CVE-2024-54011 Missing Error/Exception Handling

Penetration Testing engineers at Amazon have discovered a flaw where the camera system fails to properly handle data supplied in certain requests, causing a service disruption. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and...

PT-2026-28312

Name of the Vulnerable Software and Affected Versions Coverity Connect affected versions not specified Description The authentication logic in the command line tooling for Coverity Connect is missing an error handler, leading to a potential authentication bypass. An attacker with access to the...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the failure to perform error handling when a platform device addition fails, which could lead to a memory le...

Linux Distros Unpatched Vulnerability : CVE-2023-53379

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: phy: phy-tahvo: fix memory leak in tahvousbprobe Smatch reports: drivers/usb/phy/phy-tahvo.c: tahvousbprobe warn: missing unwind goto? After geting irq, if...

CVE-2023-43885

Missing error handling in the HTTP server component of Tenda RX9 Pro Firmware V22.03.02.20 allows authenticated attackers to arbitrarily lock the device...

PT-2023-13726 · Kiali · Kiali

Name of the Vulnerable Software and Affected Versions: Kiali affected versions not specified Description: A content spoofing issue was found in Kiali, where it does not implement error handling when the page or endpoint being accessed cannot be found. This allows an attacker to perform arbitrary...

GHSA-P25M-JPJ4-QCRR Denial of Service Vulnerability in gRPC TCP Server (Posix-compatible platforms)

Lack of error handling in the TCP server in Google's gRPC starting version 1.23 on posix-compatible platforms ex. Linux allows an attacker to cause a denial of service by initiating a significant number of connections with the server. Note that gRPC C++ Python, and Ruby are affected, but gRPC Jav...

SUSE CVE-2019-5051

An exploitable heap-based buffer overflow vulnerability exists when loading a PCX file in SDL2image, version 2.0.4. A missing error handler can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this vulnerability...

libnbd: nbdcopy: missing error handling may create corrupted destination image

A flaw was found in the copying tool nbdcopy of libnbd. When performing multi-threaded copies using asynchronous nbd calls, nbdcopy was blindly treating the completion of an asynchronous command as successful, rather than checking the error parameter. This could result in the silent creation of a...

RHEL 8 : virt:av and virt-devel:av (RHSA-2022:0971)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0971 advisory. The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Re...

FreeBSD : FreeBSD -- Missing error handling in bhyve(8) device models (a6d5d4c1-0564-11ec-b69d-4062311215d5)

Certain VirtIO-based device models failed to handle errors when fetching I/O descriptors. Such errors could be triggered by a malicious guest. As a result, the device model code could be tricked into operating on uninitialized I/O vectors, leading to memory corruption. Impact : A malicious guest...