Skip to main content

CWE-167

Improper Handling of Additional Special Element

5 CVEs Avg CVSS 6.4 MITRE
0
CRITICAL
2
HIGH
3
MEDIUM
0
LOW
2
POC
0
KEV

Monthly

CVE-2025-25006 MEDIUM This Month

Improper handling of additional special element in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Exchange Server
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-30656 HIGH This Week

An Improper Handling of Additional Special Element vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series with MS-MPC, MS-MIC and SPC3, and SRX Series, allows. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Juniper Buffer Overflow Junos
NVD
CVSS 4.0
8.7
EPSS
0.4%
CVE-2023-4809 HIGH This Week

In pf packet processing with a 'scrub fragment reassemble' rule, a packet containing multiple IPv6 fragment headers would be reassembled, and then immediately processed. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Freebsd
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2023-3580 MEDIUM POC PATCH This Month

Improper Handling of Additional Special Element in GitHub repository squidex/squidex prior to 7.4.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Squidex
NVD GitHub
CVSS 3.1
4.3
EPSS
0.6%
CVE-2023-0643 MEDIUM POC PATCH This Month

Improper Handling of Additional Special Element in GitHub repository squidex/squidex prior to 7.4.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Squidex
NVD GitHub
CVSS 3.1
6.1
EPSS
0.6%
EPSS 0% CVSS 5.3
MEDIUM This Month

Improper handling of additional special element in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Exchange Server
NVD
EPSS 0% CVSS 8.7
HIGH This Week

An Improper Handling of Additional Special Element vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series with MS-MPC, MS-MIC and SPC3, and SRX Series, allows. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Juniper Buffer Overflow Junos
NVD
EPSS 1% CVSS 7.5
HIGH This Week

In pf packet processing with a 'scrub fragment reassemble' rule, a packet containing multiple IPv6 fragment headers would be reassembled, and then immediately processed. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Freebsd
NVD
EPSS 1% CVSS 4.3
MEDIUM POC PATCH This Month

Improper Handling of Additional Special Element in GitHub repository squidex/squidex prior to 7.4.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Squidex
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM POC PATCH This Month

Improper Handling of Additional Special Element in GitHub repository squidex/squidex prior to 7.4.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Squidex
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy