Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-27498

Summary
Assigner-icscert
Assigner Org ID-7d14cffa-0d7d-4270-9dc0-52cabd5a23a6
Published At-12 May, 2022 | 19:18
Updated At-16 Apr, 2025 | 16:22
Rejected At-
Credits

EIPStackGroup OpENer Ethernet/IP Reachable Assertion

A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and versions prior to Feb 10, 2021 may result in a denial-of-service condition.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:icscert
Assigner Org ID:7d14cffa-0d7d-4270-9dc0-52cabd5a23a6
Published At:12 May, 2022 | 19:18
Updated At:16 Apr, 2025 | 16:22
Rejected At:
▼CVE Numbering Authority (CNA)
EIPStackGroup OpENer Ethernet/IP Reachable Assertion

A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and versions prior to Feb 10, 2021 may result in a denial-of-service condition.

Affected Products
Vendor
EIPStackGroup
Product
OpENer EtherNet/IP
Versions
Affected
  • From unspecified before Feb 10, 2021 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-617CWE-617: Reachable Assertion
Type: CWE
CWE ID: CWE-617
Description: CWE-617: Reachable Assertion
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

The maintainer of OpENer recommends those affected to apply the latest commits available.

Configurations
Workarounds
Exploits
Credits
Tal Keren and Sharon Brizinov of Claroty reported these vulnerabilities to CISA.
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.cisa.gov/uscert/ics/advisories/icsa-21-105-02
x_refsource_CONFIRM
https://github.com/EIPStackGroup/OpENer
x_refsource_CONFIRM
Hyperlink: https://www.cisa.gov/uscert/ics/advisories/icsa-21-105-02
Resource:
x_refsource_CONFIRM
Hyperlink: https://github.com/EIPStackGroup/OpENer
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.cisa.gov/uscert/ics/advisories/icsa-21-105-02
x_refsource_CONFIRM
x_transferred
https://github.com/EIPStackGroup/OpENer
x_refsource_CONFIRM
x_transferred
Hyperlink: https://www.cisa.gov/uscert/ics/advisories/icsa-21-105-02
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://github.com/EIPStackGroup/OpENer
Resource:
x_refsource_CONFIRM
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:ics-cert@hq.dhs.gov
Published At:12 May, 2022 | 20:15
Updated At:23 May, 2022 | 15:15

A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and versions prior to Feb 10, 2021 may result in a denial-of-service condition.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Secondary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
opener_project
opener_project
>>opener>>Versions up to 2.3(inclusive)
cpe:2.3:a:opener_project:opener:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-617Primaryics-cert@hq.dhs.gov
CWE ID: CWE-617
Type: Primary
Source: ics-cert@hq.dhs.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/EIPStackGroup/OpENerics-cert@hq.dhs.gov
Third Party Advisory
https://www.cisa.gov/uscert/ics/advisories/icsa-21-105-02ics-cert@hq.dhs.gov
Third Party Advisory
US Government Resource
Hyperlink: https://github.com/EIPStackGroup/OpENer
Source: ics-cert@hq.dhs.gov
Resource:
Third Party Advisory
Hyperlink: https://www.cisa.gov/uscert/ics/advisories/icsa-21-105-02
Source: ics-cert@hq.dhs.gov
Resource:
Third Party Advisory
US Government Resource

Change History

0
Information is not available yet

Similar CVEs

285Records found
CVE-2023-23759
Matching Score-4
Assigner-Meta Platforms, Inc.
ShareView Details
Matching Score-4
Assigner-Meta Platforms, Inc.
CVSS Score-7.5||HIGH
EPSS-0.21% / 43.45%
||
7 Day CHG~0.00%
Published-18 May, 2023 | 21:21
Updated-21 Jan, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a vulnerability in the fizz library prior to v2023.01.30.00 where a CHECK failure can be triggered remotely. This behavior requires the client supported cipher advertisement changing between the original ClientHello and the second ClientHello, crashing the process (impact is limited to denial of service).

Action-Not Available
Vendor-Facebook
Product-fizzfizz
CWE ID-CWE-617
Reachable Assertion
CVE-2021-30273
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.26% / 49.07%
||
7 Day CHG~0.00%
Published-03 Jan, 2022 | 07:25
Updated-03 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible assertion due to improper handling of IPV6 packet with invalid length in destination options header in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwaresd678mdm9640_firmwaresa6150p_firmwaresa8145p_firmwareqcs610sm6250p_firmwarecsrb31024mdm9628_firmwaremdm9650wcn3950_firmwaremdm9250sa8150p_firmwareqca6595au_firmwaresd730_firmwarewcd9370sd_675_firmwaresd675_firmwareqca6584au_firmwarewcn3990_firmwareqca9377sa415msdw2500_firmwaresd_8cx_firmwarewcn3950mdm9628sd720gmdm9206_firmwareqsw8573_firmwarewcn3660bqca6584qca6574au_firmwareqca6595auwcd9375_firmwaremsm8909wapq8009w_firmwarewcn3610_firmwaremdm9207qca6564au_firmwareqca6584ausa6155p_firmwareqca9367_firmwarewcd9306mdm8207sd429qca9367qca4004_firmwaremdm9607_firmwaresa415m_firmwarewcn3988_firmwaresa6145p_firmwaresd205sd429_firmwaresm6250wcd9306_firmwarewcd9340sa8195pwcd9335sa6155pqca6174a_firmwaremdm9250_firmwareqca6696_firmwarewcd9375sd_8cxsa8150psm6250_firmwaremdm9207_firmwareqca4004sda429wsd210wcn3620_firmwaresdx20_firmwarewcn3988wcn3620sa8195p_firmwareqca6564aar6003wcn3610mdm9640wcn3991sda429w_firmwarewcd9380_firmwarewcn3990sd_675sdm429wmsm8996au_firmwarewcd9330qca6564ausdx24qet4101_firmwaremsm8909w_firmwareqca6574msm8996ausdm429w_firmwaresd665_firmwarewcd9380sm6250pqcs410qca6574amdm9206qca6174asdx24_firmwarewcd9335_firmwarewcn3980mdm9615qsw8573mdm9205qca6574_firmwarewcd9340_firmwaresd665qca6584_firmwaremdm9650_firmwaremdm9215_firmwarewcn3660b_firmwareqca6574a_firmwarewcn3980_firmwaresd730wcd9330_firmwarear6003_firmwaresd678_firmwarecsrb31024_firmwaresdx20mdm9215qca6574ausa8155p_firmwaremdm9607sd205_firmwareqca6564a_firmwareapq8009wsd210_firmwareqcs610_firmwaresa6145papq8096ausa8145pmdm8207_firmwareqca6696mdm9205_firmwarewcd9370_firmwaresa6150psdw2500apq8096au_firmwaresa8155psd675mdm9615_firmwareqet4101sd720g_firmwareqcs410_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
CWE ID-CWE-617
Reachable Assertion
CVE-2021-30340
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.23% / 45.46%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 10:10
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Reachable assertion due to improper validation of coreset in PDCCH configuration in SA mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwaresm6375wcn3991wsa8830qca8337_firmwarewcd9380_firmwaresd780gqca8337sd865_5gsdx55m_firmwarewcn6856_firmwarewcd9360_firmwaresdx65wsa8835qcx315_firmwarewcd9380sd765g_firmwaresd888_5gqca6595au_firmwareqca6390_firmwaresd690_5gwcd9370qca6574asd690_5g_firmwarewcn6855_firmwaresm7325pqca6426wcn6750wcn3998wcd9385_firmwaresdxr2_5g_firmwaresa515msd_8_gen1_5g_firmwaresm6375_firmwarewsa8815sm7325p_firmwarewcn6850sd765qca6426_firmwareqca6574a_firmwareqca6574au_firmwaresdx55_firmwaresd768g_firmwarewcd9375_firmwareqca6595auqca8081_firmwarewcn3998_firmwaresm7250p_firmwareqca6391sdx55mwcd9360qca6436_firmwarewcn6740_firmwaresd778gsdx65_firmwaresa515m_firmwareqcs6490qcm6490_firmwaresdxr2_5gsd480_firmwarewcn6851_firmwarewcn3988_firmwareqca6574ausd778g_firmwarewsa8810_firmwaresd765gwcd9341_firmwaresd480sd765_firmwaresd870qca6436wcn6851wsa8810wcn6855qca8081wcn6856wcd9385wcd9341sd768gqca6696_firmwareqcs6490_firmwaresd750gsd870_firmwarewcn6740qca6696qca6391_firmwareqca6390ar8035sd750g_firmwarewcd9375sd780g_firmwarewcd9370_firmwaresdx55wsa8830_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresm7250pqcx315sm8475wcn6750_firmwarear8035_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-617
Reachable Assertion
CVE-2020-36562
Matching Score-4
Assigner-Go Project
ShareView Details
Matching Score-4
Assigner-Go Project
CVSS Score-7.5||HIGH
EPSS-0.19% / 40.77%
||
7 Day CHG~0.00%
Published-27 Dec, 2022 | 21:13
Updated-11 Apr, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Uncontrolled Resource Consumption in github.com/shiyanhui/dht

Due to unchecked type assertions, maliciously crafted messages can cause panics, which may be used as a denial of service vector.

Action-Not Available
Vendor-dht_projectgithub.com/shiyanhui/dht
Product-dhtgithub.com/shiyanhui/dht
CWE ID-CWE-617
Reachable Assertion
CVE-2023-21653
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.09% / 25.84%
||
7 Day CHG~0.00%
Published-05 Sep, 2023 | 06:23
Updated-02 Aug, 2024 | 09:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reachable Assertion in Modem

Transient DOS in Modem while processing RRC reconfiguration message.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn6855_firmwareqca8337_firmwarewcd9380_firmwaresdx65_firmwareqca8337sdx70m_firmwareqcn6024_firmwarear8035wcn6856_firmwarear8035_firmwaresdx65qcn6024sdx70mqcn9024_firmwarewcd9380qcn9024wcn6855qca8081_firmwareqca8081wcn6856Snapdragonwcn6855_firmwareqca8337_firmwarewcd9380_firmwaresdx65_firmwareqcn9024_firmwaresdx70m_firmwareqca8081_firmwareqcn6024_firmwarewcn6856_firmwarear8035_firmware
CWE ID-CWE-617
Reachable Assertion
CVE-2023-21646
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.09% / 25.84%
||
7 Day CHG~0.00%
Published-05 Sep, 2023 | 06:23
Updated-02 Aug, 2024 | 09:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reachable Assertion in Modem

Transient DOS in Modem while processing invalid System Information Block 1.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewcn3991wsa8830qca8337_firmwarewcd9380_firmwaresd780gqca8337sd865_5gsdx55m_firmwarewcn6856_firmwarewcd9360_firmwaresdx65wsa8835qcx315_firmwarewcd9380sd765g_firmwaresd888_5gqca6595au_firmwareqca6390_firmwaresd690_5gwcd9370qca6574asd690_5g_firmwarewcn6855_firmwaresm7325psm8450wcn6750sm4375wcn3998wcd9385_firmwareqcn6024_firmwaresa515mwsa8815sm7325p_firmwarewcn6850sd765wcn7850qca6574a_firmwaresd695sd768g_firmwaresdx55_firmwareqcn9024qca6595auqca8081_firmwarewcd9375_firmwarewcn3998_firmwaresm7250p_firmwareqca6391sdx55mwcd9360wcn6740_firmwaresd778gsdx65_firmwaresa515m_firmwareqcs6490wcn7851qcm6490_firmwaresd480_firmwarewcn6851_firmwarewcn3988_firmwaresd778g_firmwareqcn9024_firmwarewsa8810_firmwaresd765gwcd9341_firmwaresm4375_firmwaresm8450_firmwaresd765_firmwaresd480sd870wcn6851wsa8810wcn6855qca8081wcn7851_firmwarewcn6856wcd9385wcd9341sd695_firmwaresd768gqca6696_firmwareqcs6490_firmwaresd870_firmwarewcn6740qca6696sdx70m_firmwareqca6391_firmwareqca6390ar8035wcd9375sd780g_firmwarewcd9370_firmwaresdx55wsa8830_firmwareqcn6024sdx70msd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewcn7850_firmwarewsa8815_firmwarewsa8835_firmwaresm7250pqcx315wcn6750_firmwarear8035_firmwareSnapdragonwcn6740_firmwarewcn3991_firmwareqca8337_firmwarewcd9380_firmwaresdx65_firmwaresa515m_firmwareqcm6490_firmwaresd480_firmwarewcn6851_firmwaresdx55m_firmwarewcn6856_firmwaresnapdragon_4_gen_1_firmwarewcd9360_firmwarewcn3988_firmwareqcx315_firmwaresd778g_firmwareqcn9024_firmwarewsa8810_firmwaresd765g_firmwarewcd9341_firmwareqca6595au_firmwaresd765_firmwareqca6390_firmwarewcn7851_firmwaresd690_5g_firmwarewcn6855_firmwaresd695_firmwareqca6696_firmwareqcs6490_firmwaresd870_firmwaresdx70m_firmwareqca6391_firmwarewcd9385_firmwareqcn6024_firmwaresd780g_firmwarewcd9370_firmwaresd_8_gen1_5g_firmwarewcn6750_firmwaresm7325p_firmwarewsa8830_firmwaresd865_5g_firmwarewsa8815_firmwaresd888_5g_firmwarewcn6850_firmwareqca6574a_firmwarewcn7850_firmwaresd768g_firmwaresdx55_firmwarewsa8835_firmwarewcd9375_firmwareqca8081_firmwarewcn3998_firmwaresm7250p_firmwarear8035_firmware
CWE ID-CWE-617
Reachable Assertion
CVE-2020-36230
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.75% / 72.22%
||
7 Day CHG~0.00%
Published-25 Jan, 2021 | 09:43
Updated-04 Aug, 2024 | 17:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service.

Action-Not Available
Vendor-openldapn/aThe Apache Software FoundationApple Inc.Debian GNU/Linux
Product-debian_linuxbookkeepermac_os_xopenldapmacosn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2018-17231
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.33% / 55.62%
||
7 Day CHG~0.00%
Published-19 Sep, 2018 | 22:00
Updated-16 Sep, 2024 | 19:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Telegram Desktop (aka tdesktop) 1.3.14 might allow attackers to cause a denial of service (assertion failure and application exit) via an "Edit color palette" search that triggers an "index out of range" condition. NOTE: this issue is disputed by multiple third parties because the described attack scenario does not cross a privilege boundary

Action-Not Available
Vendor-telegramn/a
Product-telegram_desktopn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2018-17205
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.77% / 72.56%
||
7 Day CHG~0.00%
Published-19 Sep, 2018 | 16:00
Updated-05 Aug, 2024 | 10:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting ofproto_rule_insert__ in ofproto/ofproto.c. During bundle commit, flows that are added in a bundle are applied to ofproto in order. If a flow cannot be added (e.g., the flow action is a go-to for a group id that does not exist), OvS tries to revert back all previous flows that were successfully applied from the same bundle. This is possible since OvS maintains list of old flows that were replaced by flows from the bundle. While reinserting old flows, OvS has an assertion failure due to a check on rule state != RULE_INITIALIZED. This would work for new flows, but for an old flow the rule state is RULE_REMOVED. The assertion failure causes an OvS crash.

Action-Not Available
Vendor-openvswitchn/aCanonical Ltd.Red Hat, Inc.
Product-openvswitchopenstackubuntu_linuxn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2020-36420
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.71% / 71.34%
||
7 Day CHG~0.00%
Published-14 Jul, 2021 | 23:23
Updated-04 Aug, 2024 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Polipo through 1.1.1, when NDEBUG is omitted, allows denial of service via a reachable assertion during parsing of a malformed Range header. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

Action-Not Available
Vendor-polipo_projectn/a
Product-polipon/a
CWE ID-CWE-617
Reachable Assertion
CVE-2024-53856
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.06% / 18.42%
||
7 Day CHG+0.01%
Published-05 Dec, 2024 | 15:24
Updated-09 Dec, 2024 | 20:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
rPGP Panics on Malformed Untrusted Input

rPGP is a pure Rust implementation of OpenPGP. Prior to 0.14.1, rPGP allows an attacker to trigger rpgp crashes by providing crafted data. This vulnerability is fixed in 0.14.1.

Action-Not Available
Vendor-rpgp
Product-rpgp
CWE ID-CWE-130
Improper Handling of Length Parameter Inconsistency
CWE ID-CWE-148
Improper Neutralization of Input Leaders
CWE ID-CWE-617
Reachable Assertion
CVE-2025-36512
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-7.5||HIGH
EPSS-0.05% / 16.59%
||
7 Day CHG~0.00%
Published-22 Jul, 2025 | 15:26
Updated-22 Aug, 2025 | 16:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability exists in the Bloomberg Comdb2 8.1 database when handling a distributed transaction heartbeat. A specially crafted protocol buffer message can lead to a denial of service. An attacker can simply connect to a database instance over TCP and send the crafted message to trigger this vulnerability.

Action-Not Available
Vendor-bloombergBloomberg
Product-comdb2Comdb2
CWE ID-CWE-617
Reachable Assertion
CVE-2020-8617
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-7.5||HIGH
EPSS-92.32% / 99.71%
||
7 Day CHG~0.00%
Published-19 May, 2020 | 14:05
Updated-16 Sep, 2024 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c

Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration does not otherwise make use of it, almost all current BIND servers are vulnerable. In releases of BIND dating from March 2018 and after, an assertion check in tsig.c detects this inconsistent state and deliberately exits. Prior to the introduction of the check the server would continue operating in an inconsistent state, with potentially harmful results.

Action-Not Available
Vendor-Debian GNU/LinuxCanonical Ltd.openSUSEFedora ProjectInternet Systems Consortium, Inc.
Product-ubuntu_linuxdebian_linuxfedorabindleapBIND9
CWE ID-CWE-617
Reachable Assertion
CVE-2022-47516
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.23% / 45.64%
||
7 Day CHG~0.00%
Published-18 Dec, 2022 | 00:00
Updated-17 Apr, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the libsofia-sip fork in drachtio-server before 0.8.20. It allows remote attackers to cause a denial of service (daemon crash) via a crafted UDP message that leads to a failure of the libsofia-sip-ua/tport/tport.c self assertion.

Action-Not Available
Vendor-drachtion/a
Product-drachtio-servern/a
CWE ID-CWE-617
Reachable Assertion
CVE-2024-23385
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.07% / 21.00%
||
7 Day CHG+0.01%
Published-04 Nov, 2024 | 10:04
Updated-07 Nov, 2024 | 20:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reachable Assertion in Modem

Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055snapdragon_8_gen_1_mobile_platformwsa8830qca8337fsm10056qfw7124sg8275p_firmwarewcd9360_firmwareqcn6224_firmwarefsm10055_firmwarewsa8840snapdragon_212_mobile_platformwcn3950_firmwarewcn6755_firmwareqca6595au_firmwaresnapdragon_x70_modem-rf_systemsnapdragon_480_5g_mobile_platformwcd9370snapdragon_480\+_5g_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwareqep8111_firmwareqca6584au_firmwaresnapdragon_8_gen_2_mobile_platformmsm8108wcd9385_firmwaremsm8108_firmwarewcn3950wcd9326_firmwareqcn6024_firmwarewcn3615_firmwarefastconnect_6200wcn3660bapq8037snapdragon_429_mobile_platform_firmwaresnapdragon_695_5g_mobile_platform_firmwarewcn3680b_firmwaresnapdragon_208_processor_firmwaresdx71m_firmwaresnapdragon_212_mobile_platform_firmwarewsa8845h_firmwarewcn3615wcd9375_firmwaresnapdragon_8_gen_3_mobile_platformsdx55_firmwaresnapdragon_425_mobile_platformwcn3610_firmwarewcd9360snapdragon_429_mobile_platformqfw7114qca8081_firmwareqca6584ausnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwaresnapdragon_x72_5g_modem-rf_systemsnapdragon_208_processorsnapdragon_x70_modem-rf_system_firmwarewsa8840_firmwaresnapdragon_439_mobile_platformqca6698aqqcs8550_firmwaresm8635wcn3988_firmwaresnapdragon_8\+_gen_1_mobile_platformwcd9340fastconnect_6700_firmwareapq8017_firmwarewsa8810_firmwareqcn6224wsa8845hwcn6755wcd9395_firmwarewcd9326snapdragon_x75_5g_modem-rf_systemsnapdragon_x62_5g_modem-rf_systemfsm10056_firmwareqca8081sdx71msnapdragon_x35_5g_modem-rf_systemsnapdragon_auto_5g_modem-rf_gen_2qcm4490qca6698aq_firmwaremsm8209_firmwareqca6174a_firmwarewcd9385snapdragon_auto_5g_modem-rf_gen_2_firmwareqca6696_firmwarear8035wcd9375snapdragon_210_processor_firmwaresnapdragon_430_mobile_platformwcd9390qcc710_firmwarewsa8830_firmwarewcn3620_firmwarewsa8815_firmwarewcn3988wsa8835_firmwarewcn3620apq8017snapdragon_8_gen_2_mobile_platform_firmwarewcn3610msm8608wcd9380_firmwareqca8337_firmwaresdm429wqcm8550ar8035_firmwarewsa8835sdm429w_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwarewcd9380qcn6274snapdragon_wear_4100\+_platform_firmwaresnapdragon_x72_5g_modem-rf_system_firmwarefastconnect_6700snapdragon_210_processorsnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_425_mobile_platform_firmwaresnapdragon_wear_4100\+_platformsm8635_firmwareqca6574asnapdragon_430_mobile_platform_firmwareqca6174asg8275pwcn3980sm6370_firmwareqfw7114_firmwarewsa8845wcd9340_firmwarewsa8815sdx57m_firmwarewsa8845_firmware205_mobile_platform_firmwaresnapdragon_4_gen_1_mobile_platformsnapdragon_439_mobile_platform_firmwarewcn3660b_firmwareqca6574a_firmwarefastconnect_6200_firmwaresnapdragon_x62_5g_modem-rf_system_firmwareqcn9024msm8209wcn3980_firmwarefastconnect_7800snapdragon_x35_5g_modem-rf_system_firmwaresmart_audio_200_platformqcm4490_firmwareqcn6274_firmwareqcs4490_firmwaresnapdragon_x65_5g_modem-rf_systemqca6574au_firmwarewsa8832_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900fastconnect_6900_firmwareqca6574ausmart_audio_200_platform_firmwareqcn9024_firmwaresdx57msnapdragon_8\+_gen_2_mobile_platformwsa8810fastconnect_7800_firmwarewsa8832snapdragon_8_gen_1_mobile_platform_firmwaresm8550psm6370wcn3680bsdx61qcc710qcs4490wcd9395205_mobile_platformqca6696qcs8550wcd9370_firmwaresm8550p_firmwaremsm8608_firmwaresdx55wcd9390_firmwaresnapdragon_8_gen_3_mobile_platform_firmwareqcn6024apq8037_firmwaresnapdragon_695_5g_mobile_platformsnapdragon_8\+_gen_1_mobile_platform_firmwareqca6595auqfw7124_firmwareqep8111sdx61_firmwaresnapdragon_480\+_5g_mobile_platformSnapdragonqca8337_firmwarewcd9380_firmwaresg8275p_firmwarewcd9360_firmwarear8035_firmwarefsm10055_firmwareqcn6224_firmwarefastconnect_6200_firmwaresdm429w_firmwarewcn3950_firmwarewcn6755_firmwareqca6595au_firmwaresnapdragon_x72_5g_modem-rf_system_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_425_mobile_platform_firmwaresm8635_firmwaresnapdragon_430_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwareqca6584au_firmwareqep8111_firmwaresm6370_firmwareqfw7114_firmwaremsm8108_firmwarewcd9385_firmwareqcn6024_firmwarewcd9326_firmwarewcn3615_firmwarewcd9340_firmwaresdx57m_firmwarewsa8845_firmwaresnapdragon_439_mobile_platform_firmwarewcn3660b_firmwaresnapdragon_429_mobile_platform_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca6574au_firmwaresdx55_firmwaresdx71m_firmwaresnapdragon_208_processor_firmwaresnapdragon_212_mobile_platform_firmwareqca8081_firmwarewcd9375_firmwarewcn3680b_firmwarewsa8845h_firmwaresnapdragon_x62_5g_modem-rf_system_firmwarewcn3610_firmwarewcn3980_firmwareqca6574a_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareqcm4490_firmwaresnapdragon_x35_5g_modem-rf_system_firmwareqcn6274_firmwareqcs4490_firmwaresnapdragon_x70_modem-rf_system_firmwarewsa8840_firmwarewsa8832_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwareqcs8550_firmwarewcn3988_firmwaresmart_audio_200_platform_firmwarefastconnect_6700_firmwareqcn9024_firmwareapq8017_firmwarewsa8810_firmwarefastconnect_7800_firmwarefsm10056_firmwarewcd9395_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqca6698aq_firmwaremsm8209_firmwareqca6174a_firmwarequalcomm_205_mobile_platform_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqca6696_firmwaremsm8608_firmwaresm8550p_firmwaresnapdragon_210_processor_firmwarewcd9370_firmwareqcc710_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwarewsa8830_firmwarewcn3620_firmwareapq8037_firmwarewsa8815_firmwarewsa8835_firmwaresdx61_firmwareqfw7124_firmwaresnapdragon_8_gen_2_mobile_platform_firmware
CWE ID-CWE-617
Reachable Assertion
CVE-2023-2156
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.43% / 62.05%
||
7 Day CHG~0.00%
Published-09 May, 2023 | 00:00
Updated-02 Aug, 2024 | 06:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the networking subsystem of the Linux kernel within the handling of the RPL protocol. This issue results from the lack of proper handling of user-supplied data, which can lead to an assertion failure. This may allow an unauthenticated remote attacker to create a denial of service condition on the system.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncFedora ProjectDebian GNU/LinuxRed Hat, Inc.
Product-debian_linuxlinux_kernelfedoraenterprise_linuxLinux kernel (RPL protocol)
CWE ID-CWE-617
Reachable Assertion
CVE-2018-14044
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.70% / 71.07%
||
7 Day CHG~0.00%
Published-13 Jul, 2018 | 15:00
Updated-16 Sep, 2024 | 19:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The RateTransposer::setChannels function in RateTransposer.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch.

Action-Not Available
Vendor-surinan/a
Product-soundtouchn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2024-24428
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.10% / 27.37%
||
7 Day CHG+0.01%
Published-21 Jan, 2025 | 00:00
Updated-24 Jan, 2025 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A reachable assertion in the oai_nas_5gmm_decode function of Open5GS <= 2.6.4 allows attackers to cause a Denial of Service (DoS) via a crafted NGAP packet.

Action-Not Available
Vendor-open5gsn/a
Product-open5gsn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2025-49630
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-0.42% / 60.84%
||
7 Day CHG~0.00%
Published-10 Jul, 2025 | 16:57
Updated-29 Jul, 2025 | 15:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache HTTP Server: mod_proxy_http2 denial of service

In certain proxy configurations, a denial of service attack against Apache HTTP Server versions 2.4.26 through to 2.4.63 can be triggered by untrusted clients causing an assertion in mod_proxy_http2. Configurations affected are a reverse proxy is configured for an HTTP/2 backend, with ProxyPreserveHost set to "on".

Action-Not Available
Vendor-The Apache Software Foundation
Product-http_serverApache HTTP Server
CWE ID-CWE-617
Reachable Assertion
CVE-2020-36222
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-36.77% / 97.02%
||
7 Day CHG-9.77%
Published-25 Jan, 2021 | 09:44
Updated-04 Aug, 2024 | 17:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service.

Action-Not Available
Vendor-openldapn/aDebian GNU/LinuxApple Inc.
Product-openldapdebian_linuxmacosmac_os_xn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2020-36382
Matching Score-4
Assigner-OpenVPN Inc.
ShareView Details
Matching Score-4
Assigner-OpenVPN Inc.
CVSS Score-7.5||HIGH
EPSS-1.29% / 78.84%
||
7 Day CHG~0.00%
Published-04 Jun, 2021 | 10:47
Updated-04 Aug, 2024 | 17:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OpenVPN Access Server 2.7.3 to 2.8.7 allows remote attackers to trigger an assert during the user authentication phase via incorrect authentication token data in an early phase of the user authentication resulting in a denial of service.

Action-Not Available
Vendor-openvpnn/a
Product-openvpn_access_serverOpenVPN Access Server
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CWE ID-CWE-617
Reachable Assertion
CVE-2018-14045
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.21% / 43.05%
||
7 Day CHG~0.00%
Published-13 Jul, 2018 | 15:00
Updated-17 Sep, 2024 | 02:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The FIRFilter::evaluateFilterMulti function in FIRFilter.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch.

Action-Not Available
Vendor-surinan/a
Product-soundtouchn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2025-29339
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.10% / 27.82%
||
7 Day CHG+0.02%
Published-22 Apr, 2025 | 00:00
Updated-19 Jun, 2025 | 00:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in UPF in Open5GS UPF versions up to v2.7.2 results an assertion failure vulnerability in PFCP session parameter validation. When processing a PFCP Session Establishment Request with PDN Type=0, the UPF fails to handle the invalid value propagated from SMF (or via direct attack), triggering a fatal assertion check and causing a daemon crash.

Action-Not Available
Vendor-open5gsn/a
Product-open5gsn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2022-41893
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-4.8||MEDIUM
EPSS-0.14% / 34.75%
||
7 Day CHG~0.00%
Published-18 Nov, 2022 | 00:00
Updated-22 Apr, 2025 | 16:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
`CHECK_EQ` fail in `tf.raw_ops.TensorListResize` in Tensorflow

TensorFlow is an open source platform for machine learning. If `tf.raw_ops.TensorListResize` is given a nonscalar value for input `size`, it results `CHECK` fail which can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 888e34b49009a4e734c27ab0c43b0b5102682c56. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-617
Reachable Assertion
CVE-2022-41899
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-4.8||MEDIUM
EPSS-0.14% / 33.94%
||
7 Day CHG~0.00%
Published-18 Nov, 2022 | 00:00
Updated-22 Apr, 2025 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
`CHECK` fail via inputs in `SdcaOptimizer` in Tensorflow

TensorFlow is an open source platform for machine learning. Inputs `dense_features` or `example_state_data` not of rank 2 will trigger a `CHECK` fail in `SdcaOptimizer`. We have patched the issue in GitHub commit 80ff197d03db2a70c6a111f97dcdacad1b0babfa. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-617
Reachable Assertion
CVE-2022-41901
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-4.8||MEDIUM
EPSS-0.19% / 40.61%
||
7 Day CHG~0.00%
Published-18 Nov, 2022 | 00:00
Updated-22 Apr, 2025 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
`CHECK_EQ` fail via input in `SparseMatrixNNZ` in Tensorflow

TensorFlow is an open source platform for machine learning. An input `sparse_matrix` that is not a matrix with a shape with rank 0 will trigger a `CHECK` fail in `tf.raw_ops.SparseMatrixNNZ`. We have patched the issue in GitHub commit f856d02e5322821aad155dad9b3acab1e9f5d693. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-617
Reachable Assertion
CVE-2022-40508
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.12% / 32.15%
||
7 Day CHG~0.00%
Published-02 May, 2023 | 05:08
Updated-03 Aug, 2024 | 12:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reachable assertion in Modem

Transient DOS due to reachable assertion in Modem while processing config related to cross carrier scheduling, which is not supported.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wsa8830315_5g_iot_modem_firmwareqca8337wcn785x-5qca6431_firmwarewcd9360_firmwaresm7250-ac_firmwareqca6595au_firmwareqca6390_firmwaresnapdragon_x70_modem-rf_systemwcd9370qca6426wcn685x-1sm7350-ab_firmwaresm8450sm4375wcn3998sm8250-abwcd9385_firmwareqcn6024_firmwaresm6375_firmwaresm7315_firmwaresnapdragon_x55_5g_modem-rf_systemqca6574au_firmwaresdx55_firmwareqca6595auwcn3998_firmwareqca8081_firmwarewcd9375_firmwaresm7250p_firmwarewcd9360qca6436_firmwaresm4350-acsnapdragon_auto_5g_modem-rf_firmwaresnapdragon_x65_5g_modem-rf_system_firmwaresnapdragon_x70_modem-rf_system_firmwareqca6698aqsm8250_firmwaresm7250-ab_firmwaresm8250-acwcn3988_firmware315_5g_iot_modemqca6421sm7250-aawsa8810_firmwaresm4375_firmwaresm8450_firmwareqca6436qca8081qca6698aq_firmwarewcn685x-1_firmwarewcd9385sm8150_firmwaresxr2130_firmwarewcd9341qca6431qca6696_firmwareqca6390ar8035sm4350_firmwareaqt1000wcd9375sm8250-ac_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwaresm7225_firmwaresnapdragon_7c\+_gen_3_compute_firmwaresm8150wcn3988wsa8815_firmwarewsa8835_firmwaresm7350-absm8475wcn6750_firmwarewcn785x-1sm6375qca8337_firmwarewcd9380_firmwaresd865_5gsm8150-acsd888wsa8835snapdragon_7c\+_gen_3_computesnapdragon_auto_5g_modem-rfwcd9380sxr2130qca6574awcn685x-5_firmwarewcn6750sm7225sm7250-absd855wsa8815sdx57m_firmwaresnapdragon_xr2_5g_platform_firmwareqca6426_firmwareqca6574a_firmwareqcn9024wcn785x-5_firmwaresm7315sm8250-ab_firmwareqca6391snapdragon_x55_5g_modem-rf_system_firmwaresnapdragon_x50_5g_modem-rf_system_firmwareqca6421_firmwaresm6350aqt1000_firmwaresm8475_firmwarewcn6740_firmwaresnapdragon_xr2_5g_platformsnapdragon_x65_5g_modem-rf_systemwcn685x-5sm6350_firmwarewcn785x-1_firmwareqca6574auqcn9024_firmwaresdx57mwcd9341_firmwarewsa8810sm7250-aa_firmwaresm7250-acsm8150-ac_firmwarewcn6740qca6696qca6391_firmwaresm4350wcd9370_firmwaresm4350-ac_firmwaresdx55sd888_firmwaresnapdragon_x50_5g_modem-rf_systemsm8250qcn6024sm7250par8035_firmwareSnapdragonaqt1000_firmwarewcn6740_firmwaresnapdragon_auto_5g_modem-rf_firmwareqca8337_firmwaresnapdragon_x65_5g_modem-rf_system_firmwarewcd9380_firmwaresnapdragon_690_5g_mobile_platform_firmwaresnapdragon_x70_modem-rf_system_firmware315_5g_iot_modem_firmwarewsa8835_firmwareqca6431_firmwarefastconnect_6900_firmwaresnapdragon_x50_5g_modem-rf_system_firmwarewcd9360_firmwarewcn3988_firmwarefastconnect_6700_firmwareqcn9024_firmwarewsa8810_firmwarewcd9341_firmwarefastconnect_7800_firmwareqca6595au_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqca6698aq_firmwaresnapdragon_480_5g_mobile_platform_firmwaresxr2130_firmwareqca6696_firmwareqca6391_firmwarewcd9385_firmwareqcn6024_firmwaresnapdragon_855_mobile_platform_firmwarewcd9370_firmwaresd888_firmwarewsa8830_firmwaresdx57m_firmwaresd855_firmwaresd865_5g_firmwaresnapdragon_xr2_5g_platform_firmwareqca6426_firmwarewsa8815_firmwaresm7315_firmwareqca6574a_firmwarefastconnect_6200_firmwareqca6574au_firmwaresdx55_firmwaresnapdragon_695_5g_mobile_platform_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresnapdragon_865_5g_mobile_platform_firmwareqca8081_firmwarefastconnect_6800_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresm7250p_firmwarewcd9375_firmwareqca6436_firmwarear8035_firmwaresnapdragon_750g_5g_mobile_platform_firmwareqca6421_firmware
CWE ID-CWE-617
Reachable Assertion
CVE-2022-40504
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.12% / 32.15%
||
7 Day CHG~0.00%
Published-02 May, 2023 | 07:30
Updated-03 Aug, 2024 | 12:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reachable assertion in Modem

Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarefsm10055sm7325-ae_firmwaresa6150p_firmwaresm6250p_firmwareqcs610315_5g_iot_modem_firmwareqca8337qca6431_firmwarewcd9360_firmwarewcn3950_firmwaresc8180x\+sdx55sa8150p_firmwaresm4450_firmwareqcs2290qca6595au_firmwaresa6155snapdragon_x70_modem-rf_systemqca6335sdm712sdm670sm8350sd_455_firmwarecsra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwareapq5053-aa_firmwarewcn685x-1qcs400_firmwaresm7350-ab_firmwaresm4375wcn3998sc8180xp-adwcd9371_firmwarewcn3950qcn6024_firmwaresm6375_firmwarewcn3660bsm7150-acsd460_firmwaresm7315_firmwaresm7325-aeqca6574au_firmwaresm4250-aasnapdragon_636_mobile_platformwcd9375_firmwarewcn3998_firmwareqca8081_firmwaresa6155_firmwaresm6225-adqca6420wcd9360snapdragon_auto_5g_modem-rf_firmware8909sdm450sm6225-ad_firmwareqca6698aqqcs6125sa8155_firmwaresd662_firmwaresm7250-ab_firmwareqca6430snapdragon_630_mobile_platform8905_firmwarewcd9340snapdragon_8cx_compute_platformsd626_firmwaresw5100qca64368953_firmwaresa6155pqcs603_firmwareqca6698aq_firmwarewcn685x-1_firmwarewcn3660_firmwaresm8150_firmwarewcd9341qca6431qca6696_firmwarewcd9371wcn3910_firmwaresm4350_firmwaresa8150psm8250-ac_firmwarewsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwaresm7225_firmwaresdm8508940snapdragon_7c\+_gen_3_compute_firmwaresd660_firmwarewcn3988sm4250-aa_firmwaresa8195p_firmwaresm8475wcn6750_firmwaresm6125_firmwarewcn3610sm6375sm6115_firmwareqca8337_firmwarewcd9380_firmwaresw5100psnapdragon_8cx_gen_2_5g_compute_platformsnapdragon_w5\+_gen_1_wearable_platformqca6564ausdm429sd670_firmwareapq8053-acsnapdragon_7c\+_gen_3_computewcd93808920_firmwareqcs410apq8053-ac_firmwaresm7150-aa_firmwaresc8180xp-ad_firmwaresd626qca6430_firmwarewcd9335_firmwarewcn3980qca6335_firmwaresm7225qcm4325_firmwareqcs605wcd9340_firmwarewsa8815sm6150-ac_firmwarewcn3910sdm429_firmwaresnapdragon_630_mobile_platform_firmwareqca6426_firmwaresm4450wcn3660b_firmwarewcn3680sc8180x-adqcn9024wcn3980_firmwaresd730snapdragon_x50_5g_modem-rf_system_firmwaresc7180-ac_firmwaresm7150-aaqca6421_firmwaresm6350sm8475_firmwarewcn6740_firmwaresm7125snapdragon_8cx_compute_platform_firmwareqcs4490_firmwaresnapdragon_xr2_5g_platformsnapdragon_x65_5g_modem-rf_systemwcn3680_firmwaresm7150-ab_firmwaresm8350_firmwareqcs603sdm660sm6350_firmwarewcn785x-1_firmwaresdm710sd670qcn9024_firmwaresdx57mqcm4290_firmwaresnapdragon_x24_lte_modemwsa8832sw5100p_firmwareqcs610_firmwaresa6145pqcs4490sdm439_firmwaresa8145pqca6391_firmwarewcd9370_firmwareqm215_firmwaresm4350-ac_firmwaresdx55sd888_firmwaresm8250csra6640sa8155psd675snapdragon_x20_lte_modemwcn3660ar8035_firmwareqcm2290snapdragon_632_mobile_platformsdm845_firmwarewsa8830sa8145p_firmwaresm6125sdm712_firmwaresnapdragon_x24_lte_modem_firmwareqcs2290_firmwaresdm450_firmwarewcn785x-5csrb31024csra6620fsm10055_firmwaresm7250-ac_firmwareqcs4290snapdragon_x20_lte_modem_firmwareqca6420_firmwaresc7180-acqca6390_firmwaresnapdragon_auto_4g_modem_firmwaresd730_firmwarewcd93708920sd675_firmwaresm6115qca6426wcn3990_firmwaresm8450qca9377sm8250-abwcd9385_firmwarewcd9326_firmwarewcn3615_firmwaresd662sm7325-afsa8155snapdragon_x55_5g_modem-rf_systemwcn3680b_firmwaresdx55_firmwaresda\/sdm845_firmware8917_firmwarewcn3615qca6595ausm7325-af_firmwaresm7250p_firmware8953wcn3610_firmwareqca6436_firmwaresm4350-acsnapdragon_w5\+_gen_1_wearable_platform_firmwareqca6564au_firmwaresa6155p_firmwareqca6310snapdragon_x65_5g_modem-rf_system_firmwareapq8053-aa_firmwaresm6225snapdragon_x70_modem-rf_system_firmwareqcs6490sm8250_firmwaresm8250-acwcn3988_firmware315_5g_iot_modemsa6145p_firmwareqm215qca6421sm7250-aasm6250sa8195psxr1120sdm710_firmwareapq8017_firmwarewsa8810_firmwaresm4375_firmwaresm8450_firmwaresc7180-adwcd9326wcd9335sg4150pqca8081qcm44908917apq8053-aaqca6174a_firmwareqcs4290_firmwarewcd9385sxr2130_firmwareqcs6490_firmwaresm7150-abqca6390wcd9375ar8035aqt1000sda\/sdm8458909_firmwaresc8180x\+sdx55_firmwaresm6250_firmwaresm6150_firmwaresm8150wsa8815_firmwareqcm6490wsa8835_firmwaresnapdragon_636_mobile_platform_firmwaresm7350-abapq8017sxr1120_firmwaresg4150p_firmwarewcn785x-1qcm6125_firmwareqcm4325qcm2290_firmwareapq5053-aawcn3990sd_675sdm845sd865_5g8953prosm8350-ac_firmwaresdm439sm8150-acsd888sm6150wsa8835sc7180-ad_firmwaresnapdragon_auto_5g_modem-rfsm6250psxr2130qca6574awcn685x-5_firmwareqca6174asm7325psdm670_firmwareqca6310_firmwaresm7325wcn6750sm7150-ac_firmwaresm7250-absd855sm7325p_firmwaresdx57m_firmwaresnapdragon_xr2_5g_platform_firmwareqca6574a_firmware8940_firmware8953pro_firmwarewcn785x-5_firmwaresm7315snapdragon_x55_5g_modem-rf_system_firmwaresd460qca6391sm8250-ab_firmwareaqt1000_firmwaresdm850_firmwareqcm4490_firmwaresnapdragon_auto_4g_modemsnapdragon_632_mobile_platform_firmwareqcm4290csrb31024_firmwareqcm6490_firmwarewsa8832_firmwaresnapdragon_xr1_platformwcn685x-5sd_455sm6225_firmwareqca6574ausa8155p_firmwarewcd9341_firmwareqcm6125wsa8810sm7250-aa_firmware8905sm7250-acsm8150-ac_firmwarewcn3680bsm8350-acwcn6740qca6696sm4350sm6150-acsm7125_firmwaresnapdragon_x50_5g_modem-rf_systemsa6150pqcn6024sc8180x-ad_firmwaresm7250psw5100_firmwareqcs410_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_firmwareqcs400sdm660_firmwaresnapdragon_xr1_platform_firmwaresm7325_firmwareSnapdragon
CWE ID-CWE-617
Reachable Assertion
CVE-2022-40538
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.14% / 35.54%
||
7 Day CHG~0.00%
Published-06 Jun, 2023 | 07:39
Updated-03 Aug, 2024 | 12:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reachable assertion in Modem

Transient DOS due to reachable assertion in modem while processing sib with incorrect values from network.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn685x-5_firmwareqca8337_firmwaresnapdragon_x65_5g_modem-rf_system_firmwarewcd9380_firmwarewcn685x-1_firmwarewcn685x-1snapdragon_x70_modem-rf_system_firmwaresnapdragon_x65_5g_modem-rf_systemqca8337qcs8550wcn785x-5wcn685x-5qcn6024_firmwareqcs8550_firmwarear8035wcn785x-1_firmwareqcn6024qcn9024_firmwarewcd9380qcn9024qca8081_firmwaresnapdragon_x70_modem-rf_systemwcn785x-5_firmwareqca8081ar8035_firmwarewcn785x-1Snapdragonqca8337_firmwaresnapdragon_x65_5g_modem-rf_system_firmwarewcd9380_firmwareqcn9024_firmwaresnapdragon_x70_modem-rf_system_firmwarefastconnect_7800_firmwareqca8081_firmwareqcn6024_firmwarefastconnect_6900_firmwareqcs8550_firmwarear8035_firmware
CWE ID-CWE-617
Reachable Assertion
CVE-2022-40527
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.12% / 32.15%
||
7 Day CHG~0.00%
Published-07 Mar, 2023 | 04:43
Updated-03 Aug, 2024 | 12:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reachable Assertion in WLAN Embedded SW

Transient DOS due to reachable assertion in WLAN while processing PEER ID populated by TQM.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn5024_firmwarewsa8830qcn9070sxr2230p_firmwareqca8337ipq8173_firmwaresdx65qcn5124qca4024_firmwareqca8082qcn9072qca8386ipq8078aipq5028_firmwareqca6390_firmwareipq6000wcd9370ssg2115pqcn5152_firmwareqca6426qcn9000_firmwareipq5018wcd9385_firmwareipq8076aqca8386_firmwareqcn6024_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareipq8074aqcn5124_firmwareqcn6100_firmwareqcn6102_firmwareqca8082_firmwaresm7315_firmwarewcn7850qcn5164_firmwareqcn5122_firmwarewcd9375_firmwareqca8081_firmwareqcn6023_firmwareqca6436_firmwareqcn9002ipq5010sd778gipq8070_firmwareipq8078a_firmwareqcn9274ipq8174qcn9001qcs6490ipq5028wcn7851qcn5052ipq6010qcn6112_firmwareqcn9074qca8085sd778g_firmwaresdx65mqcn6132wsa8810_firmwareqca6436wcn6851qca8081wcn7851_firmwareipq8071aqcn6023sdx65m_firmwareipq8071a_firmwarewcd9385qca8085_firmwareqca9888_firmwareqcn6122qcs6490_firmwaresd870_firmwareipq9008_firmwareqcn5154_firmwarear8035csr8811qca6390wcd9375qcn9100_firmwarewsa8830_firmwaresd865_5g_firmwareipq5010_firmwareipq8074a_firmwareqcm6490sd888_5g_firmwarewcn6850_firmwarewcn7850_firmwarewsa8815_firmwarewsa8835_firmwaresm8475qcn5022_firmwarewcn6750_firmwareqca8072ipq5018_firmwareqca8337_firmwarewcd9380_firmwaressg2125pqcn9000ipq8072aipq8076a_firmwaresd865_5gipq8078qca8084qcn9001_firmwareipq8173wcn6856_firmwareipq9008qcn9012qcn5164qcn6122_firmwarewsa8835sxr1230p_firmwarecsr8811_firmwarewcd9380sd888_5gqcn5054_firmwareqcn5154qca8075_firmwaressg2125p_firmwareqcn5024wcn6855_firmwareqca9889sm7325pqcn6132_firmwareqcn9003_firmwaresxr1230pqca9888qca8072_firmwareqcn9012_firmwareqcn5052_firmwareqcn9274_firmwareqcn9003ipq8070a_firmwarewcn6750ipq6018_firmwareipq8076_firmwarewsa8815sm7325p_firmwarewcn6850pmp8074_firmwareqcn6112ipq8076sxr2230pqca6426_firmwareqcn5021ipq6028qcn5152qcn9024pmp8074ipq9574_firmwaresm7315qca6391wcn6740_firmwareqcn6102qcn9100sdx65_firmwareqcm6490_firmwareipq8078_firmwarewsa8832_firmwareqcn5054qcn9070_firmwarewcn6851_firmwareipq8070ipq6028_firmwareipq8072a_firmwareqca9889_firmwareipq9574qcn5122qcn9024_firmwareipq8174_firmwarewsa8810sd870wsa8832wcn6855wcn6856ipq6018qcn5022ipq6010_firmwarewcn6740qca6391_firmwareqca4024wcd9370_firmwareqca8075qcn5021_firmwareqcn9022_firmwareqcn6024qcn9022ipq8070aqcn9002_firmwareqcn6100qcn9072_firmwareipq6000_firmwaressg2115p_firmwareqcn9074_firmwarear8035_firmwareSnapdragonqcn5024_firmwareipq5018_firmwareqca8337_firmwarewcd9380_firmwaresxr2230p_firmwareipq8076a_firmwareipq8173_firmwareqcn9001_firmwarewcn6856_firmwareqca4024_firmwareqcn6122_firmwaresxr1230p_firmwarecsr8811_firmwareipq5028_firmwareqca6390_firmwareqcn5054_firmwareqca8075_firmwaressg2125p_firmwarewcn6855_firmwareqcn5152_firmwareqcn6132_firmwareqcn9003_firmwareqca8072_firmwareqcn9000_firmwareqcn9012_firmwareqcn5052_firmwareqcn9274_firmwareipq8070a_firmwarewcd9385_firmwareqcn6024_firmwareqca8386_firmwareipq8076_firmwareipq6018_firmwaresd_8_gen1_5g_firmwareqca8084_firmwaresm7325p_firmwarepmp8074_firmwareqcn5124_firmwareqcn6100_firmwareqcn6102_firmwareqca6426_firmwaresm7315_firmwareqca8082_firmwareqcn5164_firmwareqcn5122_firmwarewcd9375_firmwareqca8081_firmwareqcn6023_firmwareipq9574_firmwareqca6436_firmwarewcn6740_firmwareipq8070_firmwaresdx65_firmwareipq8078a_firmwareqcm6490_firmwareipq8078_firmwarewsa8832_firmwareqcn9070_firmwarewcn6851_firmwareipq6028_firmwareipq8072a_firmwareqcn6112_firmwareqca9889_firmwaresd778g_firmwareqcn9024_firmwareipq8174_firmwarewsa8810_firmwarewcn7851_firmwaresdx65m_firmwareipq8071a_firmwareqca8085_firmwareqca9888_firmwareipq6010_firmwareqcs6490_firmwaresd870_firmwareipq9008_firmwareqca6391_firmwareqcn5154_firmwarewcd9370_firmwareqcn9100_firmwareqcn9022_firmwareqcn5021_firmwarewsa8830_firmwaresd865_5g_firmwareqcn9002_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwarewcn6850_firmwarewcn7850_firmwarewsa8815_firmwarewsa8835_firmwareqcn9072_firmwareipq6000_firmwaressg2115p_firmwareqcn9074_firmwareqcn5022_firmwarewcn6750_firmwarear8035_firmware
CWE ID-CWE-617
Reachable Assertion
CVE-2024-20094
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-7.5||HIGH
EPSS-0.55% / 66.90%
||
7 Day CHG~0.00%
Published-07 Oct, 2024 | 02:35
Updated-25 Apr, 2025 | 18:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00843282; Issue ID: MSV-1535.

Action-Not Available
Vendor-MediaTek Inc.
Product-mt6890mt6891mt8771mt6875mt8675mt6873mt6885mt8791tmt6883nr15mt6853mt6889mt6877mt6875tmt6893mt8791mt8797mt2735mt6833mt6855mt6880MT2735, MT6833, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT8675, MT8771, MT8791, MT8791T, MT8797mt6855mt6873mt6893mt8675mt2735mt6890mt6833mt6885mt8791tmt6877mt6891mt6883mt6853mt6875tmt6880mt6875mt8797mt6889mt8791mt8771
CWE ID-CWE-617
Reachable Assertion
CVE-2022-3924
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-7.5||HIGH
EPSS-0.43% / 62.00%
||
7 Day CHG~0.00%
Published-25 Jan, 2023 | 21:39
Updated-31 Mar, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
named configured to answer from stale cache may terminate unexpectedly at recursive-clients soft quota

This issue can affect BIND 9 resolvers with `stale-answer-enable yes;` that also make use of the option `stale-answer-client-timeout`, configured with a value greater than zero. If the resolver receives many queries that require recursion, there will be a corresponding increase in the number of clients that are waiting for recursion to complete. If there are sufficient clients already waiting when a new client query is received so that it is necessary to SERVFAIL the longest waiting client (see BIND 9 ARM `recursive-clients` limit and soft quota), then it is possible for a race to occur between providing a stale answer to this older client and sending an early timeout SERVFAIL, which may cause an assertion failure. This issue affects BIND 9 versions 9.16.12 through 9.16.36, 9.18.0 through 9.18.10, 9.19.0 through 9.19.8, and 9.16.12-S1 through 9.16.36-S1.

Action-Not Available
Vendor-Internet Systems Consortium, Inc.
Product-bindBIND 9
CWE ID-CWE-617
Reachable Assertion
CVE-2022-35999
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.20% / 42.50%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 22:15
Updated-23 Apr, 2025 | 17:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
`CHECK` fail in `Conv2DBackpropInput` in TensorFlow

TensorFlow is an open source platform for machine learning. When `Conv2DBackpropInput` receives empty `out_backprop` inputs (e.g. `[3, 1, 0, 1]`), the current CPU/GPU kernels `CHECK` fail (one with dnnl, the other with cudnn). This can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 27a65a43cf763897fecfa5cdb5cc653fc5dd0346. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-617
Reachable Assertion
CVE-2022-35963
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.19% / 41.55%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 20:10
Updated-23 Apr, 2025 | 17:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
`CHECK` failures in `FractionalAvgPoolGrad` in TensorFlow

TensorFlow is an open source platform for machine learning. The implementation of `FractionalAvgPoolGrad` does not fully validate the input `orig_input_tensor_shape`. This results in an overflow that results in a `CHECK` failure which can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 03a659d7be9a1154fdf5eeac221e5950fec07dad. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-617
Reachable Assertion
CVE-2022-35984
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.21% / 44.04%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 21:40
Updated-23 Apr, 2025 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
`CHECK` fail in `ParameterizedTruncatedNormal` in TensorFlow

TensorFlow is an open source platform for machine learning. `ParameterizedTruncatedNormal` assumes `shape` is of type `int32`. A valid `shape` of type `int64` results in a mismatched type `CHECK` fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 72180be03447a10810edca700cbc9af690dfeb51. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-617
Reachable Assertion
CVE-2022-35960
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.28% / 50.79%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 20:00
Updated-23 Apr, 2025 | 17:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
`CHECK` failure in `TensorListReserve` in TensorFlow

TensorFlow is an open source platform for machine learning. In `core/kernels/list_kernels.cc's TensorListReserve`, `num_elements` is assumed to be a tensor of size 1. When a `num_elements` of more than 1 element is provided, then `tf.raw_ops.TensorListReserve` fails the `CHECK_EQ` in `CheckIsAlignedAndSingleElement`. We have patched the issue in GitHub commit b5f6fbfba76576202b72119897561e3bd4f179c7. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-617
Reachable Assertion
CVE-2022-36440
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.20% / 42.35%
||
7 Day CHG~0.00%
Published-03 Apr, 2023 | 00:00
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A reachable assertion was found in Frrouting frr-bgpd 8.3.0 in the peek_for_as4_capability function. Attackers can maliciously construct BGP open packets and send them to BGP peers running frr-bgpd, resulting in DoS.

Action-Not Available
Vendor-frroutingn/aDebian GNU/LinuxFedora Project
Product-debian_linuxfedorafrroutingn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2022-36026
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.21% / 44.04%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 22:05
Updated-23 Apr, 2025 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
`CHECK` fail in `QuantizeAndDequantizeV3` in TensorFlow

TensorFlow is an open source platform for machine learning. If `QuantizeAndDequantizeV3` is given a nonscalar `num_bits` input tensor, it results in a `CHECK` fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit f3f9cb38ecfe5a8a703f2c4a8fead434ef291713. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-617
Reachable Assertion
CVE-2022-35997
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.14% / 34.80%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 22:15
Updated-23 Apr, 2025 | 17:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
`CHECK` fail in `tf.sparse.cross` in TensorFlow

TensorFlow is an open source platform for machine learning. If `tf.sparse.cross` receives an input `separator` that is not a scalar, it gives a `CHECK` fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 83dcb4dbfa094e33db084e97c4d0531a559e0ebf. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-617
Reachable Assertion
CVE-2022-36004
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.26% / 49.10%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 22:10
Updated-23 Apr, 2025 | 17:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
`CHECK` fail in `tf.random.gamma` in TensorFlow

TensorFlow is an open source platform for machine learning. When `tf.random.gamma` receives large input shape and rates, it gives a `CHECK` fail that can trigger a denial of service attack. We have patched the issue in GitHub commit 552bfced6ce4809db5f3ca305f60ff80dd40c5a3. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-617
Reachable Assertion
CVE-2022-36016
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.27% / 50.43%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 22:10
Updated-23 Apr, 2025 | 17:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
`CHECK`-fail in `tensorflow::full_type::SubstituteFromAttrs` in TensorFlow

TensorFlow is an open source platform for machine learning. When `tensorflow::full_type::SubstituteFromAttrs` receives a `FullTypeDef& t` that is not exactly three args, it triggers a `CHECK`-fail instead of returning a status. We have patched the issue in GitHub commit 6104f0d4091c260ce9352f9155f7e9b725eab012. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-617
Reachable Assertion
CVE-2022-35988
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.27% / 49.93%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 21:35
Updated-23 Apr, 2025 | 17:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
`CHECK` fail in `tf.linalg.matrix_rank` in TensorFlow

TensorFlow is an open source platform for machine learning. When `tf.linalg.matrix_rank` receives an empty input `a`, the GPU kernel gives a `CHECK` fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit c55b476aa0e0bd4ee99d0f3ad18d9d706cd1260a. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-617
Reachable Assertion
CVE-2025-46354
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-7.5||HIGH
EPSS-0.05% / 16.59%
||
7 Day CHG~0.00%
Published-22 Jul, 2025 | 15:26
Updated-22 Aug, 2025 | 16:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability exists in the Distributed Transaction Commit/Abort Operation functionality of Bloomberg Comdb2 8.1. A specially crafted network packet can lead to a denial of service. An attacker can send a malicious packet to trigger this vulnerability.

Action-Not Available
Vendor-bloombergBloomberg
Product-comdb2Comdb2
CWE ID-CWE-617
Reachable Assertion
CVE-2022-36005
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.23% / 45.57%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 22:10
Updated-23 Apr, 2025 | 17:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
`CHECK` fail in `FakeQuantWithMinMaxVarsGradient` in TensorFlow

TensorFlow is an open source platform for machine learning. When `tf.quantization.fake_quant_with_min_max_vars_gradient` receives input `min` or `max` that is nonscalar, it gives a `CHECK` fail that can trigger a denial of service attack. We have patched the issue in GitHub commit f3cf67ac5705f4f04721d15e485e192bb319feed. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-617
Reachable Assertion
CVE-2022-35971
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.19% / 41.55%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 20:50
Updated-23 Apr, 2025 | 17:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
`CHECK` fail in `FakeQuantWithMinMaxVars` in TensorFlow

TensorFlow is an open source platform for machine learning. If `FakeQuantWithMinMaxVars` is given `min` or `max` tensors of a nonzero rank, it results in a `CHECK` fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 785d67a78a1d533759fcd2f5e8d6ef778de849e0. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-617
Reachable Assertion
CVE-2022-35994
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.11% / 29.91%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 22:20
Updated-23 Apr, 2025 | 16:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
`CHECK` fail in `CollectiveGather` in TensorFlow

TensorFlow is an open source platform for machine learning. When `CollectiveGather` receives an scalar input `input`, it gives a `CHECK` fails that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit c1f491817dec39a26be3c574e86a88c30f3c4770. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-617
Reachable Assertion
CVE-2022-35992
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.20% / 42.50%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 22:20
Updated-23 Apr, 2025 | 16:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
`CHECK` fail in `TensorListFromTensor` in TensorFlow

TensorFlow is an open source platform for machine learning. When `TensorListFromTensor` receives an `element_shape` of a rank greater than one, it gives a `CHECK` fail that can trigger a denial of service attack. We have patched the issue in GitHub commit 3db59a042a38f4338aa207922fa2f476e000a6ee. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-617
Reachable Assertion
CVE-2022-36003
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.20% / 42.50%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 22:10
Updated-23 Apr, 2025 | 17:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
`CHECK` fail in `RandomPoissonV2` in TensorFlow

TensorFlow is an open source platform for machine learning. When `RandomPoissonV2` receives large input shape and rates, it gives a `CHECK` fail that can trigger a denial of service attack. We have patched the issue in GitHub commit 552bfced6ce4809db5f3ca305f60ff80dd40c5a3. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-617
Reachable Assertion
CVE-2022-35998
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.26% / 49.10%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 22:15
Updated-23 Apr, 2025 | 17:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
`CHECK` fail in `EmptyTensorList` in TensorFlow

TensorFlow is an open source platform for machine learning. If `EmptyTensorList` receives an input `element_shape` with more than one dimension, it gives a `CHECK` fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit c8ba76d48567aed347508e0552a257641931024d. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-617
Reachable Assertion
CVE-2022-35990
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.21% / 43.21%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 22:00
Updated-23 Apr, 2025 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
`CHECK` fail in `FakeQuantWithMinMaxVarsPerChannelGradient` in TensorFlow

TensorFlow is an open source platform for machine learning. When `tf.quantization.fake_quant_with_min_max_vars_per_channel_gradient` receives input `min` or `max` of rank other than 1, it gives a `CHECK` fail that can trigger a denial of service attack. We have patched the issue in GitHub commit f3cf67ac5705f4f04721d15e485e192bb319feed. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range.There are no known workarounds for this issue.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-617
Reachable Assertion
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • Next
Details not found