diff --git a/superset/views/core.py b/superset/views/core.py
index 575e0deae..675b04126 100755
--- a/superset/views/core.py
+++ b/superset/views/core.py
@@ -9,7 +9,7 @@ import traceback
 from urllib import parse
 
 from flask import (
-    flash, g, Markup, redirect, render_template, request, Response, url_for,
+    abort, flash, g, Markup, redirect, render_template, request, Response, url_for,
 )
 from flask_appbuilder import expose, SimpleFormView
 from flask_appbuilder.actions import action
@@ -1028,11 +1028,11 @@ class Superset(BaseSupersetView):
         # Include the slice_form_data if request from explore or slice calls
         # or if form_data only contains slice_id
         if slice_id and (use_slice_data or contains_only_slc_id):
-            slc = db.session.query(models.Slice).filter_by(id=slice_id).first()
-            slice_form_data = slc.form_data.copy()
-
-            slice_form_data.update(form_data)
-            form_data = slice_form_data
+            slc = db.session.query(models.Slice).filter_by(id=slice_id).one_or_none()
+            if slc:
+                slice_form_data = slc.form_data.copy()
+                slice_form_data.update(form_data)
+                form_data = slice_form_data
 
         update_time_range(form_data)
 
@@ -1068,6 +1068,8 @@ class Superset(BaseSupersetView):
     @expose('/slice/<slice_id>/')
     def slice(self, slice_id):
         form_data, slc = self.get_form_data(slice_id, use_slice_data=True)
+        if not slc:
+            abort(404)
         endpoint = '/superset/explore/?form_data={}'.format(
             parse.quote(json.dumps(form_data)),
         )
@@ -2099,7 +2101,9 @@ class Superset(BaseSupersetView):
         else:
             qry = qry.filter_by(slug=dashboard_id)
 
-        dash = qry.one()
+        dash = qry.one_or_none()
+        if not dash:
+            abort(404)
         datasources = set()
         for slc in dash.slices:
             datasource = slc.datasource
diff --git a/tests/core_tests.py b/tests/core_tests.py
index 70b634166..2acd842c4 100644
--- a/tests/core_tests.py
+++ b/tests/core_tests.py
@@ -62,6 +62,10 @@ class CoreTests(SupersetTestCase):
             data=dict(username='admin', password='wrongPassword'))
         self.assertIn('User confirmation needed', resp)
 
+    def test_dashboard_endpoint(self):
+        resp = self.client.get('/superset/dashboard/-1/')
+        assert resp.status_code == 404
+
     def test_slice_endpoint(self):
         self.login(username='admin')
         slc = self.get_slice('Girls', db.session)
@@ -74,6 +78,9 @@ class CoreTests(SupersetTestCase):
             '/superset/slice/{}/?standalone=true'.format(slc.id))
         assert 'List Roles' not in resp
 
+        resp = self.client.get('/superset/slice/-1/')
+        assert resp.status_code == 404
+
     def test_cache_key(self):
         self.login(username='admin')
         slc = self.get_slice('Girls', db.session)