Common Weakness Enumeration

CWE-252

Allowed

Unchecked Return Value

Abstraction: Base · Status: Draft

The product does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions.

227 vulnerabilities reference this CWE, most recent first.

GHSA-GQ3X-86G7-5JRC

Vulnerability from github – Published: 2022-05-13 01:10 – Updated: 2022-05-13 01:10
VLAI
Details

The ConcatenateImages function in MagickWand/magick-cli.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of service (application crash) via a crafted file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2016-10060"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-252"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-03-02T21:59:00Z",
    "severity": "MODERATE"
  },
  "details": "The ConcatenateImages function in MagickWand/magick-cli.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of service (application crash) via a crafted file.",
  "id": "GHSA-gq3x-86g7-5jrc",
  "modified": "2022-05-13T01:10:27Z",
  "published": "2022-05-13T01:10:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10060"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ImageMagick/ImageMagick/issues/196"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ImageMagick/ImageMagick/commit/933e96f01a8c889c7bf5ffd30020e86a02a046e7"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410470"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/95208"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-GR75-MCWQ-HXV5

Vulnerability from github – Published: 2026-01-22 15:31 – Updated: 2026-01-22 15:31
VLAI
Details

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.6 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that could have allowed an individual with existing knowledge of a victim's credential ID to bypass two-factor authentication by submitting forged device responses.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-0723"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-252"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-01-22T15:16:50Z",
    "severity": "HIGH"
  },
  "details": "GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.6 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that could have allowed an individual with existing knowledge of a victim\u0027s credential ID to bypass two-factor authentication by submitting forged device responses.",
  "id": "GHSA-gr75-mcwq-hxv5",
  "modified": "2026-01-22T15:31:32Z",
  "published": "2026-01-22T15:31:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0723"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/3476052"
    },
    {
      "type": "WEB",
      "url": "https://about.gitlab.com/releases/2026/01/21/patch-release-gitlab-18-8-2-released"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/585333"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-GRC3-8Q8M-4J7C

Vulnerability from github – Published: 2022-02-09 22:37 – Updated: 2024-01-31 15:12
VLAI
Summary
Improper privilege handling in Apache Accumulo
Details

Apache Accumulo versions 1.5.0 through 1.10.0 and version 2.0.0 do not properly check the return value of some policy enforcement functions before permitting an authenticated user to perform certain administrative operations. Specifically, the return values of the 'canFlush' and 'canPerformSystemActions' security functions are not checked in some instances, therefore allowing an authenticated user with insufficient permissions to perform the following actions: flushing a table, shutting down Accumulo or an individual tablet server, and setting or removing system-wide Accumulo configuration properties.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.accumulo:accumulo-master"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.5.0"
            },
            {
              "fixed": "1.10.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.accumulo:accumulo-master"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.0.0"
            },
            {
              "fixed": "2.0.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "2.0.0"
      ]
    }
  ],
  "aliases": [
    "CVE-2020-17533"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-252",
      "CWE-280",
      "CWE-732"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-04-07T22:41:39Z",
    "nvd_published_at": "2020-12-29T12:15:00Z",
    "severity": "HIGH"
  },
  "details": "Apache Accumulo versions 1.5.0 through 1.10.0 and version 2.0.0 do not properly check the return value of some policy enforcement functions before permitting an authenticated user to perform certain administrative operations. Specifically, the return values of the \u0027canFlush\u0027 and \u0027canPerformSystemActions\u0027 security functions are not checked in some instances, therefore allowing an authenticated user with insufficient permissions to perform the following actions: flushing a table, shutting down Accumulo or an individual tablet server, and setting or removing system-wide Accumulo configuration properties.",
  "id": "GHSA-grc3-8q8m-4j7c",
  "modified": "2024-01-31T15:12:56Z",
  "published": "2022-02-09T22:37:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-17533"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/accumulo/commit/56142a89952533fef922fa86739a879c073e7c2a"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/accumulo/commit/877ad502f6857e48342664e4b0ce83db74e4cda4"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/apache/accumulo"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rf8c1a787b6951d3dacb9ec58f0bf1633790c91f54ff10c6f8ff9d8ed%40%3Cannounce.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rf8c1a787b6951d3dacb9ec58f0bf1633790c91f54ff10c6f8ff9d8ed%40%3Cuser.accumulo.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rf8c1a787b6951d3dacb9ec58f0bf1633790c91f54ff10c6f8ff9d8ed@%3Cannounce.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2020/12/29/1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Improper privilege handling in Apache Accumulo"
}

GHSA-GRH8-RG86-H558

Vulnerability from github – Published: 2024-08-14 15:31 – Updated: 2025-11-04 00:31
VLAI
Details

Unchecked return value in firmware for some Intel(R) CSME may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-40067"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-252"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-08-14T14:15:13Z",
    "severity": "MODERATE"
  },
  "details": "Unchecked return value in firmware for some Intel(R) CSME may allow an unauthenticated user to potentially enable escalation of privilege via physical access.",
  "id": "GHSA-grh8-rg86-h558",
  "modified": "2025-11-04T00:31:11Z",
  "published": "2024-08-14T15:31:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40067"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20241108-0003"
    },
    {
      "type": "WEB",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00999.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:L/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-GRP6-R7RQ-FPC3

Vulnerability from github – Published: 2022-05-13 01:21 – Updated: 2022-05-13 01:21
VLAI
Details

In Wireshark 3.0.0, the TSDNS dissector could crash. This was addressed in epan/dissectors/packet-tsdns.c by splitting strings safely.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-10902"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-252"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-04-09T04:29:00Z",
    "severity": "HIGH"
  },
  "details": "In Wireshark 3.0.0, the TSDNS dissector could crash. This was addressed in epan/dissectors/packet-tsdns.c by splitting strings safely.",
  "id": "GHSA-grp6-r7rq-fpc3",
  "modified": "2022-05-13T01:21:57Z",
  "published": "2022-05-13T01:21:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10902"
    },
    {
      "type": "WEB",
      "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15619"
    },
    {
      "type": "WEB",
      "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=95571f17d5e2de39735e62e5251583f930c06d51"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4LYIOOQIMFQ3PA7AFBK4DNXHISTEYUC5"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PU3QA2DUO3XS24QE24CQRP4A4XQQY76R"
    },
    {
      "type": "WEB",
      "url": "https://www.wireshark.org/security/wnpa-sec-2019-16.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/107836"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-H47X-XW68-3M46

Vulnerability from github – Published: 2022-05-13 01:46 – Updated: 2025-04-20 03:34
VLAI
Details

dmcrypt-get-device, as shipped in the eject package of Debian and Ubuntu, does not check the return value of the (1) setuid or (2) setgid function, which might cause dmcrypt-get-device to execute code, which was intended to run as an unprivileged user, as root. This affects eject through 2.1.5+deb1+cvs20081104-13.1 on Debian, eject before 2.1.5+deb1+cvs20081104-13.1ubuntu0.16.10.1 on Ubuntu 16.10, eject before 2.1.5+deb1+cvs20081104-13.1ubuntu0.16.04.1 on Ubuntu 16.04 LTS, eject before 2.1.5+deb1+cvs20081104-13.1ubuntu0.14.04.1 on Ubuntu 14.04 LTS, and eject before 2.1.5+deb1+cvs20081104-9ubuntu0.1 on Ubuntu 12.04 LTS.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-6964"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-252"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-03-28T01:59:00Z",
    "severity": "HIGH"
  },
  "details": "dmcrypt-get-device, as shipped in the eject package of Debian and Ubuntu, does not check the return value of the (1) setuid or (2) setgid function, which might cause dmcrypt-get-device to execute code, which was intended to run as an unprivileged user, as root. This affects eject through 2.1.5+deb1+cvs20081104-13.1 on Debian, eject before 2.1.5+deb1+cvs20081104-13.1ubuntu0.16.10.1 on Ubuntu 16.10, eject before 2.1.5+deb1+cvs20081104-13.1ubuntu0.16.04.1 on Ubuntu 16.04 LTS, eject before 2.1.5+deb1+cvs20081104-13.1ubuntu0.14.04.1 on Ubuntu 14.04 LTS, and eject before 2.1.5+deb1+cvs20081104-9ubuntu0.1 on Ubuntu 12.04 LTS.",
  "id": "GHSA-h47x-xw68-3m46",
  "modified": "2025-04-20T03:34:56Z",
  "published": "2022-05-13T01:46:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-6964"
    },
    {
      "type": "WEB",
      "url": "https://launchpad.net/bugs/1673627"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2017/dsa-3823"
    },
    {
      "type": "WEB",
      "url": "https://www.ubuntu.com/usn/usn-3246-1"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2017/dsa-3823"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/97154"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HJWW-HMP9-XPPJ

Vulnerability from github – Published: 2026-03-25 12:30 – Updated: 2026-05-28 15:39
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

ASoC: SDCA: Add allocation failure check for Entity name

Currently find_sdca_entity_iot() can allocate a string for the Entity name but it doesn't check if that allocation succeeded. Add the missing NULL check after the allocation.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-23301"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-252"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-25T11:16:25Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SDCA: Add allocation failure check for Entity name\n\nCurrently find_sdca_entity_iot() can allocate a string for the\nEntity name but it doesn\u0027t check if that allocation succeeded.\nAdd the missing NULL check after the allocation.",
  "id": "GHSA-hjww-hmp9-xppj",
  "modified": "2026-05-28T15:39:37Z",
  "published": "2026-03-25T12:30:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23301"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/27990181031fdcdbe0f7c46011f6404e5d116386"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/bdcc10a86055beb7109a786d94abf5626f375bbd"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HPC3-58QP-H295

Vulnerability from github – Published: 2023-02-18 00:31 – Updated: 2023-02-28 21:30
VLAI
Details

HyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0.20210107 and prior of HyperKit, the implementation of qnotify at pci_vtrnd_notify fails to check the return value of vq_getchain. This leads to struct iovec iov; being uninitialized and used to read memory in len = (int) read(sc->vrsc_fd, iov.iov_base, iov.iov_len); when an attacker is able to make vq_getchain fail. This issue may lead to a guest crashing the host causing a denial of service and, under certain circumstance, memory corruption. This issue is fixed in commit 41272a980197917df8e58ff90642d14dec8fe948.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-32845"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-252",
      "CWE-908"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-02-17T23:15:00Z",
    "severity": "HIGH"
  },
  "details": "HyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0.20210107 and prior of HyperKit, the implementation of `qnotify` at `pci_vtrnd_notify` fails to check the return value of `vq_getchain`. This leads to `struct iovec iov;` being uninitialized and used to read memory in `len = (int) read(sc-\u003evrsc_fd, iov.iov_base, iov.iov_len);` when an attacker is able to make `vq_getchain` fail. This issue may lead to a guest crashing the host causing a denial of service and, under certain circumstance, memory corruption. This issue is fixed in commit 41272a980197917df8e58ff90642d14dec8fe948.",
  "id": "GHSA-hpc3-58qp-h295",
  "modified": "2023-02-28T21:30:17Z",
  "published": "2023-02-18T00:31:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32845"
    },
    {
      "type": "WEB",
      "url": "https://github.com/moby/hyperkit/pull/313"
    },
    {
      "type": "WEB",
      "url": "https://github.com/moby/hyperkit/commit/41272a980197917df8e58ff90642d14dec8fe948"
    },
    {
      "type": "ADVISORY",
      "url": "https://securitylab.github.com/advisories/GHSL-2021-054_057-moby-hyperkit"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HW3P-W63H-MJ9C

Vulnerability from github – Published: 2022-05-24 17:37 – Updated: 2022-05-24 17:37
VLAI
Details

An issue was discovered in LINBIT csync2 through 2.0. It does not correctly check for the return value GNUTLS_E_WARNING_ALERT_RECEIVED of the gnutls_handshake() function. It neglects to call this function again, as required by the design of the API.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-15523"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-252"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-12-30T21:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in LINBIT csync2 through 2.0. It does not correctly check for the return value GNUTLS_E_WARNING_ALERT_RECEIVED of the gnutls_handshake() function. It neglects to call this function again, as required by the design of the API.",
  "id": "GHSA-hw3p-w63h-mj9c",
  "modified": "2022-05-24T17:37:34Z",
  "published": "2022-05-24T17:37:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15523"
    },
    {
      "type": "WEB",
      "url": "https://github.com/LINBIT/csync2/pull/13/commits/92742544a56bcbcd9ec99ca15f898b31797e39e2"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00003.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-J3QC-3VF3-5GCH

Vulnerability from github – Published: 2022-09-13 00:00 – Updated: 2022-09-16 00:00
VLAI
Details

Dell BIOS versions contain an Unchecked Return Value vulnerability. A local authenticated administrator user could potentially exploit this vulnerability in order to change the state of the system or cause unexpected failures.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-31225"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-252"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-09-12T19:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Dell BIOS versions contain an Unchecked Return Value vulnerability. A local authenticated administrator user could potentially exploit this vulnerability in order to change the state of the system or cause unexpected failures.",
  "id": "GHSA-j3qc-3vf3-5gch",
  "modified": "2022-09-16T00:00:31Z",
  "published": "2022-09-13T00:00:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31225"
    },
    {
      "type": "WEB",
      "url": "https://www.dell.com/support/kbdoc/000202196"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-53
Implementation

Check the results of all functions that return a value and verify that the value is expected.

Mitigation MIT-56
Implementation

For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].

Mitigation
Implementation

Ensure that you account for all possible return values from the function.

Mitigation
Implementation

When designing a function, make sure you return a value or throw an exception in case of an error.

No CAPEC attack patterns related to this CWE.