Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2017-11692

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-30 Jul, 2017 | 17:00
Updated At-05 Aug, 2024 | 18:19
Rejected At-
Credits

The function "Token& Scanner::peek" in scanner.cpp in yaml-cpp 0.5.3 and earlier allows remote attackers to cause a denial of service (assertion failure and application exit) via a '!2' string.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:30 Jul, 2017 | 17:00
Updated At:05 Aug, 2024 | 18:19
Rejected At:
▼CVE Numbering Authority (CNA)

The function "Token& Scanner::peek" in scanner.cpp in yaml-cpp 0.5.3 and earlier allows remote attackers to cause a denial of service (assertion failure and application exit) via a '!2' string.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/jbeder/yaml-cpp/issues/519
x_refsource_MISC
https://security.gentoo.org/glsa/202007-14
vendor-advisory
x_refsource_GENTOO
Hyperlink: https://github.com/jbeder/yaml-cpp/issues/519
Resource:
x_refsource_MISC
Hyperlink: https://security.gentoo.org/glsa/202007-14
Resource:
vendor-advisory
x_refsource_GENTOO
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/jbeder/yaml-cpp/issues/519
x_refsource_MISC
x_transferred
https://security.gentoo.org/glsa/202007-14
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: https://github.com/jbeder/yaml-cpp/issues/519
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://security.gentoo.org/glsa/202007-14
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:30 Jul, 2017 | 17:29
Updated At:20 Apr, 2025 | 01:37

The function "Token& Scanner::peek" in scanner.cpp in yaml-cpp 0.5.3 and earlier allows remote attackers to cause a denial of service (assertion failure and application exit) via a '!2' string.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.07.5HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 3.0
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
yaml-cpp_project
yaml-cpp_project
>>yaml-cpp>>Versions up to 0.5.3(inclusive)
cpe:2.3:a:yaml-cpp_project:yaml-cpp:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-617Primarynvd@nist.gov
CWE ID: CWE-617
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/jbeder/yaml-cpp/issues/519cve@mitre.org
Exploit
Third Party Advisory
https://security.gentoo.org/glsa/202007-14cve@mitre.org
N/A
https://github.com/jbeder/yaml-cpp/issues/519af854a3a-2127-422b-91ae-364da2661108
Exploit
Third Party Advisory
https://security.gentoo.org/glsa/202007-14af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: https://github.com/jbeder/yaml-cpp/issues/519
Source: cve@mitre.org
Resource:
Exploit
Third Party Advisory
Hyperlink: https://security.gentoo.org/glsa/202007-14
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://github.com/jbeder/yaml-cpp/issues/519
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Third Party Advisory
Hyperlink: https://security.gentoo.org/glsa/202007-14
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

133Records found
CVE-2006-5779
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-51.90% / 97.82%
||
7 Day CHG~0.00%
Published-07 Nov, 2006 | 18:00
Updated-07 Aug, 2024 | 20:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OpenLDAP before 2.3.29 allows remote attackers to cause a denial of service (daemon crash) via LDAP BIND requests with long authcid names, which triggers an assertion failure.

Action-Not Available
Vendor-openldapn/aCanonical Ltd.
Product-ubuntu_linuxopenldapn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2006-4574
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-6.82% / 90.95%
||
7 Day CHG~0.00%
Published-28 Oct, 2006 | 00:00
Updated-17 Jan, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Off-by-one error in the MIME Multipart dissector in Wireshark (formerly Ethereal) 0.10.1 through 0.99.3 allows remote attackers to cause a denial of service (crash) via certain vectors that trigger an assertion error related to unexpected length values.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-193
Off-by-one Error
CWE ID-CWE-617
Reachable Assertion
CVE-2006-4095
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-9.41% / 92.48%
||
7 Day CHG~0.00%
Published-06 Sep, 2006 | 00:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned.

Action-Not Available
Vendor-n/aInternet Systems Consortium, Inc.Apple Inc.Canonical Ltd.
Product-mac_os_x_servermac_os_xubuntu_linuxbindn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2020-11653
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.48% / 63.95%
||
7 Day CHG+0.02%
Published-08 Apr, 2020 | 00:00
Updated-04 Aug, 2024 | 11:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Varnish Cache before 6.0.6 LTS, 6.1.x and 6.2.x before 6.2.3, and 6.3.x before 6.3.2. It occurs when communication with a TLS termination proxy uses PROXY version 2. There can be an assertion failure and daemon restart, which causes a performance loss.

Action-Not Available
Vendor-varnish-cachevarnish-softwaren/aDebian GNU/LinuxopenSUSE
Product-varnish_cachedebian_linuxbackports_sleleapn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2022-27382
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.14% / 35.27%
||
7 Day CHG~0.00%
Published-12 Apr, 2022 | 19:14
Updated-03 Aug, 2024 | 05:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component Item_field::used_tables/update_depend_map_for_order.

Action-Not Available
Vendor-n/aMariaDB Foundation
Product-mariadbn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2022-27448
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.20% / 42.29%
||
7 Day CHG~0.00%
Published-14 Apr, 2022 | 12:56
Updated-03 Aug, 2024 | 05:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an Assertion failure in MariaDB Server v10.9 and below via 'node->pcur->rel_pos == BTR_PCUR_ON' at /row/row0mysql.cc.

Action-Not Available
Vendor-n/aMariaDB FoundationDebian GNU/Linux
Product-debian_linuxmariadbn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2021-21778
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-7.5||HIGH
EPSS-0.53% / 66.38%
||
7 Day CHG~0.00%
Published-25 Aug, 2021 | 18:27
Updated-03 Aug, 2024 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability exists in the ASDU message processing functionality of MZ Automation GmbH lib60870.NET 2.2.0. A specially crafted network request can lead to loss of communications. An attacker can send an unauthenticated message to trigger this vulnerability.

Action-Not Available
Vendor-mz-automationn/a
Product-lib60870MZ Automation"
CWE ID-CWE-617
Reachable Assertion
CVE-2020-11218
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.26% / 49.06%
||
7 Day CHG~0.00%
Published-17 Mar, 2021 | 06:00
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in baseband when NW configures LTE betaOffset-RI-Index due to lack of data validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qca9377_firmwareqpm5679_firmwaresm6250p_firmwareqca8337qfs2530qpm8870_firmwarepm6125qat5522_firmwarewcn3950_firmwarepm8150aqdm5670qca6595au_firmwareqpm5541_firmwarepm7150lqpa8821pm8998_firmwareqcs6125_firmwarepm456_firmwareqpa5580_firmwaresa415mwcn3998wcd9371_firmwarewcn3950sm4125sd720gqsw8573_firmwarewcn3660bsd450_firmwareqfe4320qsw8574_firmwaresd460_firmwaresmb2351_firmwarepm8953_firmwareqpa4360_firmwarewcn3998_firmwareqfe2520_firmwarepm855pqca6420apq8053_firmwarepm6150apm660_firmwarepm8150bsa8155_firmwareqfe2101qca6430qat3522pmr735awcd9340sd765gsdr660sdr865qdm5620_firmwaresmb1358qca6696_firmwareqln5020wcd9371sd870_firmwarepmm855au_firmwaresd_8cxqfe3340qdm5621qtc800ssd865_5g_firmwaresd712pm640p_firmwarewcn6750_firmwareqat5516_firmwarepm6150lsd450pm855l_firmwareqtc410swcn3991qpa8801pm8150l_firmwareqat5533_firmwaresdx55m_firmwareqpa8673_firmwarepm6150smb1354_firmwaresd670_firmwaresd632_firmwareqpa8842sdr052_firmwarewcd9380qcs410qpm5579_firmwaresmb1380_firmwareqfe4309_firmwaresmb1381pm855p_firmwarepm7250qpa8803sdx24_firmwareqdm2301wcd9340_firmwarewsa8815wcn6850qfe2101_firmwareqdm5621_firmwareqdm2301_firmwareqpm6375sd_8c_firmwarewcn3980_firmwaresd730pm660l_firmwarepm6250_firmwarepm8008qtm525_firmwarepme605_firmwarepme605sd678_firmwareqpm5621_firmwareqln1021aq_firmwareqcs603qpa6560_firmwareqpa8802_firmwareqln4640_firmwareqfe4308_firmwareqpm5621qpm6582sd670pm8009_firmwareqfe4303qfs2580_firmwareqcm4290_firmwarepm8150lpmi8998_firmwareqcs610_firmwarepm4250qpm5577wtr2965sa2150pqca6391_firmwarepm8150pmi8937_firmwarewcd9370_firmwareqat3516_firmwaresdx55apq8053qat3555_firmwareqpa8803_firmwarewcn3660pm855bsmb2351qln1031pm660qet6110_firmwareqpm6325pm6125_firmwareqbt1500csrb31024pmx24_firmwarefsm10055_firmwareqbt1500_firmwareqcs4290pmm855auqca6420_firmwarepm7150asd675_firmwareqpa4361_firmwareqca6426wcn3990_firmwareqca9377qpa5373_firmwarewcd9385_firmwareqdm5650_firmwaresdxr2_5g_firmwarewcd9326_firmwarewhs9410wcn3615_firmwarewtr2955pm7250_firmwaresdr845_firmwareqdm5620qln1021aqsmb1380pmk8002_firmwareqsw6310_firmwaresa8155qln1031_firmwaresdx55_firmwareqat5533wcn3615sm7250p_firmwarepm8940qsm7250_firmwarepm7150l_firmwareqca6584auqat5515_firmwarepm855qpm8830_firmwarepm8250qfs2530_firmwaresa415m_firmwarepmx55wcn3988_firmwarepm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwarepm8953qat5515qpm5677wcd9326wcd9335pm8004_firmwaresdr8150_firmwareqcs4290_firmwareqtc800h_firmwareqca6390wcd9375aqt1000sm6250_firmwareqln4642msm8917_firmwareqpm5677_firmwarewsa8815_firmwarewtr3925_firmwarepmi8937pm8998smr525_firmwareqpm8820_firmwareqfe4301_firmwareapq8017qcm6125_firmwarepmx55_firmwarewtr2955_firmwareqfe4373fc_firmwaresd865_5gpm8150_firmwareqpm8830qat5522pm8150csd665_firmwareqpa4360sc8180xqpa4361qpm5577_firmwareqdm5679_firmwaresmr525qfe4305_firmwarepm6150l_firmwarepmr525pm8150a_firmwareqln1036aq_firmwaresd665pm6150a_firmwarepm6150_firmwaresd765qca6574a_firmwareqat3555wtr2965_firmwarepm670_firmwarecsrb31024_firmwareqln1036aqqtc801ssc8180x_firmwaresd710pm8008_firmwarepmr735a_firmwarepmx50sdr8250sd768gpm8004pm640lmsm8940pmk8002sd845qcs410_firmwareqpa5580qpm5579fsm10055qfe2550qcs610qdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqat3519qbt2000_firmwarepm855a_firmwareqtc800hsdr8250_firmwareqcs2290msm8917qcs605_firmwaresd_675_firmwareqdm5671pmc1000hqpm4650_firmwareqat3518sd632sdr425_firmwaresmr526_firmwarepm640a_firmwarewgr7640_firmwareqdm2305_firmwareqpm5670_firmwaresd710_firmwareqdm5652qca6574au_firmwareqpm8870wcd9375_firmwareqpm5679qbt2000wcd9360pmx50_firmwareqpa8675_firmwarewhs9410_firmwarepm8940_firmwareqdm3301_firmwareqsm7250qcs6125sd662_firmwareqdm2308_firmwareqca6436qcs603_firmwareqpa6560sdr675_firmwarewcn3660_firmwarewcd9341pmi8952pm8937_firmwareqca6431qet4100_firmwareqfe4320_firmwarewcn3910_firmwaresd855_firmwareqdm5650wcn3988wtr3925sdr052smb1390qet4100qpa8686_firmwareqpm6585qca8337_firmwarewcd9380_firmwaresmb1355qln4650wgr7640qet5100qdm5671_firmwareqpa8801_firmwareqca6564auqtm527_firmwarepm8005_firmwaremsm8940_firmwareqet4101_firmwarepm7250bqln4642_firmwaresmb1355_firmwarepm7250b_firmwaresmb1351_firmwaresdx50m_firmwaresmb1395pm660lsmr526qca6430_firmwarewcd9335_firmwareqtc801s_firmwarewcn3980qat3522_firmwareqsw8573qcs605wcn3910qca6426_firmwarewcn3660b_firmwareqfe4309pm8009qpa8675sdr051_firmwaresdx55mqca6421_firmwareqfe4373fcmsm8953qat3518_firmwarepmi8998qfe2520qsw8574pm855lqdm5670_firmwarepm7150a_firmwarepm8150b_firmwareqfe4302pmc1000h_firmwareqdm2310_firmwarepm4250_firmwaresd870pm670qdm5677pm8005pm855_firmwareqdm2302sdxr1pm855b_firmwareqpm6582_firmwareqpm6375_firmwarepm640l_firmwareqln4650_firmwareqet5100msa8155psd675qet4101qat3516pm670lqpm5658ar8035_firmwareqcm2290qpm5658_firmwarewcn3991_firmwareqdm5652_firmwaresd678sdr051qln5030qcs2290_firmwarepm4125pmi632qpa2625_firmwarepm456qet5100_firmwareqpa5373pm670l_firmwaresdr660gsd765g_firmwareqpa8686smb1358_firmwareqca6390_firmwaresd730_firmwarewcd9370sdr425pmr525_firmwareqca6584au_firmwareqfe3340_firmwarepmi632_firmwaresd_8cx_firmwareqpm5541qat5516sd662qpa8821_firmwareqfe4308sdr660g_firmwarepm3003awcn3680b_firmwareqca6595auqca6436_firmwaresmb1354qca6564au_firmwareqdm2305qpm8820pm8937qln5020_firmwaresa515m_firmwaresdxr2_5gsdr675sm6250sd712_firmwareapq8017_firmwarewsa8810_firmwaresd765_firmwareqdm5677_firmwareqca6174a_firmwarewcd9385qpm6325_firmwareqdm2302_firmwareqat3550_firmwareqln5040_firmwarepm4125_firmwarear8035qpa8673qdm2310qfe2550_firmwaremsm8953_firmwareqln5030_firmwareqfe4302_firmwarewcn6850_firmwarepmx24qet6110pmi8952_firmwareqcm2290_firmwareqln5040qpm8895sdr845qpm5670wcn3990sd_675qtm527sdx24qdm2307_firmwaresm6250ppm855asdr660_firmwareqca6574asmb1390_firmwareqca6174aqfe4303_firmwarewcn6750qet5100m_firmwareqpm4650qtm525sa515msa2150p_firmwaresd855sm4125_firmwareqfe4305pm640psd768g_firmwaresdr865_firmwarepm8250_firmwarepm6250sd460qca6391sdxr1_firmwaresmb1351aqt1000_firmwaremsm8920qpm8895_firmwareqcm4290sdx50mpm640asdr8150msm8920_firmwaresmb1395_firmwareqca6574ausa8155p_firmwareqsw6310wcd9341_firmwareqcm6125wsa8810qtc410s_firmwareqdm2308qat3550qdm5679sd_8cwcn3680bpm3003a_firmwareqca6696qfe4301qtc800s_firmwaresmb1381_firmwaresd845_firmwareqpa2625sm7250psd720g_firmwareqln4640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-617
Reachable Assertion
CVE-2021-1937
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.26% / 49.06%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 06:20
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Reachable assertion is possible while processing peer association WLAN message from host and nonstandard incoming packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca2066sa6150p_firmwaresm6250p_firmwareqcs610ipq4028_firmwareqcn5550qca8337ar9380ipq8173_firmwareqca6431_firmwarewcd9360_firmwareqcn5124qca4024_firmwarewcn3950_firmwaresc8180x\+sdx55ipq8078asa8150p_firmwareqca6595au_firmwaresa6155qca6335qca2062qcn5064sd_455_firmwarecsra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaresa415mwcn3998wcd9371_firmwarewcn3950qcn6024_firmwaresd720gsm4125ipq8076aqsm8350_firmwaresd710_firmwareqsm8350sd460_firmwareqca6428qca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwareqca6420wcd9360qca6438_firmwareipq8070_firmwarewhs9410_firmwareipq8078a_firmwarewcn3999ipq8072_firmwareipq4029_firmwareqcs6125sa8155_firmwareipq6010sd662_firmwareqcs405qca6430wcd9340sdm830_firmwaresd765gqca6436wcn6851sa6155pqca9888_firmwarewcd9341qca2066_firmwareqca6431qca6696_firmwarewcd9371sd870_firmwaresd750gqca1062qcn5154_firmwarewcn3910_firmwaresd_8cxsa8150pwsa8830_firmwareqca9992_firmwaresd660sd865_5g_firmwaresd855_firmwarewcn3988qca6438sd660_firmwaresa8195p_firmwareqcn5121qcn5022_firmwarewcn6750_firmwareqca9898ipq4028qca6428_firmwareipq5018_firmwarewcn3991ipq4018_firmwareqca8337_firmwarewcd9380_firmwareipq8072aqca9980_firmwareipq8076a_firmwareipq8078qca6564ausdx55m_firmwareipq8173wcn6856_firmwareqcn5164sd670_firmwareqca6574csr8811_firmwarewcd9380qcn5054_firmwareqcs410qcn5024sd690_5g_firmwaresdx50m_firmwareqca8072_firmwareqcn9012_firmwareqca6430_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980qca6335_firmwareipq6018_firmwareqcs605wcd9340_firmwarewsa8815wcn6850pmp8074_firmwarewcn3910sd_8c_firmwareqca6426_firmwareqca9984ipq6028ipq8064qcn9024pmp8074wcn3980_firmwarewcn6745_firmwaresd730qcn5550_firmwaresdx55mipq8064_firmwareqca6421_firmwareqca2062_firmwareqcn5064_firmwaresd678_firmwarear8031_firmwareipq8078_firmwareqcn5054wcn6851_firmwareipq8070qca9994qca9980sd670qcn9024_firmwareipq8174_firmwaresd_636_firmwareqca6564a_firmwaresd480sd870wcn6855qcn5121_firmwareqcs610_firmwaresa6145pipq6018sdxr1ar8031qca6595_firmwareqcs405_firmwaresa8145psdm630_firmwareqca6391_firmwareqca4024wcd9370_firmwareqca2064sdx55qcn5021_firmwaresa8155pcsra6640sd675ar8035_firmwareqcn5024_firmwarewcn3991_firmwarewsa8830sd678qcn9070sa8145p_firmwareqca1062_firmwarecsrb31024sd_636csra6620qcn9072qca9992sd765g_firmwareqca6420_firmwareipq8069_firmwareqca6390_firmwareqca2064_firmwaresd690_5gipq6000sd730_firmwarewcd9370sd675_firmwareipq8072qcn5152_firmwareqca6426qca6584au_firmwarewcn3990_firmwareqcn9000_firmwareqca9984_firmwareipq5018sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewhs9410wcd9326_firmwarewcn6745ipq8074aqca2065sd662qcn5124_firmwareqca1064sa8155qcn5122_firmwaresdx55_firmwareqca6595auqcn6023_firmwarewcn3999_firmwaresm7250p_firmwareqca6436_firmwareipq5010qca6564au_firmwareqca6584ausd778gsa6155p_firmwareqca6310ipq8174sa515m_firmwareqca9990sdxr2_5gqcn5052sdm630sa415m_firmwarewcn3988_firmwareqcn9074sa6145p_firmwareqca6421sd778g_firmwaresm6250sa8195pwsa8810_firmwaresd765_firmwarewcd9326wcd9335qca8081qcn6023ipq8071aipq8071a_firmwarewcd9385qca2065_firmwareqca6390qca9898_firmwaresd750g_firmwareaqt1000wcd9375ar8035sc8180x\+sdx55_firmwaresm6250_firmwarecsr8811qcn9100_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwarewsa8815_firmwarewcn6850_firmwarewsa8835_firmwareqca6564aqcm6125_firmwareqca8072wcn3990qcn9000sd_675sd865_5gqca6595ar9380_firmwareqcn9012wsa8835sd665_firmwaresd888_5gsm6250pqcn5154qca8075_firmwareipq4018qca6574aipq6005_firmwarewcn6855_firmwareqca9889sm7325pqca9888qca6310_firmwareipq8074qca9994_firmwarewcn6750ipq8070a_firmwareipq8076_firmwaresa515mqca6574_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665ipq8076qca6175asd765qca6574a_firmwareqcn5021ipq8069qcn5152sd768g_firmwaresd460qca6391sdxr1_firmwareipq6005aqt1000_firmwareqcn9100csrb31024_firmwaresdx50mqcn9070_firmwaresd480_firmwareipq6028_firmwareipq8072a_firmwaresd_455ipq8074_firmwareqca6574auqca9889_firmwaresd710sa8155p_firmwareqcn5122wcd9341_firmwareqcm6125wsa8810wcn6856sd_8cqcn5022sd768gipq6010_firmwareqca1064_firmwareqca6696sd845_firmwaresa6150pqca8075qcn9022_firmwareqcn6024qcn9022sd845qca9990_firmwareipq8070aqcn9072_firmwaresm7250psdm830ipq6000_firmwaresd720g_firmwareipq8071_firmwareqcn9074_firmwareqcs410_firmwareipq4029qca6175a_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-617
Reachable Assertion
CVE-2021-20272
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-2.20% / 83.76%
||
7 Day CHG~0.00%
Published-09 Mar, 2021 | 13:10
Updated-03 Aug, 2024 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in privoxy before 3.0.32. An assertion failure could be triggered with a crafted CGI request leading to server crash.

Action-Not Available
Vendor-privoxyn/aDebian GNU/Linux
Product-privoxydebian_linuxprivoxy
CWE ID-CWE-617
Reachable Assertion
CVE-2020-11296
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.26% / 49.06%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 06:26
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Arithmetic overflow can happen while processing NOA IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100qfe2080fc_firmwareqca9377_firmwareqpm5679_firmwarepmd9607_firmwareqca1023qfs2530qpm8870_firmwareqln1030pm6125mdm9645msm8992_firmwarewcn3950_firmwarepm8150aqdm5670qpm5541_firmwareqpa5581_firmwareqpa8821mdm8215qcs6125_firmwarepm456_firmwaresa415mwcn3998wcd9371_firmwarewcn3950mdm9206_firmwareqsw8573_firmwarewcn3660bqsm8350_firmwareqsm8350smb2351_firmwarepm855pwtr4605_firmwarepm6150aqca9367_firmwareipq8072_firmwaresa8155_firmwareipq8068qat3522qfe4455fcpmr735asdm830_firmwaresd765gsdr660qfe1045_firmwareqfe3345qfs2630_firmwaresdr865mdm9250_firmwareqdm5620_firmwaresmr545qca6696_firmwareqln5020qca1062mdm8215_firmwarepmm855au_firmwaresd_8cxpmm8920ausa8150pqfe3340sd660sd712pm640p_firmwareqcn5121pm6150lpm855l_firmwareqca6428_firmwareqtc410sipq4018_firmwareqca4531_firmwareqfe3335_firmwareqpa8801ipq8078qat5533_firmwareipq8173sdx55m_firmwareqpa8673_firmwaresd670_firmwareqfs2630pmm8996auqpm5579_firmwaresmb1380_firmwarepmk8350_firmwareqcn5024pm855p_firmwaresd690_5g_firmwaresmb1381pm7250wtr4905sdx24_firmwareqcn9012_firmwareqdm2301qca9890_firmwareqfe2101_firmwareqca6584_firmwareqdm5621_firmwareqpm6375sd_8c_firmwareipq6028ipq8064pmp8074qca1990wcn3980_firmwaresd730qfe3320_firmwarepm8008pm8350b_firmwaremdm9225pme605_firmwarepme605apq8064au_firmwaremdm9225mipq8078_firmwareqcn5054qln1021aq_firmwareqcs603qca6164_firmwareqln4640_firmwareqca9980qpm6582qcn9024_firmwareqcs610_firmwareapq8084_firmwareqca9886_firmwarear8031wtr2965qca6164qca6391_firmwarepmx20_firmwareqca4024qat3516_firmwareapq8053qcn5021_firmwareqca9379pm855bsmb2351qpa5581qfe1040_firmwarecsrb31024qca9563_firmwaremdm9628_firmwaremdm9650qbt1500_firmwareqpm5870_firmwarepmk8001qcs4290qet6100pmd9635_firmwareapq8009_firmwaresd690_5gmdm9310_firmwaresd675_firmwareipq8072qca6426qca9984_firmwareqca9377qpm5641sdxr2_5g_firmwarewtr2955rgr7640au_firmwarepm7250_firmwareqdm5620ipq8074aqca9982qcn5122_firmwareqat5533qcn6023_firmwaresm7250p_firmwarewcn3610_firmwareqsm7250_firmwareqpm6670pm7150l_firmwareqca6584aupm855pm8250qcn5052mdm9235m_firmwaremdm9607_firmwaremdm9655_firmwareqfs2530_firmwaresa415m_firmwareqat3519_firmwareqpm5677qat5515qca9982_firmwareqcs4290_firmwareqtc800h_firmwareqpm5620mdm9625sd750g_firmwareaqt1000sm6250_firmwarepmm8195auqln4642msm8994ipq5010_firmwareipq8074a_firmwaremdm9625msd888_5g_firmwaresmr525_firmwarewsa8815_firmwareqpm8820_firmwareapq8017qpm6621_firmwaremdm9630_firmwarewtr2955_firmwareqbt1000_firmwarepm8019qca6595smb1398_firmwareqca9896_firmwareipq8065_firmwarepm8150cpmr735bsd665_firmwareqcn5154qpm5577_firmwareqdm5679_firmwareqca6310_firmwareapq8094_firmwarepm6150l_firmwaremdm9615qca6574_firmwaresd665pm6150a_firmwarepmd9607mdm9310wtr2965_firmwarecsrb31024_firmwareqfs2608qcn9070_firmwareqln1036aqipq6028_firmwareipq8072a_firmwareqca9889_firmwaresd710mdm9607mdm9645_firmwareqln1035bd_firmwaresdx20m_firmwareqca6564_firmwareqca1064_firmwaresmb1350_firmwarepmk8002apq8096au_firmwareqcn9022sdm830smb1357qpa5580pm8018_firmwareqpm5579qfe2550qcn5550qdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqat3519qbt2000_firmwareipq8078asa8150p_firmwaresdr8250_firmwareqcn5064csra6620_firmwareqln1020csra6640_firmwarepmc1000hqat3518smr526_firmwareipq8076apm640a_firmwarewgr7640_firmwareqca4020qca6428qdm5652qcn5164_firmwareipq8071sa6155_firmwarewcd9360sdx20mqca6438_firmwareqpa8675_firmwarewtr1625lqpa5460_firmwarewcn3999qsm7250pm8996ipq4029_firmwareipq6010sd662_firmwareqdm2308_firmwareqca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwareipq8068_firmwarepmi8952mdm9655qca6431wcn3910_firmwareqfe1922sd855_firmwareqdm5650qfe2080fcsdr052sa8195p_firmwaresmb1390qca9898ipq4028qpa8686_firmwarewcd9380_firmwareqca7500_firmwarewgr7640csr6030qat5568qdm5671_firmwareqpa8801_firmwareqtm527_firmwarepm8005_firmwareqca9558pm7250b_firmwarepmd9655_firmwaresmb1351_firmwaremdm9230pm8996_firmwareipq4019_firmwaresmb358sar8151smr526qca8072_firmwareqca6174pmk8003qca6430_firmwareqtc801s_firmwareqat3522_firmwarewcn3980qsw8573qcs605qbt1000mdm9225_firmwaresd7cwcn3910qca6426_firmwarepm8350_firmwarepm8009ipq8064_firmwareqat3518_firmwaresd821_firmwarepmi8998qfe2520ar8031_firmwarepm855lpmd9635pm8150b_firmwaresd_636_firmwaresmr545_firmwareqca9880pm670sd210_firmwarepm8005qdm2302sdxr1apq8096auqcs405_firmwarepmi8996_firmwareqln4650_firmwareqet5100mqca9378a_firmwarepm8952qca9531_firmwareqat3516qpm5658ar8035_firmwareqcm2290qpm5658_firmwareqcn5024_firmwarewcn3991_firmwareqdm5652_firmwareqfe4465fcqcn9070pmi632qca9378pm8350bh_firmwarepmr735b_firmwaresmb1360_firmwareqca9880_firmwarepm670l_firmwaresdr660gqfe2340ipq8069_firmwaresd730_firmwarewcd9370sdr425qcn9000_firmwareipq5018qca9369ar8151_firmwaresd_8cx_firmwareqpm5541qat5516qcn5124_firmwarepm8350bhqca6320_firmwarewcn3680b_firmwareqca6595auipq5010qdm2305sa6155p_firmwareqca6310pm8937qpm2630qca9990sdxr2_5gsmb1398msm8994_firmwaresa6145p_firmwaresdr675ipq8071aipq8071a_firmwarewcd9385qat3550_firmwareqln5040_firmwarepm4125_firmwarear8035pm8019_firmwareapq8064auqca6694_firmwareqdm2310qfe2550_firmwareqcn9100_firmwareqln5030_firmwarepm8952_firmwaresd820smb1396_firmwarecsr6030_firmwaresmr546pmx24qfe1055qca8072qln5040qpm8895sdr845qtm527qfe3440fc_firmwarepmk8350qca9558_firmwaremsm8996aupm8994_firmwareqfe1035qpm5657_firmwaresd888_5gsm6250pqln1035bdpm855asdr660_firmwarepm8909_firmwareipq4018qca6574aqpm4640mdm9635mqet5100m_firmwareipq8076_firmwareqpm4650sa515mipq8076qfe1922_firmwareqca9887qca9378_firmwaresdr865_firmwareqfe4465fc_firmwarepm8250_firmwaresd460qca6391sdxr1_firmwaremdm9626pm660asdx50mpm640apm8916qdm4650ipq8074_firmwareqca6574ausa8155p_firmwareqsw6310qcm6125qpm2630_firmwaresmb231_firmwareqdm2308qat3550wcn6856sd835_firmwareqtc800s_firmwaresa6150pqcn9022_firmwareqpa8688_firmwareipq8070apmm8195au_firmwareqcn9072_firmwaresm7250psd720g_firmwareqpm4621_firmwareqca9896ipq4029sd850qln4640qfs2580mdm9640_firmwaresm6250p_firmwareipq4028_firmwareqfe4455fc_firmwareqca8337ar9380ipq8173_firmwareqfs2608_firmwareqpa8688qcn5124qat5522_firmwaresc8180x\+sdx55qca6595au_firmwaresa6155pm7150lpm8998_firmwaresd_455_firmwareapq8076wtr5975_firmwareqpa5580_firmwareqcn6024_firmwaresd720gsm4125wtr1605pmm8920au_firmwareqsw8574_firmwaresd460_firmwaremdm9230_firmwarepm8953_firmwareqpa4360_firmwareqca8081_firmwareqfe2520_firmwarewcn3998_firmwareqca6420apq8053_firmwareqpm6670_firmwareipq8070_firmwareipq8065ipq8078a_firmwarepm660_firmwarepm8150bqca0000qfe2101qca6430wcd9340mdm9625_firmwaresmb1358qca9888_firmwarewcd9371smb1350qfe1055_firmwareqcn5154_firmwaresm4350_firmwarewtr3950pm6350qdm5621qtc800sqat3514_firmwaremdm9330_firmwareqca9992_firmwaresd865_5g_firmwaresd660_firmwareqcn5022_firmwareqcn7606_firmwareqat5516_firmwarewcn3991qca9980_firmwarepm8150l_firmwarepm6150smb1354_firmwaremsm8976_firmwareqca6574qpa8842csr8811_firmwaresdr052_firmwarewcd9380qcs410qfe3100_firmwareqca9379_firmwareqpa8803pmd9645ipq6018_firmwarewcd9340_firmwarewsa8815wcn6850pmp8074_firmwareqdm2301_firmwaremdm9215_firmwaresd835pm660l_firmwarepm6250_firmwareqtm525_firmwareqcn5064_firmwareqca9890qpm5621_firmwareqca6234rsw8577qpa6560_firmwareqca9994qpa8802_firmwareqpm5621sd670ipq8174_firmwarepm8009_firmwareqfs2580_firmwareqcm4290_firmwarewcn6855qcn7605_firmwarepm8150lpmi8998_firmwaresa6145ppm660a_firmwarepm4250qca1023_firmwareqpm5577sdm630_firmwaresd820_firmwarepm8150wcd9370_firmwaresdx55csra6640qat3555_firmwarepmi8994qpa8803_firmwareqca6234_firmwareqln1031qcn7606qpm5870pm8909qfe1040wsa8830pm660qca9561qet6110_firmwareqca1062_firmwareqpm6325pm6125_firmwareqbt1500qfe2340_firmwaresd_636pmx24_firmwareqca9378aqca9992pmm855aumdm9250qca6420_firmwaresmb1396pm7150apm8350qca6564qpa4361_firmwarepm8350c_firmwareqpa5461_firmwarewcn3990_firmwareqca4531wcd9385_firmwareqdm5650_firmwareqpa4340_firmwarewcd9326_firmwarewhs9410wcn3615_firmwaresdr845_firmwareqln1021aqsmb1380pmk8002_firmwareapq8094qsw6310_firmwaresa8155qca6584qdm4650_firmwareqln1031_firmwarepmm6155au_firmwaresdx55_firmwarewcn3615qfe1952qpm4641qat5515_firmwareipq8174qpm8830_firmwareqca9367qfe2082fc_firmwareapq8092sdm630qdm4643wcn3988_firmwarepmx55qpm4641_firmwareqcn9074pm8150c_firmwareqca6421qdm3301qpa8842_firmwaresa8195psdr735_firmwarepm8953qca6694qat3514wcd9326wcd9335pm6350_firmwareqcn6023pm8004_firmwaresdr8150_firmwareqpm4630qca6390qca9898_firmwarewcd9375msm8976sc8180x\+sdx55_firmwareqpm5677_firmwareapq8092_firmwaresdx20_firmwarewtr3925_firmwarepm8998qln1020_firmwaremdm9235mpm670a_firmwareqcm6125_firmwareqca9882wtr1625l_firmwarepmx55_firmwaresd865_5gpm8150_firmwareqpm8830pmm8996au_firmwareqat5522qca9369_firmwareqpa4360pmk8003_firmwareqca8075_firmwareqpa4361ipq6005_firmwaremdm9206qpm4640_firmwarewcn6855_firmwarepm8350csmr525qca9888ipq8070a_firmwarepmr525pm8150a_firmwarewtr3950_firmwareqca9886qln1036aq_firmwarepm6150_firmwareqca6175asd765wtr3925lpmx20qca6574a_firmwareqpm4630_firmwareqat3555sd850_firmwareapq8009qpa5461qfe2082fcpm670_firmwareqtc801smdm9626_firmwareqca9531qpm5641_firmwareqfe3320qcn5122pm8008_firmwareqpm6621pmr735a_firmwarepmx50pm8018qfe3345_firmwareqcn5022sdr8250sd768gqln1030_firmwarepm8004pm640lqca8075qcn6024sd845mdm9615_firmwareipq6000_firmwareqcs410_firmwaremdm9330qca6175a_firmwaresa6150p_firmwareqcs610pmi8996qpm5620_firmwareqfe1045qca9561_firmwareqca4024_firmwarepm855a_firmwareqtc800hqcs2290qca6335qcs605_firmwaresd_675_firmwaresmr546_firmwarewtr3905qdm5671qfe2330qpm4650_firmwaresdr425_firmwaremdm9628qpa5460qdm2305_firmwareqpm5670_firmwaresd710_firmwareqca6574au_firmwaremdm9630qpm8870wcd9375_firmwareqpm5679qbt2000pmx50_firmwarewhs9410_firmwaresdr735gqdm3301_firmwareqca7500qcs6125smb1360qcs405qca1990_firmwareqfe3440fcrsw8577_firmwareqpa6560sdr675_firmwarewcd9341qdm4643_firmwarepm8937_firmwareqet4100_firmwaresd750gqpm5657wtr1605_firmwareqpm5875_firmwarewsa8830_firmwarewcn3988qca6438wtr3925qet4100wcn3610mdm9640ipq5018_firmwareqpm6585qca8337_firmwaresmb1355ipq8072aqln4650qtc800t_firmwaremsm8996au_firmwaresdr735g_firmwarewcd9330ipq8076a_firmwareqet5100mdm9225m_firmwareqca6564auwcn6856_firmwareqcn5164pm8994qet4101_firmwarepm7250bqln4642_firmwarepmk8001_firmwaresmb1355_firmwareqcn5054_firmwareqet4200aq_firmwaresdx50m_firmwaresdr735smb1395pm660lsmb358s_firmwarewtr5975wcd9335_firmwareqcn5052_firmwareqca6335_firmwareqca6320mdm9650_firmwarewcn3660b_firmwareqca9984qcn9024qpa8675qcn5550_firmwaresdr051_firmwaresdx55mwcd9330_firmwarepm670aqca6421_firmwarewtr3905_firmwareqsw8574wcn6851_firmwareqdm5670_firmwareipq8070pm7150a_firmwareqca9887_firmwarewtr3925l_firmwarepmc1000h_firmwareqca6564a_firmwareqdm2310_firmwarepm4250_firmwarepmd9645_firmwareqcn5121_firmwareqdm5677ipq6018pm855_firmwarepmm6155aupm855b_firmwareqca6595_firmwareqpm6582_firmwareqpm6375_firmwarepm640l_firmwareqpm5875sa8155psd675wtr4605qet4101pm670lqfe2330_firmwarepmm8155au_firmwaresdr051qln5030qcs2290_firmwarepm4125qpa2625_firmwarepm456sd7c_firmwareqfe2081fc_firmwarecsra6620qet5100_firmwareqfe1100_firmwareqpm4621qcn9072qet6100_firmwaresd765g_firmwareqpa8686smb1358_firmwareqca6390_firmwareipq6000qca6174_firmwareqcn5152_firmwareqca0000_firmwarepmr525_firmwareqca6584au_firmwareapq8076_firmwareqfe3340_firmwarepmi632_firmwareqcn7605qca9563sd662qpa8821_firmwareqfe1952_firmwaresdr660g_firmwareqca1064pm3003awcn3999_firmwareqca6436_firmwareqtc800tsmb1354qca6564au_firmwareqpm8820qfe2081fcqln5020_firmwaresa515m_firmwareapq8084sd821msm8992sm6250sd712_firmwareapq8017_firmwarewsa8810_firmwaresmb231qfe1100sd765_firmwareqdm5677_firmwareqca8081qet4200aqqca6174a_firmwareqpm6325_firmwareqdm2302_firmwarepmm8155aucsr8811qpa8673ipq4019sd210wcn6850_firmwarewsa8835_firmwareqca6564aqet6110pmi8952_firmwareqcm2290_firmwaremdm9635m_firmwareqpm5670wcn3990qcn9000sd_675mdm9625m_firmwarear9380_firmwaresdx24qcn9012pmi8994_firmwarepm8350bqdm2307_firmwarewsa8835rgr7640aupm8916_firmwareqca9889qca6174asmb1390_firmwareipq8074qca9994_firmwarepm8956_firmwareqtm525wtr6955qfe3335sd855sm4125_firmwarewtr6955_firmwarepm640pqcn5021ipq8069qcn5152sd768g_firmwaresmb1351smb1357_firmwareipq6005aqt1000_firmwareqcn9100qpm8895_firmwareqpa4340qfe1035_firmwareqcm4290qca9882_firmwaresdr8150sdx20smb1395_firmwaremdm9215sd_455pmd9655wcd9341_firmwarewsa8810qtc410s_firmwareqat5568_firmwarewtr4905_firmwareqdm5679sd_8cwcn3680bipq6010_firmwarepm3003a_firmwareqca6696sm4350sd845_firmwaresmb1381_firmwareqpa2625qca9990_firmwareipq8071_firmwareqcn9074_firmwarepm8956pm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-617
Reachable Assertion
CVE-2021-1955
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.30% / 53.22%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 05:31
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in SAP case due to improper handling of connections when association is rejected in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaremdm9640_firmwaresa6150p_firmwareqca8337qca6431_firmwarewcd9360_firmwarewcn3950_firmwaresa8150p_firmwareqcs2290qca6595au_firmwaresa6155qca6335msm8917mdm8215sd_455_firmwarecsra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaremdm8615m_firmwaresd632sa415mwcn3998wcd9371_firmwarewcn3950sm4125sd720gmdm9628mdm9206_firmwareqsw8573_firmwarewcn3660bsd450_firmwaresd710_firmwaresd460_firmwareqca4020mdm9230_firmwaresm7315_firmwaremdm8215mqca6574au_firmwaremdm9630wcd9375_firmwarewcn3998_firmwaresa6155_firmwaremsm8909wapq8009w_firmwareqca6420apq8053_firmwarewcd9360sdx20mqca9367_firmwarewcn3999qcs6125sa8155_firmwaresd662_firmwaremdm9615mqca6430qcs405wcd9340sdm830_firmwaresd765gqualcomm215_firmwareqca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwaremdm9250_firmwarewcn3660_firmwarewcd9341qca6431qca6696_firmwarewcd9371sd870_firmwaresd750gmdm8215_firmwarewcn3910_firmwaresd_8cxsa8150pwsa8830_firmwaremdm9330_firmwaresd855_firmwaresd660sd865_5g_firmwarewcn3988sd660_firmwaresa8195p_firmwarewcn6750_firmwaresd450wcn3610mdm9640wcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwaresdm429wwcd9330msm8996au_firmwarecsr6030qca6564ausdx55m_firmwarewcn6856_firmwareqet4101_firmwaresd670_firmwareqca6574sd632_firmwarewcd9380qualcomm215mdm9230sd690_5g_firmwaresdx50m_firmwareqca9379_firmwaresdx24_firmwareqca6174qca6430_firmwarewcd9335_firmwaresd439_firmwarewcn3980qca6335_firmwareqsw8573qcs605wcd9340_firmwarewsa8815wcn6850wcn3910qca6584_firmwaremdm9650_firmwaresd_8c_firmwaremdm9215_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680sd835wcn3980_firmwaresd730wcd9330_firmwaresdx55mqca6421_firmwarewcn6740_firmwarear6003_firmwaremsm8953sd678_firmwareapq8064au_firmwarear8031_firmwarewcn3680_firmwarewcn6851_firmwareqcs603sd670sd_636_firmwareqca6564a_firmwareapq8009wqcm4290_firmwaresd480sd870wcn6855sd210_firmwaresa6145psdxr1ar8031apq8096auqca6595_firmwareqcs405_firmwaresa8145psdm630_firmwareqca6391_firmwarewcd9370_firmwaresd780g_firmwaresdx55sd888_firmwareapq8053sa8155pcsra6640sd675sd439qet4101wcn3660qca9379ar8035_firmwareqcm2290wcn3991_firmwaremdm9150_firmwarewsa8830sd678sa8145p_firmwareqcs2290_firmwarecsrb31024mdm9628_firmwaremdm9650sd_636csra6620qcs4290mdm9250sd765g_firmwareqca6420_firmwareqca6390_firmwareapq8009_firmwaresd690_5gqca6174_firmwaresd730_firmwaremdm9310_firmwarewcd9370sd675_firmwareqca6564qca6426qca6584au_firmwarewcn3990_firmwareqca9377sdw2500_firmwaresd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwaremdm9615m_firmwarewcn3615_firmwaresd662sa8155qca6584wcn3680b_firmwaresdx55_firmwarewcn3615qca6595auwcn3999_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwareqca6564au_firmwareqca6584ausd778gsa6155p_firmwareqca6310sa515m_firmwaresd429sdxr2_5gqca9367sdm630mdm9607_firmwaresa415m_firmwarewcn3988_firmwaresd205sd429_firmwareqca6421sd778g_firmwaresa6145p_firmwaresm6250sa8195papq8017_firmwarewsa8810_firmwaresd765_firmwarewcd9326wcd9335qca6174a_firmwareqcs4290_firmwarewcd9385mdm8615mqca6390wcd9375sd750g_firmwareaqt1000ar8035apq8064ausm6250_firmwaremsm8953_firmwaresda429wmsm8917_firmwaresd210wcn3620_firmwaresdx20_firmwarewsa8815_firmwaresd888_5g_firmwarewcn6850_firmwarewsa8835_firmwarewcn3620apq8017ar6003csr6030_firmwareqca6564amdm9630_firmwareqcm6125_firmwareqcm2290_firmwarewcn3990sd_675sd780gsd865_5gqca6595sdx24sd888msm8909w_firmwarewsa8835msm8996ausdm429w_firmwaresd665_firmwaresd888_5gqca6574amdm9206wcn6855_firmwareqca6174asm7325pqca6310_firmwarewcn6750mdm9615sa515mqca6574_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665qca6175asd765qca6574a_firmwaresd768g_firmwaresm7315apq8009sd460qca6391sdxr1_firmwaremdm9310aqt1000_firmwaremdm9626qcm4290csrb31024_firmwaresdx50msdx20sd480_firmwaremdm9215sd_455mdm9626_firmwareqca6574ausd710mdm8215m_firmwaremdm9607sa8155p_firmwaresd205_firmwarewcd9341_firmwaresdx20m_firmwareqcm6125wsa8810mdm9150wcn6856sd_8cwcn3680bsd835_firmwareqca6564_firmwaresd768gwcn6740qca6696sd845_firmwaresdw2500sa6150papq8096au_firmwaresd845mdm9615_firmwaresm7250psdm830sd720g_firmwaremdm9330qca6175a_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-617
Reachable Assertion
CVE-2017-17432
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.23% / 78.38%
||
7 Day CHG~0.00%
Published-06 Dec, 2017 | 00:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OpenAFS 1.x before 1.6.22 does not properly validate Rx ack packets, which allows remote attackers to cause a denial of service (system crash or application crash) via crafted fields, as demonstrated by an integer underflow and assertion failure for a small MTU value.

Action-Not Available
Vendor-openafsn/aDebian GNU/Linux
Product-debian_linuxopenafsn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2019-18844
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.54% / 66.54%
||
7 Day CHG~0.00%
Published-13 Nov, 2019 | 19:12
Updated-05 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Device Model in ACRN before 2019w25.5-140000p relies on assert calls in devicemodel/hw/pci/core.c and devicemodel/include/pci_core.h (instead of other mechanisms for propagating error information or diagnostic information), which might allow attackers to cause a denial of service (assertion failure) within pci core. This is fixed in 1.2. 6199e653418e is a mitigation for pre-1.1 versions, whereas 2b3dedfb9ba1 is a mitigation for 1.1.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-acrnn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2022-24777
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.32% / 54.19%
||
7 Day CHG~0.00%
Published-25 Mar, 2022 | 16:35
Updated-23 Apr, 2025 | 18:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Denial of Service via reachable assertion in grpc-swift

grpc-swift is the Swift language implementation of gRPC, a remote procedure call (RPC) framework. Prior to version 1.7.2, a grpc-swift server is vulnerable to a denial of service attack via a reachable assertion. This is due to incorrect logic when handling GOAWAY frames. The attack is low-effort: it takes very little resources to construct and send the required sequence of frames. The impact on availability is high as the server will crash, dropping all in flight connections and requests. This issue is fixed in version 1.7.2. There are currently no known workarounds.

Action-Not Available
Vendor-grpcThe Linux Foundation
Product-grpc_swiftgrpc-swift
CWE ID-CWE-617
Reachable Assertion
CVE-2025-9405
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.05% / 13.63%
||
7 Day CHG~0.00%
Published-25 Aug, 2025 | 03:02
Updated-25 Aug, 2025 | 20:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Open5GS gmm-sm.c gmm_state_exception assertion

A security flaw has been discovered in Open5GS up to 2.7.5. The impacted element is the function gmm_state_exception of the file src/amf/gmm-sm.c. The manipulation results in reachable assertion. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited. The patch is identified as 8e5fed16114f2f5e40bee1b161914b592b2b7b8f. Applying a patch is advised to resolve this issue.

Action-Not Available
Vendor-n/a
Product-Open5GS
CWE ID-CWE-617
Reachable Assertion
CVE-2025-5520
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.31% / 53.33%
||
7 Day CHG~0.00%
Published-03 Jun, 2025 | 18:00
Updated-09 Jun, 2025 | 15:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Open5GS AMF/MME emm_state_authentication assertion

A vulnerability was found in Open5GS up to 2.7.3. It has been classified as problematic. Affected is the function gmm_state_authentication/emm_state_authentication of the component AMF/MME. The manipulation leads to reachable assertion. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 9f5d133657850e6167231527514ee1364d37a884. It is recommended to apply a patch to fix this issue. This is a different issue than CVE-2025-1893.

Action-Not Available
Vendor-open5gsn/a
Product-open5gsOpen5GS
CWE ID-CWE-617
Reachable Assertion
CVE-2025-5501
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.14% / 34.96%
||
7 Day CHG~0.00%
Published-03 Jun, 2025 | 14:00
Updated-13 Jun, 2025 | 19:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Open5GS NGAP PathSwitchRequest Message ngap-handler.c ngap_handle_path_switch_request_transfer assertion

A vulnerability classified as problematic was found in Open5GS up to 2.7.3. Affected by this vulnerability is the function ngap_handle_path_switch_request_transfer of the file src/smf/ngap-handler.c of the component NGAP PathSwitchRequest Message Handler. The manipulation leads to reachable assertion. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The patch is named 2daa44adab762c47a8cef69cc984946973a845b3. It is recommended to apply a patch to fix this issue.

Action-Not Available
Vendor-open5gsn/a
Product-open5gsOpen5GS
CWE ID-CWE-617
Reachable Assertion
CVE-2020-36222
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-36.77% / 97.02%
||
7 Day CHG-9.77%
Published-25 Jan, 2021 | 09:44
Updated-04 Aug, 2024 | 17:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service.

Action-Not Available
Vendor-openldapn/aDebian GNU/LinuxApple Inc.
Product-openldapdebian_linuxmacosmac_os_xn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2020-36230
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.35% / 84.27%
||
7 Day CHG+1.59%
Published-25 Jan, 2021 | 09:43
Updated-04 Aug, 2024 | 17:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service.

Action-Not Available
Vendor-openldapn/aThe Apache Software FoundationApple Inc.Debian GNU/Linux
Product-debian_linuxbookkeepermac_os_xopenldapmacosn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2020-36382
Matching Score-4
Assigner-OpenVPN Inc.
ShareView Details
Matching Score-4
Assigner-OpenVPN Inc.
CVSS Score-7.5||HIGH
EPSS-1.29% / 78.84%
||
7 Day CHG~0.00%
Published-04 Jun, 2021 | 10:47
Updated-04 Aug, 2024 | 17:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OpenVPN Access Server 2.7.3 to 2.8.7 allows remote attackers to trigger an assert during the user authentication phase via incorrect authentication token data in an early phase of the user authentication resulting in a denial of service.

Action-Not Available
Vendor-openvpnn/a
Product-openvpn_access_serverOpenVPN Access Server
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CWE ID-CWE-617
Reachable Assertion
CVE-2020-27638
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.11% / 77.21%
||
7 Day CHG~0.00%
Published-22 Oct, 2020 | 12:27
Updated-04 Aug, 2024 | 16:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

receive.c in fastd before v21 allows denial of service (assertion failure) when receiving packets with an invalid type code.

Action-Not Available
Vendor-fastd_projectn/aDebian GNU/LinuxFedora Project
Product-fastddebian_linuxfedoran/a
CWE ID-CWE-617
Reachable Assertion
CVE-2020-25710
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-7.00% / 91.08%
||
7 Day CHG~0.00%
Published-28 May, 2021 | 10:20
Updated-04 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23(). The highest threat from this vulnerability is to system availability.

Action-Not Available
Vendor-openldapn/aDebian GNU/LinuxRed Hat, Inc.Fedora Project
Product-debian_linuxjboss_enterprise_web_serverfedoraenterprise_linuxopenldapjboss_enterprise_application_platformjboss_core_servicesopenldap
CWE ID-CWE-617
Reachable Assertion
CVE-2020-25709
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-12.34% / 93.62%
||
7 Day CHG~0.00%
Published-18 May, 2021 | 11:51
Updated-04 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP’s slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability.

Action-Not Available
Vendor-openldapn/aDebian GNU/LinuxRed Hat, Inc.Apple Inc.
Product-debian_linuxmac_os_xopenldapmacosjboss_core_servicesOpenLDAP
CWE ID-CWE-617
Reachable Assertion
CVE-2019-6468
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-5.3||MEDIUM
EPSS-1.06% / 76.71%
||
7 Day CHG~0.00%
Published-09 Oct, 2019 | 14:17
Updated-16 Sep, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BIND Supported Preview Edition can exit with an assertion failure if nxdomain-redirect is used

In BIND Supported Preview Edition, an error in the nxdomain-redirect feature can occur in versions which support EDNS Client Subnet (ECS) features. In those versions which have ECS support, enabling nxdomain-redirect is likely to lead to BIND exiting due to assertion failure. Versions affected: BIND Supported Preview Edition version 9.10.5-S1 -> 9.11.5-S5. ONLY BIND Supported Preview Edition releases are affected.

Action-Not Available
Vendor-Internet Systems Consortium, Inc.
Product-bindBIND 9 Supported Preview Edition
CWE ID-CWE-617
Reachable Assertion
CVE-2019-6476
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-5.9||MEDIUM
EPSS-1.35% / 79.33%
||
7 Day CHG~0.00%
Published-17 Oct, 2019 | 19:17
Updated-16 Sep, 2024 | 16:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
An error in QNAME minimization code can cause BIND to exit with an assertion failure

A defect in code added to support QNAME minimization can cause named to exit with an assertion failure if a forwarder returns a referral rather than resolving the query. This affects BIND versions 9.14.0 up to 9.14.6, and 9.15.0 up to 9.15.4.

Action-Not Available
Vendor-Internet Systems Consortium, Inc.
Product-bindBIND 9
CWE ID-CWE-617
Reachable Assertion
CVE-2019-25041
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.18% / 39.56%
||
7 Day CHG~0.00%
Published-27 Apr, 2021 | 05:16
Updated-05 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unbound before 1.9.5 allows an assertion failure via a compressed name in dname_pkt_copy. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited

Action-Not Available
Vendor-nlnetlabsn/aDebian GNU/Linux
Product-unbounddebian_linuxn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2019-25036
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.93% / 75.13%
||
7 Day CHG~0.00%
Published-27 Apr, 2021 | 05:17
Updated-05 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unbound before 1.9.5 allows an assertion failure and denial of service in synth_cname. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited

Action-Not Available
Vendor-nlnetlabsn/aDebian GNU/Linux
Product-unbounddebian_linuxn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2019-25037
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.18% / 39.56%
||
7 Day CHG~0.00%
Published-27 Apr, 2021 | 05:17
Updated-19 Nov, 2024 | 14:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unbound before 1.9.5 allows an assertion failure and denial of service in dname_pkt_copy via an invalid packet. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited

Action-Not Available
Vendor-nlnetlabsn/aDebian GNU/Linux
Product-unbounddebian_linuxn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2022-32082
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.11% / 29.35%
||
7 Day CHG~0.00%
Published-01 Jul, 2022 | 00:00
Updated-03 Aug, 2024 | 07:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MariaDB v10.5 to v10.7 was discovered to contain an assertion failure at table->get_ref_count() == 0 in dict0dict.cc.

Action-Not Available
Vendor-n/aMariaDB FoundationFedora Project
Product-mariadbfedoran/a
CWE ID-CWE-617
Reachable Assertion
CVE-2019-15892
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-5.55% / 89.91%
||
7 Day CHG~0.00%
Published-03 Sep, 2019 | 20:56
Updated-05 Aug, 2024 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Varnish Cache before 6.0.4 LTS, and 6.1.x and 6.2.x before 6.2.1. An HTTP/1 parsing failure allows a remote attacker to trigger an assert by sending crafted HTTP/1 requests. The assert will cause an automatic restart with a clean cache, which makes it a Denial of Service attack.

Action-Not Available
Vendor-varnish_cache_projectvarnish-softwaren/aDebian GNU/Linux
Product-varnish_cachedebian_linuxn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2022-29339
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.26% / 49.10%
||
7 Day CHG~0.00%
Published-05 May, 2022 | 12:44
Updated-03 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In GPAC 2.1-DEV-rev87-g053aae8-master, function BS_ReadByte() in utils/bitstream.c has a failed assertion, which causes a Denial of Service. This vulnerability was fixed in commit 9ea93a2.

Action-Not Available
Vendor-n/aGPAC
Product-gpacn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2019-12312
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.54% / 66.69%
||
7 Day CHG~0.00%
Published-24 May, 2019 | 13:06
Updated-04 Aug, 2024 | 23:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Libreswan 3.27 an assertion failure can lead to a pluto IKE daemon restart. An attacker can trigger a NULL pointer dereference by initiating an IKEv2 IKE_SA_INIT exchange, followed by a bogus INFORMATIONAL exchange instead of the normallly expected IKE_AUTH exchange. This affects send_v2N_spi_response_from_state() in programs/pluto/ikev2_send.c that will then trigger a NULL pointer dereference leading to a restart of libreswan.

Action-Not Available
Vendor-libreswann/a
Product-libreswann/a
CWE ID-CWE-617
Reachable Assertion
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2019-10894
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-7.52% / 91.42%
||
7 Day CHG~0.00%
Published-09 Apr, 2019 | 03:50
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This was addressed in epan/dissectors/packet-gssapi.c by ensuring that a valid dissector is called.

Action-Not Available
Vendor-n/aWireshark FoundationDebian GNU/LinuxCanonical Ltd.Fedora ProjectopenSUSE
Product-ubuntu_linuxdebian_linuxfedorawiresharkleapn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2019-10055
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.31% / 53.40%
||
7 Day CHG~0.00%
Published-28 Aug, 2019 | 20:13
Updated-04 Aug, 2024 | 22:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Suricata 4.1.3. The function ftp_pasv_response lacks a check for the length of part1 and part2, leading to a crash within the ftp/mod.rs file.

Action-Not Available
Vendor-suricata-idsn/a
Product-suricatan/a
CWE ID-CWE-617
Reachable Assertion
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-1010173
Matching Score-4
Assigner-7556d962-6fb7-411e-85fa-6cd62f095ba8
ShareView Details
Matching Score-4
Assigner-7556d962-6fb7-411e-85fa-6cd62f095ba8
CVSS Score-7.5||HIGH
EPSS-0.46% / 63.00%
||
7 Day CHG~0.00%
Published-23 Jul, 2019 | 14:00
Updated-05 Aug, 2024 | 03:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Jsish 2.4.84 2.0484 is affected by: Reachable Assertion. The impact is: denial of service. The component is: function Jsi_ValueArrayIndex (jsiValue.c:366). The attack vector is: executing crafted javascript code. The fixed version is: after commit 738ead193aff380a7e3d7ffb8e11e446f76867f3.

Action-Not Available
Vendor-jsishJsish
Product-jsishJsi
CWE ID-CWE-617
Reachable Assertion
CVE-2019-0003
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-7.5||HIGH
EPSS-1.72% / 81.64%
||
7 Day CHG~0.00%
Published-15 Jan, 2019 | 21:00
Updated-17 Sep, 2024 | 00:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Junos OS: A flowspec BGP update with a specific term-order causes routing protocol daemon (rpd) process to crash with a core.

When a specific BGP flowspec configuration is enabled and upon receipt of a specific matching BGP packet meeting a specific term in the flowspec configuration, a reachable assertion failure occurs, causing the routing protocol daemon (rpd) process to crash with a core file being generated. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D77 on SRX Series; 12.3 versions prior to 12.3R12-S10; 12.3X48 versions prior to 12.3X48-D70 on SRX Series; 14.1X53 versions prior to 14.1X53-D47 on EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100; 15.1 versions prior to 15.1R3; 15.1F versions prior to 15.1F3; 15.1X49 versions prior to 15.1X49-D140 on SRX Series; 15.1X53 versions prior to 15.1X53-D59 on EX2300/EX3400.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-ex3300\/vcsrx345srx5800srx110srx220ex6200ex3400srx5400srx100srx3400srx300srx550junosex4550\/vcsrx210ex3200srx1500qfx3500srx4200ex4200srx340srx4100srx240srx3600qfx5100ex4300ex2300srx1400ex2200\/vcex4600srx320srx5600srx650ex8200\/vc_\(xre\)qfx3600Junos OS
CWE ID-CWE-617
Reachable Assertion
CVE-2018-7712
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.41% / 60.48%
||
7 Day CHG~0.00%
Published-05 Mar, 2018 | 23:00
Updated-05 Aug, 2024 | 07:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service (assertion failure) because (size.height <= (1<<20)) may be false. Note: “OpenCV CV_Assert is not an assertion (C-like assert()), it is regular C++ exception which can raised in case of invalid or non-supported parameters.

Action-Not Available
Vendor-opencvn/aopencv
Product-opencvn/aopencv
CWE ID-CWE-617
Reachable Assertion
CVE-2018-7713
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.41% / 60.48%
||
7 Day CHG~0.00%
Published-05 Mar, 2018 | 23:00
Updated-05 Aug, 2024 | 07:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service (assertion failure) because (size.width <= (1<<20)) may be false. Note: “OpenCV CV_Assert is not an assertion (C-like assert()), it is regular C++ exception which can raised in case of invalid or non-supported parameters.

Action-Not Available
Vendor-opencvn/a
Product-opencvn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2018-7714
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.41% / 60.48%
||
7 Day CHG~0.00%
Published-05 Mar, 2018 | 23:00
Updated-05 Aug, 2024 | 07:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service (assertion failure) because (pixels <= (1<<30)) may be false. Note: “OpenCV CV_Assert is not an assertion (C-like assert()), it is regular C++ exception which can raised in case of invalid or non-supported parameters.

Action-Not Available
Vendor-opencvn/a
Product-opencvn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2018-5737
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-5.9||MEDIUM
EPSS-1.26% / 78.54%
||
7 Day CHG~0.00%
Published-16 Jan, 2019 | 20:00
Updated-16 Sep, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BIND 9.12's serve-stale implementation can cause an assertion failure in rbtdb.c or other undesirable behavior, even if serve-stale is not enabled.

A problem with the implementation of the new serve-stale feature in BIND 9.12 can lead to an assertion failure in rbtdb.c, even when stale-answer-enable is off. Additionally, problematic interaction between the serve-stale feature and NSEC aggressive negative caching can in some cases cause undesirable behavior from named, such as a recursion loop or excessive logging. Deliberate exploitation of this condition could cause operational problems depending on the particular manifestation -- either degradation or denial of service. Affects BIND 9.12.0 and 9.12.1.

Action-Not Available
Vendor-NetApp, Inc.Internet Systems Consortium, Inc.
Product-cloud_backupbinddata_ontap_edgeBIND 9
CWE ID-CWE-617
Reachable Assertion
CVE-2018-5734
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-7.5||HIGH
EPSS-8.70% / 92.11%
||
7 Day CHG~0.00%
Published-16 Jan, 2019 | 20:00
Updated-17 Sep, 2024 | 02:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
A malformed request can trigger an assertion failure in badcache.c

While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode instead of a FORMERR rcode. If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcache.c when the request doesn't contain all of the expected information. Affects BIND 9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, 9.10.6-S2.

Action-Not Available
Vendor-NetApp, Inc.Internet Systems Consortium, Inc.
Product-solidfire_element_os_management_nodebinddata_ontap_edgeBIND 9
CWE ID-CWE-617
Reachable Assertion
CVE-2018-5740
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-7.5||HIGH
EPSS-58.05% / 98.10%
||
7 Day CHG~0.00%
Published-16 Jan, 2019 | 20:00
Updated-16 Sep, 2024 | 17:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
A flaw in the "deny-answer-aliases" feature can cause an assertion failure in named

"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2.

Action-Not Available
Vendor-Canonical Ltd.Debian GNU/LinuxopenSUSEHP Inc.Internet Systems Consortium, Inc.NetApp, Inc.Red Hat, Inc.
Product-enterprise_linux_serverubuntu_linuxdebian_linuxenterprise_linux_server_eusenterprise_linux_server_ausenterprise_linux_workstationdata_ontap_edgehp-uxbindenterprise_linux_desktopleapBIND 9
CWE ID-CWE-617
Reachable Assertion
CVE-2018-5735
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-7.5||HIGH
EPSS-0.64% / 69.48%
||
7 Day CHG~0.00%
Published-30 Oct, 2019 | 13:42
Updated-16 Sep, 2024 | 17:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Backport of the fix for CVE-2017-3137 leads to assertion failure in validator.c:1858

The Debian backport of the fix for CVE-2017-3137 leads to assertion failure in validator.c:1858; Affects Debian versions 9.9.5.dfsg-9+deb8u15; 9.9.5.dfsg-9+deb8u18; 9.10.3.dfsg.P4-12.3+deb9u5; 9.11.5.P4+dfsg-5.1 No ISC releases are affected. Other packages from other distributions who did similar backports for the fix for 2017-3137 may also be affected.

Action-Not Available
Vendor-Debian GNU/Linux
Product-debian_linuxBIND9
CWE ID-CWE-617
Reachable Assertion
CVE-2018-17231
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.33% / 55.62%
||
7 Day CHG~0.00%
Published-19 Sep, 2018 | 22:00
Updated-16 Sep, 2024 | 19:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Telegram Desktop (aka tdesktop) 1.3.14 might allow attackers to cause a denial of service (assertion failure and application exit) via an "Edit color palette" search that triggers an "index out of range" condition. NOTE: this issue is disputed by multiple third parties because the described attack scenario does not cross a privilege boundary

Action-Not Available
Vendor-telegramn/a
Product-telegram_desktopn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2018-15822
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.85% / 82.25%
||
7 Day CHG~0.00%
Published-23 Aug, 2018 | 22:00
Updated-05 Aug, 2024 | 10:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The flv_write_packet function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an empty audio packet, leading to an assertion failure.

Action-Not Available
Vendor-n/aCanonical Ltd.Debian GNU/LinuxFFmpeg
Product-ubuntu_linuxffmpegdebian_linuxn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2018-14045
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.21% / 43.05%
||
7 Day CHG~0.00%
Published-13 Jul, 2018 | 15:00
Updated-17 Sep, 2024 | 02:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The FIRFilter::evaluateFilterMulti function in FIRFilter.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch.

Action-Not Available
Vendor-surinan/a
Product-soundtouchn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2018-14044
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.70% / 71.08%
||
7 Day CHG~0.00%
Published-13 Jul, 2018 | 15:00
Updated-16 Sep, 2024 | 19:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The RateTransposer::setChannels function in RateTransposer.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch.

Action-Not Available
Vendor-surinan/a
Product-soundtouchn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2018-12543
Matching Score-4
Assigner-Eclipse Foundation
ShareView Details
Matching Score-4
Assigner-Eclipse Foundation
CVSS Score-7.5||HIGH
EPSS-2.46% / 84.60%
||
7 Day CHG~0.00%
Published-15 Nov, 2018 | 15:00
Updated-05 Aug, 2024 | 08:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Eclipse Mosquitto versions 1.5 to 1.5.2 inclusive, if a message is published to Mosquitto that has a topic starting with $, but that is not $SYS, e.g. $test/test, then an assert is triggered that should otherwise not be reachable and Mosquitto will exit.

Action-Not Available
Vendor-Eclipse Foundation AISBL
Product-mosquittoEclipse Mosquitto
CWE ID-CWE-617
Reachable Assertion
CWE ID-CWE-20
Improper Input Validation
CVE-2018-12504
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.33% / 55.62%
||
7 Day CHG~0.00%
Published-16 Jun, 2018 | 15:00
Updated-16 Sep, 2024 | 18:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

tinyexr 0.9.5 has an assertion failure in ComputeChannelLayout in tinyexr.h.

Action-Not Available
Vendor-tinyexr_projectn/a
Product-tinyexrn/a
CWE ID-CWE-617
Reachable Assertion
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found