目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%
请我们喝杯咖啡

CWE-248 未捕获的异常 类漏洞列表 153

CWE-248 未捕获的异常 类弱点 153 条 CVE 漏洞汇总,含 AI 中文分析。

CWE-248 属于未捕获异常漏洞,指函数抛出异常但未被代码正确捕获处理。攻击者通常通过构造特定输入触发异常,导致程序崩溃引发拒绝服务,或泄露堆栈跟踪等敏感信息。开发者应通过完善异常处理机制,使用 try-catch 块包裹潜在风险代码,并记录详细日志而非直接暴露内部细节,从而提升系统稳定性与安全性。

MITRE CWE 官方描述
CWE:CWE-248 未捕获异常 (Uncaught Exception) 英文:函数中抛出了异常,但该异常未被捕获。 当异常未被捕获时,可能导致程序崩溃或暴露敏感信息。
常见影响 (1)
Availability, ConfidentialityDoS: Crash, Exit, or Restart, Read Application Data
An uncaught exception could cause the system to be placed in a state that could lead to a crash, exposure of sensitive information or other unintended behaviors.
代码示例 (2)
The following example attempts to resolve a hostname.
protected void doPost (HttpServletRequest req, HttpServletResponse res) throws IOException { String ip = req.getRemoteAddr(); InetAddress addr = InetAddress.getByName(ip); ... out.println("hello " + addr.getHostName()); }
Bad · Java
The _alloca() function allocates memory on the stack. If an allocation request is too large for the available stack space, _alloca() throws an exception. If the exception is not caught, the program will crash, potentially enabling a denial of service attack. _alloca() has been deprecated as of Microsoft Visual Studio 2005(R). It has been replaced with the more secure _alloca_s().
CVE ID标题CVSS风险等级Published
CVE-2026-41585 ZEBRA 认证客户端中断JSON-RPC请求导致拒绝服务漏洞 — zebra--2026-05-08
CVE-2026-7183 UERANSIM 安全漏洞 — UERANSIM 5.3 Medium2026-04-27
CVE-2026-5937 Foxit PDF Reader和Foxit PDF Editor 安全漏洞 — Foxit PDF Editor 5.5 Medium2026-04-27
CVE-2026-35348 uutils coreutils 安全漏洞 — coreutils 5.5 Medium2026-04-22
CVE-2026-34944 wasmtime 安全漏洞 — wasmtime 7.5AIHighAI2026-04-09
CVE-2026-34943 wasmtime 安全漏洞 — wasmtime 7.5AIHighAI2026-04-09
CVE-2026-24175 NVIDIA Triton Inference Server 安全漏洞 — Triton Inference Server 7.5 High2026-04-07
CVE-2026-34986 Go JOSE 安全漏洞 — go-jose 7.5 High2026-04-06
CVE-2026-34752 Haraka 安全漏洞 — Haraka 5.3AIMediumAI2026-04-02
CVE-2026-33203 SiYuan 访问控制错误漏洞 — siyuan 7.5 High2026-03-20
CVE-2026-32770 Parse Server 安全漏洞 — parse-server 5.9 Medium2026-03-18
CVE-2026-32314 Yamux 安全漏洞 — rust-yamux 7.5AIHighAI2026-03-13
CVE-2026-31949 LibreChat 安全漏洞 — LibreChat 6.5 Medium2026-03-13
CVE-2026-2229 undici 安全漏洞 — undici 7.5 High2026-03-12
CVE-2026-1528 undici 安全漏洞 — undici 7.5 High2026-03-12
CVE-2026-31870 cpp-httplib 安全漏洞 — cpp-httplib 7.5 High2026-03-11
CVE-2026-31812 Quinn 安全漏洞 — quinn 7.5 -2026-03-10
CVE-2026-20068 Cisco Secure Firewall Threat Defense和Cisco IOS XE Software 安全漏洞 — Cisco Cyber Vision 5.8 Medium2026-03-04
CVE-2026-20031 Cisco Secure Endpoint 安全漏洞 — Cisco Secure Endpoint 5.3 Medium2026-03-04
CVE-2026-27631 Exiv2 安全漏洞 — exiv2 5.5AIMediumAI2026-03-02
CVE-2026-1507 AVEVA PI Data Archive PI Server 安全漏洞 — PI Data Archive PI Server 7.5 High2026-02-10
CVE-2026-25577 Emmett-Core 安全漏洞 — core 7.5 High2026-02-10
CVE-2025-13064 AXIS Camera Station Pro 安全漏洞 — AXIS Camera Station Pro 4.5 Medium2026-02-10
CVE-2025-67647 SvelteKit 代码问题漏洞 — kit 7.5AIHighAI2026-01-15
CVE-2025-66578 Xmlseclibs 安全漏洞 — xmlseclibs 6.0 Medium2025-12-09
CVE-2025-20758 MediaTek Chipsets 安全漏洞 — MT2735, MT2737, MT6813, MT6833, MT6833P, MT6835, MT6835T, MT6853, MT6853T, MT6855, MT6855T, MT6873, MT6875, MT6875T, MT6877, MT6877T, MT6877TT, MT6878, MT6878M, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895TT, MT6896, MT6897, MT6899, MT6980, MT6980D, MT6983, MT6983T, MT6985, MT6985T, MT6989, MT6989T, MT6990, MT6991, MT8673, MT8675, MT8676, MT8678, MT8755, MT8771, MT8791, MT8791T, MT8792, MT8793, MT8795T, MT8797, MT8798, MT8863, MT8873, MT8883, MT8893 7.5AIHighAI2025-12-02
CVE-2025-20754 MediaTek Chipsets 安全漏洞 — MT2735, MT2737, MT6813, MT6833, MT6833P, MT6835, MT6835T, MT6853, MT6853T, MT6855, MT6855T, MT6873, MT6875, MT6875T, MT6877, MT6877T, MT6877TT, MT6878, MT6878M, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895TT, MT6896, MT6897, MT6899, MT6980, MT6980D, MT6983, MT6983T, MT6985, MT6985T, MT6989, MT6989T, MT6990, MT6991, MT8673, MT8675, MT8676, MT8678, MT8755, MT8771, MT8791, MT8791T, MT8792, MT8793, MT8795T, MT8797, MT8798, MT8863, MT8873, MT8883, MT8893 7.5AIHighAI2025-12-02
CVE-2025-20753 MediaTek Chipsets 安全漏洞 — MT2735, MT2737, MT6833, MT6833P, MT6853, MT6853T, MT6855, MT6855T, MT6873, MT6875, MT6875T, MT6877, MT6877T, MT6877TT, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895TT, MT6896, MT6980, MT6980D, MT6983, MT6983T, MT6985, MT6985T, MT6989, MT6989T, MT6990, MT8675, MT8771, MT8791, MT8791T, MT8797 7.5AIHighAI2025-12-02
CVE-2025-66305 Grav 安全漏洞 — grav 4.9AIMediumAI2025-12-01
CVE-2025-8870 Arista EOS 安全漏洞 — EOS 4.9 Medium2025-11-14

CWE-248(未捕获的异常) 是常见的弱点类别,本平台收录该类弱点关联的 153 条 CVE 漏洞。