, which could have allowed cross-origin leak attacks. This vulnerability was fixed in Firefox 139, Firefox ESR 115.24, Firefox ESR 128.11, Thunderbird 139, and Thunderbird 128.11...
CVE-2021-20068
Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scripting attacks via the error handling functionality of web pages...
cpython -- Use-after-free in "unicode_escape" decoder with error handler
[email protected] reports: There is an issue in CPython when using bytes.decode"unicodeescape", error="ignore|replace". If you are not using the "unicodeescape" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap t...
PT-2025-19331 · Modem · Modem
Name of the Vulnerable Software and Affected Versions: Modem affected versions not specified Description: In Modem, there is a possible information disclosure due to incorrect error handling. This could lead to remote information disclosure if a UE has connected to a rogue base station controlled...
CVE-2023-53058
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: E-Switch, Fix an Oops in error handling code The error handling dereferences "vport". There is nothing we can do if it is an error pointer except returning the error code...
CVE-2023-53058
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: E-Switch, Fix an Oops in error handling code The error handling dereferences "vport". There is nothing we can do if it is an error pointer except returning the error code...
PT-2025-16732
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference issue has been resolved in the Linux kernel. The issue occurred due to incorrect error handling flow when pci setup device fails, leading to a kernel oops duri...
CVE-2025-23185
Vulnerability summary: SAP Business Objects Business Intelligence Platform exposes internal technical details due to improper error handling. What is affected: SAP Business Objects BI Platform (information disclosure vulnerability). Root cause: Exceptions and stack traces reveal application inter...
Linux Distros Unpatched Vulnerability : CVE-2024-56769
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: dvb-frontends: dib3000mb: fix uninit-value in dib3000writereg Syzbot reports 1 an uninitialized value issue found by KMSAN in dib3000readreg. Local u8 rb...
Linux Distros Unpatched Vulnerability : CVE-2021-47337
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix bad pointer dereference when ehandler kthread is invalid Commit 66a834d09293...
Linux Distros Unpatched Vulnerability : CVE-2022-49524
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: media: pci: cx23885: Fix the error handling in cx23885initdev When the driver fails to call...
Linux Distros Unpatched Vulnerability : CVE-2022-49527
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: venus: hfi: avoid null dereference in deinit If venusprobe fails at pmruntimeputsync the error handling first calls hfidestroy and afterwards...
CVE-2025-0513
CVE-2025-0513 affects Octopus Server; root cause is unsafe handling of error page messages. If an attacker can influence any part of an error message, they may embed code, potentially affecting the user viewing the error. Documents provide CVSS v3.1 (Base 5.4, Network, Low privileges, User intera...
CVE-2025-20172
A vulnerability in the SNMP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker...
BIT-SUPERSET-2024-27315 Apache Superset: Improper error handling on alerts
An authenticated user with privileges to create Alerts on Alerts & Reports has the capability to generate a specially crafted SQL statement that triggers an error on the database. This error is not properly handled by Apache Superset and may inadvertently surface in the error log of the Alert...