CWE-703 151 個 CVE MITRE 定義 ↗

CWE-703:Improper Check or Handling of Exceptional Conditions

概覽

CWE-703(Improper Check or Handling of Exceptional Conditions)描述一種在漏洞資料庫與安全評估中使用的弱點類型;定義、背景與對應 CVE 見下方各節。

安全影響
安全影響:因產品與情境而異;請結合 CVE 紀錄、嚴重度評分與 MITRE 說明進行優先級判斷。

描述

The product does not properly anticipate or handle exceptional conditions that rarely occur during normal operation of the product.

適用平台

類型 名稱 普遍性 OS / CPE
language Not Language-Specific Undetermined
technology Not Technology-Specific Undetermined

本庫相關 CVE

下列 CVE 在本庫中對應到該弱點,並保留以便追溯與檢索。

CVE 公開時間 摘要
CVE-2026-51600 2026-07-09 Tenda CP3 V3.0 firmware V31.1.9.91 does not validate the Content-Length header field in RTSP requests (including DESCRIBE, SETUP, and PLAY methods). When a request carrying a Content-Length header is …
CVE-2026-56338 2026-06-24 Capgo before 12.128.2 contains a denial of service vulnerability in the /auth/v1/otp endpoint that prevents email verification for two-factor authentication due to captcha validation failures. Authent…
CVE-2026-12324 2026-06-16 Incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12.
CVE-2026-44893 2026-06-12 Netty is a network application framework for development of protocol servers and clients. In netty-codec-haproxy prior to versions 4.1.135.Final and 4.2.15.Final, when decoding a PP2_TYPE_SSL TLV, HAP…
CVE-2026-47316 2026-05-19 Improper Check or Handling of Exceptional Conditions vulnerability in Samsung Open Source Escargot allows Input Data Manipulation. This issue affects Escargot: 590345cc6258317c5da850d846ce6baaf2afc2d…
CVE-2026-29643 2026-04-20 XiangShan (Open-source high-performance RISC-V processor) commit edb1dfaf7d290ae99724594507dc46c2c2125384 (2024-11-28) contains an improper exceptional-condition handling flaw in its CSR subsystem (Ne…
CVE-2026-34388 2026-03-27 Fleet is open source device management software. Prior to 4.81.0, a denial-of-service vulnerability in Fleet's gRPC Launcher endpoint allows an authenticated host to crash the entire Fleet server proc…
CVE-2026-31794 2026-03-10 iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a segmentation fault from invalid/wild pointer read in CIccCLUT::Interp3d() caus…
CVE-2026-31793 2026-03-10 iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a segmentation fault due to invalid/wild pointer read in CIccCalculatorFunc::App…
CVE-2025-59787 2026-03-04 2N Access Commander application version 3.4.2 and prior returns HTTP 500 Internal Server Error responses when receiving malformed or manipulated requests, indicating improper handling of invalid input…
CVE-2026-0011 2026-03-02 In enableSystemPackageLPw of Settings.java, there is a possible way to prevent location access from working due to a logic error in the code. This could lead to local escalation of privilege with no a…
CVE-2026-28407 2026-02-27 malcontent is software for discovering supply-chain compromises through context, differential analysis, and YARA. Prior to version 1.21.0, malcontent would remove nested archives which failed to extra…
CVE-2026-20640 2026-02-11 An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3. An attacker with physical access to iPhone may be able to take and v…
CVE-2025-46290 2026-02-11 A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.2, visionOS 2…
CVE-2026-1996 2026-02-10 Certain HP OfficeJet Pro printers may be vulnerable to potential denial of service when the IPP requests are mishandled, failing to establish a TCP connection.
CVE-2025-70758 2026-02-03 chetans9 core-php-admin-panel through commit a94a780d6 contains an authentication bypass vulnerability in includes/auth_validate.php. The application sends an HTTP redirect via header(Location:login.p…
CVE-2025-65017 2026-02-03 Decidim is a participatory democracy framework. In versions from 0.30.0 to before 0.30.4 and from 0.31.0.rc1 to before 0.31.0, the private data exports can lead to data leaks in case the UUID generati…
CVE-2026-21720 2026-01-27 Every uncached /avatar/:hash request spawns a goroutine that refreshes the Gravatar image. If the refresh sits in the 10-slot worker queue longer than three seconds, the handler times out and stops li…
CVE-2025-68135 2026-01-21 EVerest is an EV charging software stack. Prior to version 2025.10.0, C++ exceptions are not properly handled for and by the `TbdController` loop, leading to its caller and itself to silently terminat…
CVE-2026-21895 2026-01-08 The `rsa` crate is an RSA implementation written in rust. Prior to version 0.9.10, when creating a RSA private key from its components, the construction panics instead of returning an error when one o…

曾用名

  • Failure to Handle Exceptional Conditions (2010-12-13)

內容提交

名稱
CWE Content Team
組織
MITRE
日期
2008-09-09
版本
1.0
評論
Note: this date reflects when the entry was first published. Draft versions of this entry were provided to members of the CWE community and modified between Draft 9 and 1.0.

內容修訂

日期 名稱 版本 重要性 評論
2008-07-01 Eric Dalci 1.0 updated Time_of_Introduction
2009-03-10 CWE Content Team 1.3 updated Relationships
2009-10-29 CWE Content Team 1.6 updated Other_Notes
2010-02-16 CWE Content Team 1.8 updated Relationships
2010-12-13 CWE Content Team 1.11 updated Name, Relationship_Notes
2011-03-29 CWE Content Team 1.12 updated Relationships
2011-06-01 CWE Content Team 1.13 updated Common_Consequences, Relationships, Taxonomy_Mappings
2011-06-27 CWE Content Team 2.0 updated Common_Consequences
2011-09-13 CWE Content Team 2.1 updated Relationships, Taxonomy_Mappings
2012-05-11 CWE Content Team 2.2 updated References, Relationships, Taxonomy_Mappings
2014-07-30 CWE Content Team 2.8 updated Detection_Factors, Relationships
2017-01-19 CWE Content Team 2.10 updated Relationships
2017-11-08 CWE Content Team 3.0 updated Applicable_Platforms, Modes_of_Introduction, References, Relationships, Taxonomy_Mappings
2019-01-03 CWE Content Team 3.2 updated Relationships, Taxonomy_Mappings
2019-06-20 CWE Content Team 3.3 updated Relationships
2020-02-24 CWE Content Team 4.0 updated Applicable_Platforms, Relationships, Type
2020-08-20 CWE Content Team 4.2 updated Relationships
2020-12-10 CWE Content Team 4.3 updated Relationships
2021-07-20 CWE Content Team 4.5 updated Relationships
2021-10-28 CWE Content Team 4.6 updated Relationships
2022-04-28 CWE Content Team 4.7 updated Relationships
2023-01-31 CWE Content Team 4.10 updated Description, Relationships
2023-04-27 CWE Content Team 4.11 updated References, Relationships
2023-06-29 CWE Content Team 4.12 updated Mapping_Notes, Relationships
2023-10-26 CWE Content Team 4.13 updated Observed_Examples
2024-02-29 CWE Content Team 4.14 updated Demonstrative_Examples, Observed_Examples, References, Relationships
2025-04-03 CWE Content Team 4.17 updated Demonstrative_Examples
2025-09-09 CWE Content Team 4.18 updated Detection_Factors, References
2025-12-11 CWE Content Team 4.19 updated Diagram, Relationships, Weakness_Ordinalities
cvelogic Threat Intelligence