CVEbaza.plSłownik CWECWE-240
Common Weakness Enumeration

CWE-240

Improper Handling of Inconsistent Structural Elements

Kategoria: BaseCVE: 5
Opis

Produkt nie obsługuje lub nieprawidłowo obsługuje sytuacje, gdy dwa lub więcej elementy strukturalne powinny być spójne, ale nie są. Prowadzi to do potencjalnych błędów lub luk w zabezpieczeniach.

Description (EN)

The product does not handle or incorrectly handles when two or more structural elements should be consistent, but are not.

Podatności CVE z CWE-240 (5)
7.5
CVSS
HIGH
CVE-2023-39914

NLnet Labs' bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding.

pub. 2023-09-13
7.5
CVSS
HIGH
CVE-2023-39915

NLnet Labs' Routinator up to and including version 0.12.1 may crash when trying to parse certain malformed RPKI objects. This is due to insufficient input checking in the bcder library covered by CVE-2023-39914.

pub. 2023-09-13
7.5
CVSS
HIGH
CVE-2021-31890

A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), PLUSCONTROL 1st Gen (All versions), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), SIMOTICS CONNECT 400 (All versions < V1.0.0.0). The total length of an TCP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on the network buffer organization in memory. (FSMD-2021-0017)

pub. 2021-11-09
7.1
CVSS
HIGH
CVE-2025-4321

In a Bluetooth device, using RS9116-WiseConnect SDK experiences a Denial of Service, if it receives malformed L2CAP packets, only hard reset will bring the device to normal operation

pub. 2025-11-17
6.5
CVSS
MEDIUM
CVE-2022-40957

Inconsistent data in instruction and data cache when creating wasm code could lead to a potentially exploitable crash.<br>*This bug only affects Firefox on ARM64 platforms.*. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.

pub. 2022-12-22
Informacje
ID: CWE-240
Typ: Base
Podatności: 5
MITRE CWE ↗
← Słownik CWE