Skip to main content

CWE-232

Improper Handling of Undefined Values

10 CVEs Avg CVSS 6.7 MITRE
0
CRITICAL
5
HIGH
5
MEDIUM
0
LOW
1
POC
0
KEV

Monthly

CVE-2025-20314 MEDIUM This Month

A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker with level-15 privileges or an unauthenticated attacker with physical access to an affected device to execute. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Cisco Apple
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2025-40775 HIGH PATCH This Week

When an incoming DNS protocol message includes a Transaction Signature (TSIG), BIND always checks it. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Red Hat Suse
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-20192 HIGH This Month

A vulnerability in the Internet Key Exchange version 1 (IKEv1) implementation of Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Denial Of Service Cisco Apple
NVD
CVSS 3.1
7.7
EPSS
0.6%
CVE-2023-39915 HIGH This Week

NLnet Labs' Routinator up to and including version 0.12.1 may crash when trying to parse certain malformed RPKI objects. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Routinator
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-39914 Cargo HIGH PATCH This Week

NLnet Labs' bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Bcder
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-36848 MEDIUM This Month

An Improper Handling of Undefined Values vulnerability in the periodic packet management daemon (PPMD) of Juniper Networks Junos OS on MX Series(except MPC10, MPC11 and LC9600) allows an. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2023-2968 npm HIGH POC PATCH This Week

A remote attacker can trigger a denial of service in the socket.remoteAddress variable, by sending a crafted HTTP request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Proxy
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2022-22213 MEDIUM This Month

A vulnerability in Handling of Undefined Values in the routing protocol daemon (RPD) process of Juniper Networks Junos OS and Junos OS Evolved may allow an unauthenticated network-based attacker to. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Juniper Denial Of Service Junos Junos Os Evolved
NVD
CVSS 3.1
5.9
EPSS
0.6%
CVE-2021-3718 MEDIUM This Month

A denial of service vulnerability was reported in some ThinkPad models that could cause a system to crash when the Enhanced Biometrics setting is enabled in BIOS. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Thinkpad 11E 3Rd Gen Firmware Thinkpad 11E 4Th Gen I3 Firmware Thinkpad 11E 4Th Gen I7 Firmware Thinkpad 11E 4Th Gen I5 Firmware +35
NVD
CVSS 3.1
4.6
EPSS
0.2%
CVE-2021-34705 MEDIUM This Month

A vulnerability in the Voice Telephony Service Provider (VTSP) service of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass configured destination. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Apple Microsoft Authentication Bypass iOS +1
NVD
CVSS 3.1
5.3
EPSS
1.0%
EPSS 0% CVSS 6.7
MEDIUM This Month

A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker with level-15 privileges or an unauthenticated attacker with physical access to an affected device to execute. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Cisco Apple
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

When an incoming DNS protocol message includes a Transaction Signature (TSIG), BIND always checks it. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Red Hat Suse
NVD
EPSS 1% CVSS 7.7
HIGH This Month

A vulnerability in the Internet Key Exchange version 1 (IKEv1) implementation of Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Denial Of Service Cisco +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

NLnet Labs' Routinator up to and including version 0.12.1 may crash when trying to parse certain malformed RPKI objects. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Routinator
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

NLnet Labs' bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Bcder
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

An Improper Handling of Undefined Values vulnerability in the periodic packet management daemon (PPMD) of Juniper Networks Junos OS on MX Series(except MPC10, MPC11 and LC9600) allows an. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos
NVD
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

A remote attacker can trigger a denial of service in the socket.remoteAddress variable, by sending a crafted HTTP request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Proxy
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

A vulnerability in Handling of Undefined Values in the routing protocol daemon (RPD) process of Juniper Networks Junos OS and Junos OS Evolved may allow an unauthenticated network-based attacker to. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Juniper Denial Of Service Junos +1
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

A denial of service vulnerability was reported in some ThinkPad models that could cause a system to crash when the Enhanced Biometrics setting is enabled in BIOS. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Thinkpad 11E 3Rd Gen Firmware Thinkpad 11E 4Th Gen I3 Firmware +37
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability in the Voice Telephony Service Provider (VTSP) service of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass configured destination. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Apple Microsoft +3
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy