158 vulnerabilities classified as CWE-755 (对异常条件的处理不恰当). AI Chinese analysis included.
CWE-755 represents a critical software weakness where applications fail to properly manage unexpected or exceptional runtime conditions, such as network timeouts, resource exhaustion, or invalid input states. This flaw typically allows attackers to exploit the lack of robust error handling by triggering specific exceptions that cause the system to crash, leak sensitive internal stack traces, or enter an unstable state. By carefully crafting inputs that induce these exceptional conditions, adversaries can achieve denial of service or potentially escalate privileges if the application behaves unpredictably during failure recovery. To mitigate this risk, developers must implement comprehensive exception handling mechanisms that validate inputs, ensure graceful degradation, and log errors securely without exposing internal details. Utilizing defensive programming practices and rigorous testing ensures that the software remains stable and secure even when encountering unforeseen operational anomalies.
protected void doPost (HttpServletRequest req, HttpServletResponse res) throws IOException { String ip = req.getRemoteAddr(); InetAddress addr = InetAddress.getByName(ip); ... out.println("hello " + addr.getHostName()); }foo=malloc(sizeof(char)); //the next line checks to see if malloc failed if (foo==NULL) { //We do nothing so we just ignore the error. }foo=malloc(sizeof(char)); //the next line checks to see if malloc failed if (foo==NULL) { printf("Malloc failed to allocate memory resources"); return -1; }| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2019-6847 | 多款Schneider Electric产品安全漏洞 — Modicon M580, Modicon M340, and Modicon BMxCRA / 140CRA modules (see notification for version info) | 4.9 | - | 2019-10-29 |
| CVE-2019-6844 | 多款Schneider产品安全漏洞 — Modicon M580, Modicon M340, and Modicon BMxCRA / 140CRA modules (see notification for version info) | 4.9 | - | 2019-10-29 |
| CVE-2019-6843 | 多款Schneider Electric产品安全漏洞 — Modicon M580, Modicon M340, and Modicon BMxCRA / 140CRA modules (see notification for version info) | 4.9 | - | 2019-10-29 |
| CVE-2019-6842 | 多款Schneider Electric产品安全漏洞 — Modicon M580, Modicon M340, and Modicon BMxCRA / 140CRA modules (see notification for version info) | 4.9 | - | 2019-10-29 |
| CVE-2019-6841 | 多款Schneider产品安全漏洞 — Modicon M580, Modicon M340, and Modicon BMxCRA / 140CRA modules (see notification for version info) | 4.9 | - | 2019-10-29 |
| CVE-2019-0051 | SRX5000 Series: Denial of Service vulnerability in SSL-Proxy feature. — Junos OS | 6.5 | Medium | 2019-10-09 |
| CVE-2019-8462 | Check Point R80.30 Security Gateway 安全漏洞 — Check Point Security Gateway | 7.5 | - | 2019-10-02 |
| CVE-2017-9658 | Philips IntelliVue MX40 Patient Worn Monitor 安全漏洞 — IntelliVue MX40 Patient Worn Monitor | 6.5 | - | 2018-04-30 |
Vulnerabilities classified as CWE-755 (对异常条件的处理不恰当) represent 158 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.