Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-24420

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-21 Jan, 2025 | 00:00
Updated At-20 Mar, 2025 | 20:30
Rejected At-
Credits

A reachable assertion in the decode_linked_ti_ie function of Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:21 Jan, 2025 | 00:00
Updated At:20 Mar, 2025 | 20:30
Rejected At:
▼CVE Numbering Authority (CNA)

A reachable assertion in the decode_linked_ti_ie function of Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://cellularsecurity.org/ransacked
N/A
Hyperlink: https://cellularsecurity.org/ransacked
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-617CWE-617 Reachable Assertion
Type: CWE
CWE ID: CWE-617
Description: CWE-617 Reachable Assertion
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:21 Jan, 2025 | 23:15
Updated At:03 Jul, 2025 | 00:49

A reachable assertion in the decode_linked_ti_ie function of Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CPE Matches
The Linux Foundation
linuxfoundation
>>magma>>Versions up to 1.8.0(inclusive)
cpe:2.3:a:linuxfoundation:magma:*:-:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-617Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-617
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://cellularsecurity.org/ransackedcve@mitre.org
Exploit
Third Party Advisory
Hyperlink: https://cellularsecurity.org/ransacked
Source: cve@mitre.org
Resource:
Exploit
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

293Records found
CVE-2020-27638
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.11% / 77.23%
||
7 Day CHG~0.00%
Published-22 Oct, 2020 | 12:27
Updated-04 Aug, 2024 | 16:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

receive.c in fastd before v21 allows denial of service (assertion failure) when receiving packets with an invalid type code.

Action-Not Available
Vendor-fastd_projectn/aDebian GNU/LinuxFedora Project
Product-fastddebian_linuxfedoran/a
CWE ID-CWE-617
Reachable Assertion
CVE-2020-25710
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-7.00% / 91.09%
||
7 Day CHG~0.00%
Published-28 May, 2021 | 10:20
Updated-04 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23(). The highest threat from this vulnerability is to system availability.

Action-Not Available
Vendor-openldapn/aDebian GNU/LinuxRed Hat, Inc.Fedora Project
Product-debian_linuxjboss_enterprise_web_serverfedoraenterprise_linuxopenldapjboss_enterprise_application_platformjboss_core_servicesopenldap
CWE ID-CWE-617
Reachable Assertion
CVE-2020-25709
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-12.34% / 93.62%
||
7 Day CHG~0.00%
Published-18 May, 2021 | 11:51
Updated-04 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP’s slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability.

Action-Not Available
Vendor-openldapn/aDebian GNU/LinuxRed Hat, Inc.Apple Inc.
Product-debian_linuxmac_os_xopenldapmacosjboss_core_servicesOpenLDAP
CWE ID-CWE-617
Reachable Assertion
CVE-2020-23311
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.27% / 50.53%
||
7 Day CHG~0.00%
Published-10 Jun, 2021 | 22:13
Updated-04 Aug, 2024 | 14:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an Assertion 'context_p->token.type == LEXER_RIGHT_BRACE || context_p->token.type == LEXER_ASSIGN || context_p->token.type == LEXER_COMMA' failed at js-parser-expr.c:3230 in parser_parse_object_initializer in JerryScript 2.2.0.

Action-Not Available
Vendor-jerryscriptn/a
Product-jerryscriptn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2020-23308
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.27% / 50.53%
||
7 Day CHG~0.00%
Published-10 Jun, 2021 | 22:13
Updated-04 Aug, 2024 | 14:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an Assertion 'context_p->stack_top_uint8 == LEXER_EXPRESSION_START' at js-parser-expr.c:3565 in parser_parse_expression in JerryScript 2.2.0.

Action-Not Available
Vendor-jerryscriptn/a
Product-jerryscriptn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2020-23309
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.27% / 50.53%
||
7 Day CHG~0.00%
Published-10 Jun, 2021 | 22:13
Updated-04 Aug, 2024 | 14:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an Assertion 'context_p->stack_depth == context_p->context_stack_depth' failed at js-parser-statm.c:2756 in parser_parse_statements in JerryScript 2.2.0.

Action-Not Available
Vendor-jerryscriptn/a
Product-jerryscriptn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2020-23312
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.30% / 53.06%
||
7 Day CHG~0.00%
Published-10 Jun, 2021 | 22:13
Updated-04 Aug, 2024 | 14:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an Assertion 'context.status_flags & PARSER_SCANNING_SUCCESSFUL' failed at js-parser.c:2185 in parser_parse_source in JerryScript 2.2.0.

Action-Not Available
Vendor-jerryscriptn/a
Product-jerryscriptn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2020-23320
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.30% / 53.06%
||
7 Day CHG~0.00%
Published-10 Jun, 2021 | 22:14
Updated-04 Aug, 2024 | 14:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an Assertion in 'context_p->next_scanner_info_p->type == SCANNER_TYPE_FUNCTION' in parser_parse_function_arguments in JerryScript 2.2.0.

Action-Not Available
Vendor-jerryscriptn/a
Product-jerryscriptn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2020-23319
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.27% / 50.53%
||
7 Day CHG~0.00%
Published-10 Jun, 2021 | 22:14
Updated-04 Aug, 2024 | 14:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an Assertion in '(flags >> CBC_STACK_ADJUST_SHIFT) >= CBC_STACK_ADJUST_BASE || (CBC_STACK_ADJUST_BASE - (flags >> CBC_STACK_ADJUST_SHIFT)) <= context_p->stack_depth' in parser_emit_cbc_backward_branch in JerryScript 2.2.0.

Action-Not Available
Vendor-jerryscriptn/a
Product-jerryscriptn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2020-23322
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.30% / 53.06%
||
7 Day CHG~0.00%
Published-10 Jun, 2021 | 22:14
Updated-04 Aug, 2024 | 14:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an Assertion in 'context_p->token.type == LEXER_RIGHT_BRACE || context_p->token.type == LEXER_ASSIGN || context_p->token.type == LEXER_COMMA' in parser_parse_object_initializer in JerryScript 2.2.0.

Action-Not Available
Vendor-jerryscriptn/a
Product-jerryscriptn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2020-23314
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.27% / 50.53%
||
7 Day CHG~0.00%
Published-10 Jun, 2021 | 22:14
Updated-04 Aug, 2024 | 14:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an Assertion 'block_found' failed at js-parser-statm.c:2003 parser_parse_try_statement_end in JerryScript 2.2.0.

Action-Not Available
Vendor-jerryscriptn/a
Product-jerryscriptn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2022-0635
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-7.5||HIGH
EPSS-0.78% / 72.76%
||
7 Day CHG~0.00%
Published-23 Mar, 2022 | 11:55
Updated-17 Sep, 2024 | 02:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Versions affected: BIND 9.18.0 When a vulnerable version of named receives a series of specific queries, the named process will eventually terminate due to a failed assertion check.

Action-Not Available
Vendor-NetApp, Inc.Internet Systems Consortium, Inc.
Product-h300eh500sh300s_firmwareh410c_firmwareh410sh300sh300e_firmwareh500eh410s_firmwareh700s_firmwareh500s_firmwareh500e_firmwareh700ebindh410ch700e_firmwareh700sBIND
CWE ID-CWE-617
Reachable Assertion
CVE-2022-0667
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-7.5||HIGH
EPSS-0.69% / 70.95%
||
7 Day CHG~0.00%
Published-22 Mar, 2022 | 11:15
Updated-16 Sep, 2024 | 22:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Assertion failure on delayed DS lookup

When the vulnerability is triggered the BIND process will exit. BIND 9.18.0

Action-Not Available
Vendor-NetApp, Inc.Internet Systems Consortium, Inc.
Product-h300eh500sh300s_firmwareh410c_firmwareh410sh300sh300e_firmwareh500eh410s_firmwareh700s_firmwareh500s_firmwareh500e_firmwareh700ebindh410ch700e_firmwareh700sBIND
CWE ID-CWE-617
Reachable Assertion
CVE-2023-39949
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.07% / 20.96%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 13:55
Updated-13 Feb, 2025 | 17:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper validation of sequence numbers leading to remotely reachable assertion failure

eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.9.1 and 2.6.5, improper validation of sequence numbers may lead to remotely reachable assertion failure. This can remotely crash any Fast-DDS process. Versions 2.9.1 and 2.6.5 contain a patch for this issue.

Action-Not Available
Vendor-eprosimaeProsimaDebian GNU/Linux
Product-fast_ddsdebian_linuxFast-DDS
CWE ID-CWE-617
Reachable Assertion
CVE-2022-1183
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-7.5||HIGH
EPSS-0.39% / 59.43%
||
7 Day CHG~0.00%
Published-19 May, 2022 | 09:55
Updated-17 Sep, 2024 | 04:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Destroying a TLS session early causes assertion failure

On vulnerable configurations, the named daemon may, in some circumstances, terminate with an assertion failure. Vulnerable configurations are those that include a reference to http within the listen-on statements in their named.conf. TLS is used by both DNS over TLS (DoT) and DNS over HTTPS (DoH), but configurations using DoT alone are unaffected. Affects BIND 9.18.0 -> 9.18.2 and version 9.19.0 of the BIND 9.19 development branch.

Action-Not Available
Vendor-NetApp, Inc.Internet Systems Consortium, Inc.
Product-h500sh410s_firmwareh700s_firmwareh410c_firmwareh300s_firmwareh500s_firmwareh410sbindh410ch300sh700sBIND9
CWE ID-CWE-617
Reachable Assertion
CVE-2020-13649
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.40% / 59.95%
||
7 Day CHG~0.00%
Published-28 May, 2020 | 14:13
Updated-04 Aug, 2024 | 12:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

parser/js/js-scanner.c in JerryScript 2.2.0 mishandles errors during certain out-of-memory conditions, as demonstrated by a scanner_reverse_info_list NULL pointer dereference and a scanner_scan_all assertion failure.

Action-Not Available
Vendor-jerryscriptn/a
Product-jerryscriptn/a
CWE ID-CWE-617
Reachable Assertion
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2020-13622
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.33% / 55.04%
||
7 Day CHG~0.00%
Published-26 May, 2020 | 23:15
Updated-04 Aug, 2024 | 12:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

JerryScript 2.2.0 allows attackers to cause a denial of service (assertion failure) because a property key query for a Proxy object returns unintended data.

Action-Not Available
Vendor-jerryscriptn/a
Product-jerryscriptn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2023-44175
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.17% / 38.84%
||
7 Day CHG~0.00%
Published-12 Oct, 2023 | 22:59
Updated-19 Sep, 2024 | 13:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Junos OS and Junos OS Evolved: Receipt of a specific genuine PIM packet causes RPD crash

A Reachable Assertion vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows to send specific genuine PIM packets to the device resulting in rpd to crash causing a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. Note: This issue is not noticed when all the devices in the network are Juniper devices. This issue affects Juniper Networks: Junos OS: * All versions prior to 20.4R3-S7; * 21.2 versions prior to 21.2R3-S5; * 21.3 versions prior to 21.3R3-S4; * 21.4 versions prior to 21.4R3-S4; * 22.1 versions prior to 22.1R3-S4; * 22.2 versions prior to 22.2R3; * 22.3 versions prior to 22.3R3; * 22.4 versions prior to 22.4R3. Junos OS Evolved: * All versions prior to 22.3R3-EVO; * 22.4-EVO versions prior to 22.4R3-EVO; * 23.2-EVO versions prior to 23.2R1-EVO.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-junos_os_evolvedjunosJunos OSJunos OS Evolved
CWE ID-CWE-617
Reachable Assertion
CVE-2021-45290
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.36% / 57.56%
||
7 Day CHG~0.00%
Published-21 Dec, 2021 | 17:25
Updated-04 Aug, 2024 | 04:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Denial of Service vulnerability exits in Binaryen 103 due to an assertion abort in wasm::handle_unreachable.

Action-Not Available
Vendor-webassemblyn/aFedora Project
Product-binaryenfedoran/a
CWE ID-CWE-617
Reachable Assertion
CVE-2025-49630
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-0.42% / 60.85%
||
7 Day CHG~0.00%
Published-10 Jul, 2025 | 16:57
Updated-29 Jul, 2025 | 15:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache HTTP Server: mod_proxy_http2 denial of service

In certain proxy configurations, a denial of service attack against Apache HTTP Server versions 2.4.26 through to 2.4.63 can be triggered by untrusted clients causing an assertion in mod_proxy_http2. Configurations affected are a reverse proxy is configured for an HTTP/2 backend, with ProxyPreserveHost set to "on".

Action-Not Available
Vendor-The Apache Software Foundation
Product-http_serverApache HTTP Server
CWE ID-CWE-617
Reachable Assertion
CVE-2020-3645
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.24% / 47.69%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 15:05
Updated-04 Aug, 2024 | 07:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Firmware will hit assert in WLAN firmware If encrypted data length in FILS IE of reassoc response is more than 528 bytes in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ6018, IPQ8074, Kamorta, Nicobar, QCA6390, QCA8081, QCN7605, QCS404, QCS405, QCS605, Rennell, SC7180, SC8180X, SDA845, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm850_firmwarekamorta_firmwaresdm845qcs404_firmwaresc8180x_firmwareqcs405sm7150_firmwareipq8074_firmwaresdm710sc7180_firmwaresm6150sdm710_firmwaresm7150qca6390_firmwareqcn7605_firmwaresdm670qca8081sxr2130sc8180xqcs605_firmwareipq6018sdm670_firmwareqcs404sm8150_firmwaresxr2130_firmwareipq8074qcs405_firmwarerennellsc7180sda845_firmwareqcn7605rennell_firmwareqca6390ipq6018_firmwareqcs605sm6150_firmwaresm8150sdm850sxr1130_firmwarekamortaqca8081_firmwarenicobar_firmwaresxr1130sda845nicobarsdm845_firmwareSnapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-617
Reachable Assertion
CVE-2023-34868
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.09% / 26.47%
||
7 Day CHG~0.00%
Published-14 Jun, 2023 | 00:00
Updated-02 Jan, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the parser_parse_for_statement_start at jerry-core/parser/js/js-parser-statm.c.

Action-Not Available
Vendor-jerryscriptn/a
Product-jerryscriptn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2022-25671
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.18% / 40.15%
||
7 Day CHG~0.00%
Published-15 Nov, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in MODEM due to reachable assertion in Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-ar8035_firmwarewcd9380_firmwarewcn6856_firmwarewsa8830wcn6856sm8475qca8081_firmwarewsa8835_firmwarewsa8835wcn7851_firmwarear8035qcn9024_firmwarewcn6855_firmwareqcn9024qcn6024_firmwareqca8337_firmwarewcn6855wcn7851sdx65_firmwarewcd9380wcn7850qcn6024wcn7850_firmwarewsa8830_firmwaresdx65qca8337sd_8_gen1_5g_firmwareqca8081Snapdragon Mobile
CWE ID-CWE-617
Reachable Assertion
CVE-2023-4236
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-7.5||HIGH
EPSS-0.08% / 23.92%
||
7 Day CHG~0.00%
Published-20 Sep, 2023 | 12:32
Updated-13 Feb, 2025 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
named may terminate unexpectedly under high DNS-over-TLS query load

A flaw in the networking code handling DNS-over-TLS queries may cause `named` to terminate unexpectedly due to an assertion failure. This happens when internal data structures are incorrectly reused under significant DNS-over-TLS query load. This issue affects BIND 9 versions 9.18.0 through 9.18.18 and 9.18.11-S1 through 9.18.18-S1.

Action-Not Available
Vendor-NetApp, Inc.Internet Systems Consortium, Inc.Debian GNU/LinuxFedora Project
Product-debian_linuxh500sh410s_firmwarefedorah300s_firmwareh500s_firmwareh700s_firmwareh410c_firmwareh410sbindh410ch300sh700sBIND 9
CWE ID-CWE-617
Reachable Assertion
CVE-2017-13749
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.01% / 76.19%
||
7 Day CHG~0.00%
Published-29 Aug, 2017 | 06:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a reachable assertion abort in the function jpc_pi_nextrpcl() in jpc/jpc_t2cod.c in JasPer 2.0.12 that will lead to a remote denial of service attack.

Action-Not Available
Vendor-n/aFedora ProjectJasPer
Product-fedorajaspern/a
CWE ID-CWE-617
Reachable Assertion
CVE-2021-40083
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.84% / 73.77%
||
7 Day CHG~0.00%
Published-25 Aug, 2021 | 00:21
Updated-04 Aug, 2024 | 02:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Knot Resolver before 5.3.2 is prone to an assertion failure, triggerable by a remote attacker in an edge case (NSEC3 with too many iterations used for a positive wildcard proof).

Action-Not Available
Vendor-nicn/a
Product-knot_resolvern/a
CWE ID-CWE-617
Reachable Assertion
CVE-2020-11274
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.24% / 47.69%
||
7 Day CHG~0.00%
Published-07 May, 2021 | 09:10
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in MODEM due to assert to the invalid configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qca9377_firmwarefsm10055qpm5679_firmwaresm6250p_firmwareqcs610qpm5620_firmwareqca8337qdm2307qca6431_firmwareqfs2608_firmwareqfs2530qpm8870_firmwareqpa8802wcd9360_firmwareqpm6585_firmwarepm6125qat3519qbt2000_firmwareqat5522_firmwarepm855a_firmwarewcn3950_firmwarepm8150asc8180x\+sdx55qtc800hqdm5670sdr8250_firmwareqca6595au_firmwareqpa5581_firmwarepm7150lqpa8821pm8998_firmwareqdm5671pmc1000hqpm4650_firmwareqcs6125_firmwareqat3518sd8cpm456_firmwareqpa5580_firmwaresa415mwcn3998wcd9371_firmwaresmr526_firmwarewcn3950sd720gpm640a_firmwareqsw8573_firmwareqdm2305_firmwareqpm5670_firmwareqsw8574_firmwaresmb2351_firmwareqdm5652sd6905gqpa4360_firmwareqca6574au_firmwareqpm8870wcd9375_firmwarewcn3998_firmwareqpm5679qbt2000pm855pqca6420wcd9360pm6150aqpm6670_firmwarepmx50_firmwareqpa8675_firmwarewhs9410_firmwaresdr735gpm8150bqdm3301_firmwareqsm7250qcs6125sa8155_firmwareqca6430qat3522pmr735awcd9340sd765gqdm2308_firmwarefsm10056_firmwaresdr660qca6436wcn6851qpa6560qfs2630_firmwaresdr675_firmwaresdr865qdm5620_firmwarewcd9341qdm4643_firmwareqca6431qca6696_firmwareqln5020wcd9371sd870_firmwareqet4100_firmwaresd750gpmm855au_firmwarewcn3910_firmwareqpm5657pm6350qdm5621qpm5875_firmwarewsa8830_firmwaresd855_firmwareqdm5650wcn3988pm640p_firmwaresdr052smb1390qat5516_firmwarepm6150lsd8885gpm855l_firmwareqet4100qpa8686_firmwareqpm6585qtc410swcn3991qca8337_firmwarewcd9380_firmwaresmb1355qln4650qpa8801sdr735g_firmwareqat5568qet5100qdm5671_firmwareqpa8801_firmwareqca6564aupm8150l_firmwareqat5533_firmwaresdx55m_firmwareqtm527_firmwarewcn6856_firmwarepm8005_firmwaresdxr25gqpa8673_firmwarepm6150qet4101_firmwarepm7250bqln4642_firmwareqfs2630qpa8842sdr052_firmwarewcd9380smb1355_firmwarepm7250b_firmwaresmb1351_firmwareqln4640qcs410smb1380_firmwarepmk8350_firmwaresmb1381pm855p_firmwaresdx50m_firmwaresdr735pm7250smb1395qpa8803sdx24_firmwaresmr526qca6430_firmwarepmk8003qtc801s_firmwarewcn3980qat3522_firmwaresdxr25g_firmwareqdm2301qsw8573wcd9340_firmwarewsa8815wcn6850wcn3910qdm5621_firmwareqdm2301_firmwareqca6426_firmwarepm8350_firmwarepm8009wcn3980_firmwareqpa8675sd730sdr051_firmwaresdx55mpm6250_firmwareqca6421_firmwarepm8008pm8350b_firmwareqtm525_firmwareqat3518_firmwareqsw8574pmi8998sd6905g_firmwaresd678_firmwareqpm5621_firmwarepm855lqln1021aq_firmwarewcn6851_firmwareqdm5670_firmwareqpa6560_firmwaresd8655gqpa8802_firmwareqln4640_firmwarepm7150a_firmwarepm8150b_firmwareqpm5621qpm6582pmc1000h_firmwarepm8009_firmwareqdm2310_firmwareqfs2580_firmwaresd480sd870wcn6855sd8885g_firmwarepm8150lpmi8998_firmwareqcs610_firmwareqdm5677pm8005pm855_firmwareqdm2302pmx60_firmwarepm855b_firmwareqpm6582_firmwareqca6391_firmwarepm640l_firmwarepm8150wcd9370_firmwareqln4650_firmwareqat3516_firmwareqpm5875sdx55qet5100msa8155psd675qet4101qat3555_firmwareqat3516qpa8803_firmwareqpm5658pm855bsmb2351qln1031qpm5658_firmwareqpm5870wcn3991_firmwareqdm5652_firmwarewsa8830sd678sdr051qet6110_firmwareqln5030pm6125_firmwareqbt1500fsm10056qpa5581pmi632qpa2625_firmwarepm456csrb31024pm8350bh_firmwarepmr735b_firmwarepmx24_firmwarefsm10055_firmwareqbt1500_firmwareqpm5870_firmwareqet5100_firmwareqpm4621qet6100_firmwareqet6100pmm855ausd765g_firmwareqpa8686qca6420_firmwareqca6390_firmwaresmb1396sd730_firmwarepm7150awcd9370sd675_firmwarepm8350qpa5461_firmwareqpa4361_firmwarepm8350c_firmwarepmr525_firmwareqca6426qca6584au_firmwarewcn3990_firmwareqca9377qpm5641pmi632_firmwarewcd9385_firmwareqdm5650_firmwarewhs9410qat5516pm7250_firmwaresdr845_firmwareqdm5620qln1021aqsmb1380qpa8821_firmwarepm8350bhpmk8002_firmwareqsw6310_firmwarepm3003asa8155qln1031_firmwareqdm4650_firmwaresdx55_firmwareqat5533qca6595ausm7250p_firmwareqca6436_firmwareqsm7250_firmwareqpm6670pm7150l_firmwareqca6564au_firmwareqca6584auqdm2305qpm8820qpm4641qat5515_firmwareqln5020_firmwaresa515m_firmwarepm855qpm8830_firmwarepm8250smb1398qdm4643qfs2530_firmwaresa415m_firmwarepmx55qpm4641_firmwarewcn3988_firmwaresdr675pm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresdr735_firmwaresm6250wsa8810_firmwareqpm5677qat5515sd765_firmwareqdm5677_firmwarepm6350_firmwarepm8004_firmwareqca6174a_firmwaresdr8150_firmwarewcd9385qtc800h_firmwareqdm2302_firmwareqpm5620qat3550_firmwareqln5040_firmwareqpm4630qca6390wcd9375sd750g_firmwareaqt1000qpa8673sc8180x\+sdx55_firmwaresm6250_firmwareqdm2310qln5030_firmwareqln4642qpm5677_firmwarewsa8815_firmwaresmb1396_firmwaresmr525_firmwarepm8998wcn6850_firmwarewsa8835_firmwareqpm8820_firmwareqpm6621_firmwarepmx24qcm6125_firmwareqet6110qln5040qpm8895sdr845qpm5670wcn3990pmx55_firmwareqtm527pmk8350pm8150_firmwaresdx24smb1398_firmwareqpm8830pm8350bqat5522qdm2307_firmwarewsa8835pm8150cpmr735bsd665_firmwareqpm5657_firmwaresm6250pqpa4360pm855apmk8003_firmwaresdr660_firmwareqpa4361qca6574aqpm4640_firmwarewcn6855_firmwaresmb1390_firmwareqdm5679_firmwareqca6174apm8350csmr525qpm4640pm6150l_firmwarepmr525pm8150a_firmwareqet5100m_firmwareqpm4650qtm525sa515mqln1036aq_firmwaresd855sd8cxsd665pm6150a_firmwarepm6150_firmwaresd765pm640pqca6574a_firmwareqpm4630_firmwaresd768g_firmwaresdr865_firmwareqat3555pm8250_firmwarepmx60qca6391sd8cx_firmwaresmb1351qpa5461aqt1000_firmwaresd8c_firmwareqpm8895_firmwarecsrb31024_firmwaresdx50mpm640aqfs2608sdr8150sd480_firmwareqln1036aqqtc801ssmb1395_firmwareqdm4650qca6574auqpm5641_firmwaresa8155p_firmwareqsw6310pm8008_firmwaresd8655g_firmwarewcd9341_firmwareqcm6125qpm6621wsa8810qtc410s_firmwarepmr735a_firmwareqat5568_firmwareqdm2308pmx50qat3550wcn6856qdm5679sdr8250sd768gpm3003a_firmwareqca6696smb1381_firmwaresd845_firmwarepm8004pm640lpmk8002qpa2625sd845sm7250psd720g_firmwareqpm4621_firmwareqcs410_firmwarepm6250qpa5580Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-617
Reachable Assertion
CVE-2017-13746
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.64% / 81.17%
||
7 Day CHG~0.00%
Published-29 Aug, 2017 | 06:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1297 in JasPer 2.0.12 that will lead to a remote denial of service attack.

Action-Not Available
Vendor-n/aFedora ProjectJasPer
Product-fedorajaspern/a
CWE ID-CWE-617
Reachable Assertion
CVE-2023-43523
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.14% / 35.23%
||
7 Day CHG~0.00%
Published-06 Feb, 2024 | 05:47
Updated-17 Jun, 2025 | 21:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reachable Assertion in WLAN Firmware

Transient DOS while processing 11AZ RTT management action frame received through OTA.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qam8255p_firmwaresnapdragon_8_gen_1_mobile_platformqca8337qfw7124sg8275p_firmwareipq8173_firmwareqam8775pqcf8001snapdragon_870_5g_mobile_platform_firmwareqcn5124qca4024_firmwarewsa8840immersive_home_318_platform_firmwareipq8078aipq5028_firmwareqca6595au_firmwareqca6554a_firmwareipq8076aqca8386_firmwareqcn6024_firmwareimmersive_home_316_platform_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareqcn6412qca6574au_firmwareqcn5164_firmwareqcn6422_firmwareqca8081_firmwaresnapdragon_xr2\+_gen_1_platformqcn9002ipq8078a_firmwareipq5028wsa8840_firmwareqca6698aqqca0000qcf8001_firmwareipq6010sc8380xp_firmwaresdx65mwcd9340qcn6132qcn9013qca6436qcf8000qca6698aq_firmwareipq5312qca9888_firmwareqam8775p_firmwareqcn6122qca6696_firmwareipq9008_firmwareqcn5154_firmwareqca6797aqqcc710_firmwarewsa8830_firmwaresd865_5g_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwareqcn5022_firmwareimmersive_home_216_platform_firmwareqca8337_firmwarewcd9380_firmwaressg2125pipq8072aipq8076a_firmwareipq8078qca6564auqca8084ipq8173qcm8550qcn9001_firmwareipq9008qcn5164qca6574qcn6402_firmwarecsr8811_firmwarewcd9380ipq9554_firmwareqcn5054_firmwareqcn5024sxr1230psg8275pqca8072_firmwareqcn9012_firmwareqcn5052_firmwareqcn9274_firmwareqfw7114_firmwarewsa8845qcc2073_firmwareipq6018_firmwarewcd9340_firmwarewsa8815snapdragon_865\+_5g_mobile_platformqca6426_firmwaresc8380xpipq6028qcn9024ipq9574_firmwaresnapdragon_xr2\+_gen_1_platform_firmwareimmersive_home_3210_platform_firmwareipq5302wcn6740_firmwaresnapdragon_xr2_5g_platformsnapdragon_x65_5g_modem-rf_systemipq8078_firmwarefastconnect_6900qcn5054snapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwareqca6797aq_firmwareqcn9024_firmwareipq8174_firmwaresnapdragon_8\+_gen_2_mobile_platformwsa8832qcn6412_firmwareipq5332ipq5302_firmwareimmersive_home_326_platformipq6018qcc710immersive_home_214_platformqca6595_firmwarewcd9395qca6391_firmwareimmersive_home_214_platform_firmwareqca4024sm8550p_firmwareqcn6402ssg2115p_firmwareqfw7124_firmwareqam8255par8035_firmwareqcn5024_firmwarewsa8830qcn9070sxr2230p_firmwareqam8650psnapdragon_865_5g_mobile_platformqcn6224_firmwareqca8082qcn9072qca8386ipq6000ssg2115pqcn5152_firmwareqca0000_firmwareqca6426qca6584au_firmwareqcn9000_firmwaresnapdragon_8_gen_2_mobile_platformipq9554wcd9385_firmwareimmersive_home_216_platformimmersive_home_316_platformimmersive_home_318_platformipq8074aqcn5124_firmwareqca8082_firmwaresnapdragon_x55_5g_modem-rf_systemqcn5122_firmwareqca6595auqcn6023_firmwaresnapdragon_8_gen_3_mobile_platformqfw7114wsa8845h_firmwareqca6436_firmwareipq5010qca6564au_firmwareqca6584ausnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareqcn9274snapdragon_870_5g_mobile_platformipq8174qcn9001qcn5052qcs8550_firmwareqcn9074qca8085wsa8810_firmwareqcn6224wsa8845hsnapdragon_ar2_gen_1_platform_firmwaresnapdragon_x75_5g_modem-rf_systemwcd9395_firmwareqca8081ipq8071aqcn6023sdx65m_firmwareipq8071a_firmwareimmersive_home_3210_platformqca8085_firmwaresxr2130_firmwarewcd9385ipq9570ar8035csr8811wcd9390qcn9100_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwarewsa8835_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqca8072qcn9000qcf8000_firmwareqca6554asd865_5gfastconnect_6800qca6595qcn9012immersive_home_326_platform_firmwareqcn6122_firmwarewsa8835sxr1230p_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwaresd_8_gen1_5gqcn6274qcn6422qcn5154qca8075_firmwaressg2125p_firmwareqca6574asxr2130qca9889qcn6132_firmwareqcn9003_firmwareqca9888qcc2076_firmwareipq8070a_firmwareqcn9003ipq8076_firmwareqca6574_firmwaresxr2230pipq8076wsa8845_firmwaresnapdragon_xr2_5g_platform_firmwareqca6574a_firmwareqcn5152snapdragon_x55_5g_modem-rf_system_firmwareqca6391fastconnect_7800qcn9100snapdragon_865\+_5g_mobile_platform_firmwareqcn6274_firmwarewsa8832_firmwareipq9570_firmwareqcn9070_firmwareipq6028_firmwareipq8072a_firmwareqcn6432_firmwareipq5312_firmwareqca6574auqca9889_firmwareipq9574qcn5122fastconnect_7800_firmwarewsa8810ipq5332_firmwaresm8550psnapdragon_8_gen_1_mobile_platform_firmwaresnapdragon_ar2_gen_1_platformqcn5022qcn9013_firmwareqam8650p_firmwareipq6010_firmwarewcn6740qca6696qcs8550qca8075qcn9022_firmwaresnapdragon_8_gen_3_mobile_platform_firmwareqcn6024qcn9022qcc2076wcd9390_firmwareipq8070aqcn9002_firmwareqcn9072_firmwareipq6000_firmwareqcn9074_firmwareqcc2073qcn6432Snapdragon
CWE ID-CWE-617
Reachable Assertion
CVE-2017-13752
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.01% / 76.19%
||
7 Day CHG~0.00%
Published-29 Aug, 2017 | 06:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a reachable assertion abort in the function jpc_dequantize() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack.

Action-Not Available
Vendor-n/aFedora ProjectJasPer
Product-fedorajaspern/a
CWE ID-CWE-617
Reachable Assertion
CVE-2017-13751
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.01% / 76.19%
||
7 Day CHG~0.00%
Published-29 Aug, 2017 | 06:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a reachable assertion abort in the function calcstepsizes() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack.

Action-Not Available
Vendor-n/aFedora ProjectJasPer
Product-fedorajaspern/a
CWE ID-CWE-617
Reachable Assertion
CVE-2017-13747
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.01% / 76.19%
||
7 Day CHG~0.00%
Published-29 Aug, 2017 | 06:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a reachable assertion abort in the function jpc_floorlog2() in jpc/jpc_math.c in JasPer 2.0.12 that will lead to a remote denial of service attack.

Action-Not Available
Vendor-n/aFedora ProjectJasPer
Product-fedorajaspern/a
CWE ID-CWE-617
Reachable Assertion
CVE-2023-43529
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.15% / 36.60%
||
7 Day CHG~0.00%
Published-06 May, 2024 | 14:32
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reachable Assertion in Data Modem

Transient DOS while processing IKEv2 Informational request messages, when a malformed fragment packet is received.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm8550_firmwareqcs410_firmwaresw5100psd865_5gqcs610_firmwarewcd9335wcd9370qca8081_firmwaresnapdragon_7c_gen_2_compute_firmwareqca6696snapdragon_x70_modem-rf_firmwarewcd9340_firmwarewcd9341_firmwarewcd9395_firmwareqcn6024qcc710_firmwareqca6426snapdragon_8\+_gen_1_mobilewcn6740_firmwarefastconnect_6700snapdragon_780g_5g_mobilesnapdragon_750g_5g_mobilesnapdragon_685_4g_mobilesnapdragon_x50_5g_modem-rf_firmwaresnapdragon_782g_mobile_firmwarewsa8832_firmwareqca8337qca6426_firmwarewcd9395snapdragon_auto_4g_modemsnapdragon_665_mobile_firmwaresc8180xp-aaabqca6574au_firmwaresnapdragon_690_5g_mobile_firmwaresnapdragon_x72_5g_modem-rfwcd9341qca6574auwcd9390snapdragon_888\+_5g_mobile_firmwarewsa8810_firmwaresd730_firmwarewsa8845h_firmwarecsra6640snapdragon_778g_5g_mobile_firmwaresc8180xp-acafsd730snapdragon_690_5g_mobilefastconnect_6800_firmwareqcs5430qcn6024_firmwareqcm5430qcm5430_firmwarevideo_collaboration_vc1_platform_firmwareqcm6125_firmwaresnapdragon_678_mobile_firmwareqcc710snapdragon_xr2_5g_firmware315_5g_iot_modem_firmwarefastconnect_6900snapdragon_w5\+_gen_1_wearable_firmwarevideo_collaboration_vc1_platformqep8111qfw7114snapdragon_730_mobile_firmwarewcd9385_firmwareqca6421315_5g_iot_modemwcd9360snapdragon_x65_5g_modem-rfqcs4490snapdragon_730_mobilesnapdragon_680_4g_mobilewsa8845qca6421_firmwareqcm6125sc8180x-adqca6564au_firmwarewsa8810snapdragon_888_5g_mobile_firmwareqca6595ausnapdragon_888_5g_mobilesm7315_firmwaresnapdragon_662_mobile_firmwaresnapdragon_685_4g_mobile_firmwarewsa8840qcs8550_firmwaresnapdragon_730g_mobilesnapdragon_782g_mobilesnapdragon_x35_5g_modem-rf_firmwaresnapdragon_8_gen_2_mobile_firmwaresnapdragon_x55_5g_modem-rfqfw7124_firmwareqca6436_firmwarewcd9371_firmwaresnapdragon_695_5g_mobile_firmwareqcs4490_firmwaresnapdragon_x55_5g_modem-rf_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewcn3910_firmwaresnapdragon_460_mobilesnapdragon_8_gen_2_mobileqca6420wcn3910wcd9370_firmwarecsrb31024qca6574asnapdragon_x72_5g_modem-rf_firmwaresnapdragon_8\+_gen_2_mobileqca6174awcd9340qcm2290snapdragon_auto_5g_modem-rf_gen_2qcm6490sm8550p_firmwareqcm8550wcn3988snapdragon_765_5g_mobile_firmwaresnapdragon_662_mobileqcn9024sd675_firmwaresnapdragon_855_mobile_firmwareqca6430_firmwaresdx57msmart_audio_400qcn9024_firmwarewsa8845hqcs410qcm2290_firmwaresnapdragon_765g_5g_mobile_firmwarewsa8830sm8550psnapdragon_768g_5g_mobile_firmwaresnapdragon_7c_gen_2_computesc8180x\+sdx55_firmwarear8035snapdragon_7c_compute_firmwareqcm4325qcn6224snapdragon_865\+_5g_mobile_firmwaresc8180x\+sdx55qca6698aqwcn3950_firmwaresm6250snapdragon_480\+_5g_mobilefastconnect_6200sm7325p_firmwarewcd9360_firmwaresc8180x-acaf_firmwaresnapdragon_480_5g_mobile_firmwarefastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwarewcn3990snapdragon_x75_5g_modem-rf_firmwaresnapdragon_8_gen_3_mobilesnapdragon_855_mobileqcs6490snapdragon_695_5g_mobilesc8180xp-acaf_firmwaresnapdragon_778g_5g_mobilefastconnect_6200_firmwarewsa8830_firmwaresnapdragon_460_mobile_firmwareqcn6224_firmwareqca6431wsa8845_firmwarewsa8832snapdragon_auto_4g_modem_firmwaresnapdragon_480_5g_mobilesnapdragon_750g_5g_mobile_firmwaresdx57m_firmwaresxr2130_firmwaresnapdragon_860_mobile_firmwaresnapdragon_x35_5g_modem-rfar8035_firmwaresc8180xp-aaab_firmwaresnapdragon_778g\+_5g_mobilesd888_firmwareqca6564auqcs6125_firmwaresc8180xp-adsm6250p_firmwarewsa8815_firmwareqca8337_firmwareqcm4290sg8275p_firmwareqca9377_firmwareqcm6490_firmwaresnapdragon_665_mobilesm7250p_firmwareqcm4490_firmwarewcn3950qcs6125snapdragon_870_5g_mobile_firmwaresnapdragon_730g_mobile_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_7c\+_gen_3_computesnapdragon_732g_mobilesnapdragon_778g\+_5g_mobile_firmwaresmart_audio_400_firmwaresnapdragon_870_5g_mobilesd_675_firmwaresnapdragon_678_mobilesnapdragon_720g_mobilesm7250pcsrb31024_firmwaresc8180x-acafsm6250_firmwaresc8180x-ad_firmwaresnapdragon_7c_computeqca6584ausd888qcn6274_firmwaresnapdragon_675_mobile_firmwaresw5100_firmwarewcn6740snapdragon_768g_5g_mobilesnapdragon_780g_5g_mobile_firmwaresnapdragon_8_gen_3_mobile_firmwarefastconnect_6800qfw7114_firmwarefastconnect_7800_firmwaresnapdragon_675_mobilesnapdragon_865_5g_mobile_firmwarewcd9371fastconnect_6900_firmwarewcd9380snapdragon_xr2_5gsnapdragon_x24_lte_modemsnapdragon_auto_5g_modem-rf_firmwaresc8180x-aaabsc8180x-aaab_firmwaresw5100video_collaboration_vc3_platformaqt1000snapdragon_4_gen_1_mobile_firmwaresd855qca6431_firmwarewcn3990_firmwaresm7315qca6698aq_firmwareqcs2290wcd9385snapdragon_888\+_5g_mobileqcs2290_firmwaresnapdragon_8_gen_1_mobilesnapdragon_680_4g_mobile_firmwareqcs4290wcd9390_firmwaresnapdragon_865\+_5g_mobileqep8111_firmwareqca6430snapdragon_855\+_mobilesg8275psm6250psnapdragon_765_5g_mobilesnapdragon_860_mobilesdx55_firmwaresc8180xp-ad_firmwaresnapdragon_auto_5g_modem-rfsxr2130qcm4490snapdragon_x65_5g_modem-rf_firmwarecsra6640_firmwaresnapdragon_480\+_5g_mobile_firmwareqca6174a_firmwaresm7325psnapdragon_732g_mobile_firmwaresnapdragon_x50_5g_modem-rfqca6420_firmwareaqt1000_firmwareqcs6490_firmwaresd855_firmwarewcd9335_firmwarewcn3980_firmwareqca6436snapdragon_x70_modem-rfqca6584au_firmwaresnapdragon_x24_lte_modem_firmwarewsa8835qca6391_firmwarewsa8840_firmwareqcn6274qfw7124qca6595au_firmwareqcs610sw5100p_firmwareqca6696_firmwareqcs4290_firmwarewcd9380_firmwarecsra6620qca8081wsa8815sg4150pqca9377snapdragon_x75_5g_modem-rfqcm4325_firmwareqca6574a_firmwaresdx55snapdragon_4_gen_1_mobileqcm4290_firmwaresnapdragon_720g_mobile_firmwaresnapdragon_865_5g_mobilesnapdragon_855\+_mobile_firmwaresd675wcd9375_firmwareqca6391qcs5430_firmwaresg4150p_firmwarecsra6620_firmwareqcs8550fastconnect_7800sd865_5g_firmwaresnapdragon_8\+_gen_2_mobile_firmwarewcd9375snapdragon_765g_5g_mobilewcn3988_firmwaresd_675snapdragon_8\+_gen_1_mobile_firmwarewsa8835_firmwarewcn3980snapdragon_w5\+_gen_1_wearablesnapdragon_8_gen_1_mobile_firmwareSnapdragonqcm2290_firmwareaqt1000_firmwareqca6564au_firmwareqca9377_firmwareqca8337_firmwareqcm4490_firmwareqcm8550_firmwareqcn6274_firmwareqcs4490_firmware315_5g_iot_modem_firmwareqcs2290_firmwarecsrb31024_firmwareqcm6490_firmwareqca6431_firmwarefastconnect_6900_firmwareqcs8550_firmwareqcn6224_firmwarefastconnect_6700_firmwareqcn9024_firmwarefastconnect_7800_firmwareqca6420_firmwareqca6595au_firmwareqcm4290_firmwareqcs610_firmwarecsra6620_firmwareqca6698aq_firmwarecsra6640_firmwareqcm5430_firmwareqca6174a_firmwareqcs6125_firmwareqcs4290_firmwareqca6584au_firmwareqep8111_firmwareqca6696_firmwareqca6430_firmwareqcs6490_firmwareqfw7114_firmwareqcs5430_firmwareqca6391_firmwareqcn6024_firmwareqcm4325_firmwareqcc710_firmwareqca6426_firmwareqca6574a_firmwarefastconnect_6200_firmwareqca6574au_firmwareqca8081_firmwarefastconnect_6800_firmwareqcs410_firmwareqfw7124_firmwareqca6436_firmwarear8035_firmwareqcm6125_firmwareqca6421_firmware
CWE ID-CWE-617
Reachable Assertion
CVE-2020-11296
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.26% / 49.08%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 06:26
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Arithmetic overflow can happen while processing NOA IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100qfe2080fc_firmwareqca9377_firmwareqpm5679_firmwarepmd9607_firmwareqca1023qfs2530qpm8870_firmwareqln1030pm6125mdm9645msm8992_firmwarewcn3950_firmwarepm8150aqdm5670qpm5541_firmwareqpa5581_firmwareqpa8821mdm8215qcs6125_firmwarepm456_firmwaresa415mwcn3998wcd9371_firmwarewcn3950mdm9206_firmwareqsw8573_firmwarewcn3660bqsm8350_firmwareqsm8350smb2351_firmwarepm855pwtr4605_firmwarepm6150aqca9367_firmwareipq8072_firmwaresa8155_firmwareipq8068qat3522qfe4455fcpmr735asdm830_firmwaresd765gsdr660qfe1045_firmwareqfe3345qfs2630_firmwaresdr865mdm9250_firmwareqdm5620_firmwaresmr545qca6696_firmwareqln5020qca1062mdm8215_firmwarepmm855au_firmwaresd_8cxpmm8920ausa8150pqfe3340sd660sd712pm640p_firmwareqcn5121pm6150lpm855l_firmwareqca6428_firmwareqtc410sipq4018_firmwareqca4531_firmwareqfe3335_firmwareqpa8801ipq8078qat5533_firmwareipq8173sdx55m_firmwareqpa8673_firmwaresd670_firmwareqfs2630pmm8996auqpm5579_firmwaresmb1380_firmwarepmk8350_firmwareqcn5024pm855p_firmwaresd690_5g_firmwaresmb1381pm7250wtr4905sdx24_firmwareqcn9012_firmwareqdm2301qca9890_firmwareqfe2101_firmwareqca6584_firmwareqdm5621_firmwareqpm6375sd_8c_firmwareipq6028ipq8064pmp8074qca1990wcn3980_firmwaresd730qfe3320_firmwarepm8008pm8350b_firmwaremdm9225pme605_firmwarepme605apq8064au_firmwaremdm9225mipq8078_firmwareqcn5054qln1021aq_firmwareqcs603qca6164_firmwareqln4640_firmwareqca9980qpm6582qcn9024_firmwareqcs610_firmwareapq8084_firmwareqca9886_firmwarear8031wtr2965qca6164qca6391_firmwarepmx20_firmwareqca4024qat3516_firmwareapq8053qcn5021_firmwareqca9379pm855bsmb2351qpa5581qfe1040_firmwarecsrb31024qca9563_firmwaremdm9628_firmwaremdm9650qbt1500_firmwareqpm5870_firmwarepmk8001qcs4290qet6100pmd9635_firmwareapq8009_firmwaresd690_5gmdm9310_firmwaresd675_firmwareipq8072qca6426qca9984_firmwareqca9377qpm5641sdxr2_5g_firmwarewtr2955rgr7640au_firmwarepm7250_firmwareqdm5620ipq8074aqca9982qcn5122_firmwareqat5533qcn6023_firmwaresm7250p_firmwarewcn3610_firmwareqsm7250_firmwareqpm6670pm7150l_firmwareqca6584aupm855pm8250qcn5052mdm9235m_firmwaremdm9607_firmwaremdm9655_firmwareqfs2530_firmwaresa415m_firmwareqat3519_firmwareqpm5677qat5515qca9982_firmwareqcs4290_firmwareqtc800h_firmwareqpm5620mdm9625sd750g_firmwareaqt1000sm6250_firmwarepmm8195auqln4642msm8994ipq5010_firmwareipq8074a_firmwaremdm9625msd888_5g_firmwaresmr525_firmwarewsa8815_firmwareqpm8820_firmwareapq8017qpm6621_firmwaremdm9630_firmwarewtr2955_firmwareqbt1000_firmwarepm8019qca6595smb1398_firmwareqca9896_firmwareipq8065_firmwarepm8150cpmr735bsd665_firmwareqcn5154qpm5577_firmwareqdm5679_firmwareqca6310_firmwareapq8094_firmwarepm6150l_firmwaremdm9615qca6574_firmwaresd665pm6150a_firmwarepmd9607mdm9310wtr2965_firmwarecsrb31024_firmwareqfs2608qcn9070_firmwareqln1036aqipq6028_firmwareipq8072a_firmwareqca9889_firmwaresd710mdm9607mdm9645_firmwareqln1035bd_firmwaresdx20m_firmwareqca6564_firmwareqca1064_firmwaresmb1350_firmwarepmk8002apq8096au_firmwareqcn9022sdm830smb1357qpa5580pm8018_firmwareqpm5579qfe2550qcn5550qdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqat3519qbt2000_firmwareipq8078asa8150p_firmwaresdr8250_firmwareqcn5064csra6620_firmwareqln1020csra6640_firmwarepmc1000hqat3518smr526_firmwareipq8076apm640a_firmwarewgr7640_firmwareqca4020qca6428qdm5652qcn5164_firmwareipq8071sa6155_firmwarewcd9360sdx20mqca6438_firmwareqpa8675_firmwarewtr1625lqpa5460_firmwarewcn3999qsm7250pm8996ipq4029_firmwareipq6010sd662_firmwareqdm2308_firmwareqca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwareipq8068_firmwarepmi8952mdm9655qca6431wcn3910_firmwareqfe1922sd855_firmwareqdm5650qfe2080fcsdr052sa8195p_firmwaresmb1390qca9898ipq4028qpa8686_firmwarewcd9380_firmwareqca7500_firmwarewgr7640csr6030qat5568qdm5671_firmwareqpa8801_firmwareqtm527_firmwarepm8005_firmwareqca9558pm7250b_firmwarepmd9655_firmwaresmb1351_firmwaremdm9230pm8996_firmwareipq4019_firmwaresmb358sar8151smr526qca8072_firmwareqca6174pmk8003qca6430_firmwareqtc801s_firmwareqat3522_firmwarewcn3980qsw8573qcs605qbt1000mdm9225_firmwaresd7cwcn3910qca6426_firmwarepm8350_firmwarepm8009ipq8064_firmwareqat3518_firmwaresd821_firmwarepmi8998qfe2520ar8031_firmwarepm855lpmd9635pm8150b_firmwaresd_636_firmwaresmr545_firmwareqca9880pm670sd210_firmwarepm8005qdm2302sdxr1apq8096auqcs405_firmwarepmi8996_firmwareqln4650_firmwareqet5100mqca9378a_firmwarepm8952qca9531_firmwareqat3516qpm5658ar8035_firmwareqcm2290qpm5658_firmwareqcn5024_firmwarewcn3991_firmwareqdm5652_firmwareqfe4465fcqcn9070pmi632qca9378pm8350bh_firmwarepmr735b_firmwaresmb1360_firmwareqca9880_firmwarepm670l_firmwaresdr660gqfe2340ipq8069_firmwaresd730_firmwarewcd9370sdr425qcn9000_firmwareipq5018qca9369ar8151_firmwaresd_8cx_firmwareqpm5541qat5516qcn5124_firmwarepm8350bhqca6320_firmwarewcn3680b_firmwareqca6595auipq5010qdm2305sa6155p_firmwareqca6310pm8937qpm2630qca9990sdxr2_5gsmb1398msm8994_firmwaresa6145p_firmwaresdr675ipq8071aipq8071a_firmwarewcd9385qat3550_firmwareqln5040_firmwarepm4125_firmwarear8035pm8019_firmwareapq8064auqca6694_firmwareqdm2310qfe2550_firmwareqcn9100_firmwareqln5030_firmwarepm8952_firmwaresd820smb1396_firmwarecsr6030_firmwaresmr546pmx24qfe1055qca8072qln5040qpm8895sdr845qtm527qfe3440fc_firmwarepmk8350qca9558_firmwaremsm8996aupm8994_firmwareqfe1035qpm5657_firmwaresd888_5gsm6250pqln1035bdpm855asdr660_firmwarepm8909_firmwareipq4018qca6574aqpm4640mdm9635mqet5100m_firmwareipq8076_firmwareqpm4650sa515mipq8076qfe1922_firmwareqca9887qca9378_firmwaresdr865_firmwareqfe4465fc_firmwarepm8250_firmwaresd460qca6391sdxr1_firmwaremdm9626pm660asdx50mpm640apm8916qdm4650ipq8074_firmwareqca6574ausa8155p_firmwareqsw6310qcm6125qpm2630_firmwaresmb231_firmwareqdm2308qat3550wcn6856sd835_firmwareqtc800s_firmwaresa6150pqcn9022_firmwareqpa8688_firmwareipq8070apmm8195au_firmwareqcn9072_firmwaresm7250psd720g_firmwareqpm4621_firmwareqca9896ipq4029sd850qln4640qfs2580mdm9640_firmwaresm6250p_firmwareipq4028_firmwareqfe4455fc_firmwareqca8337ar9380ipq8173_firmwareqfs2608_firmwareqpa8688qcn5124qat5522_firmwaresc8180x\+sdx55qca6595au_firmwaresa6155pm7150lpm8998_firmwaresd_455_firmwareapq8076wtr5975_firmwareqpa5580_firmwareqcn6024_firmwaresd720gsm4125wtr1605pmm8920au_firmwareqsw8574_firmwaresd460_firmwaremdm9230_firmwarepm8953_firmwareqpa4360_firmwareqca8081_firmwareqfe2520_firmwarewcn3998_firmwareqca6420apq8053_firmwareqpm6670_firmwareipq8070_firmwareipq8065ipq8078a_firmwarepm660_firmwarepm8150bqca0000qfe2101qca6430wcd9340mdm9625_firmwaresmb1358qca9888_firmwarewcd9371smb1350qfe1055_firmwareqcn5154_firmwaresm4350_firmwarewtr3950pm6350qdm5621qtc800sqat3514_firmwaremdm9330_firmwareqca9992_firmwaresd865_5g_firmwaresd660_firmwareqcn5022_firmwareqcn7606_firmwareqat5516_firmwarewcn3991qca9980_firmwarepm8150l_firmwarepm6150smb1354_firmwaremsm8976_firmwareqca6574qpa8842csr8811_firmwaresdr052_firmwarewcd9380qcs410qfe3100_firmwareqca9379_firmwareqpa8803pmd9645ipq6018_firmwarewcd9340_firmwarewsa8815wcn6850pmp8074_firmwareqdm2301_firmwaremdm9215_firmwaresd835pm660l_firmwarepm6250_firmwareqtm525_firmwareqcn5064_firmwareqca9890qpm5621_firmwareqca6234rsw8577qpa6560_firmwareqca9994qpa8802_firmwareqpm5621sd670ipq8174_firmwarepm8009_firmwareqfs2580_firmwareqcm4290_firmwarewcn6855qcn7605_firmwarepm8150lpmi8998_firmwaresa6145ppm660a_firmwarepm4250qca1023_firmwareqpm5577sdm630_firmwaresd820_firmwarepm8150wcd9370_firmwaresdx55csra6640qat3555_firmwarepmi8994qpa8803_firmwareqca6234_firmwareqln1031qcn7606qpm5870pm8909qfe1040wsa8830pm660qca9561qet6110_firmwareqca1062_firmwareqpm6325pm6125_firmwareqbt1500qfe2340_firmwaresd_636pmx24_firmwareqca9378aqca9992pmm855aumdm9250qca6420_firmwaresmb1396pm7150apm8350qca6564qpa4361_firmwarepm8350c_firmwareqpa5461_firmwarewcn3990_firmwareqca4531wcd9385_firmwareqdm5650_firmwareqpa4340_firmwarewcd9326_firmwarewhs9410wcn3615_firmwaresdr845_firmwareqln1021aqsmb1380pmk8002_firmwareapq8094qsw6310_firmwaresa8155qca6584qdm4650_firmwareqln1031_firmwarepmm6155au_firmwaresdx55_firmwarewcn3615qfe1952qpm4641qat5515_firmwareipq8174qpm8830_firmwareqca9367qfe2082fc_firmwareapq8092sdm630qdm4643wcn3988_firmwarepmx55qpm4641_firmwareqcn9074pm8150c_firmwareqca6421qdm3301qpa8842_firmwaresa8195psdr735_firmwarepm8953qca6694qat3514wcd9326wcd9335pm6350_firmwareqcn6023pm8004_firmwaresdr8150_firmwareqpm4630qca6390qca9898_firmwarewcd9375msm8976sc8180x\+sdx55_firmwareqpm5677_firmwareapq8092_firmwaresdx20_firmwarewtr3925_firmwarepm8998qln1020_firmwaremdm9235mpm670a_firmwareqcm6125_firmwareqca9882wtr1625l_firmwarepmx55_firmwaresd865_5gpm8150_firmwareqpm8830pmm8996au_firmwareqat5522qca9369_firmwareqpa4360pmk8003_firmwareqca8075_firmwareqpa4361ipq6005_firmwaremdm9206qpm4640_firmwarewcn6855_firmwarepm8350csmr525qca9888ipq8070a_firmwarepmr525pm8150a_firmwarewtr3950_firmwareqca9886qln1036aq_firmwarepm6150_firmwareqca6175asd765wtr3925lpmx20qca6574a_firmwareqpm4630_firmwareqat3555sd850_firmwareapq8009qpa5461qfe2082fcpm670_firmwareqtc801smdm9626_firmwareqca9531qpm5641_firmwareqfe3320qcn5122pm8008_firmwareqpm6621pmr735a_firmwarepmx50pm8018qfe3345_firmwareqcn5022sdr8250sd768gqln1030_firmwarepm8004pm640lqca8075qcn6024sd845mdm9615_firmwareipq6000_firmwareqcs410_firmwaremdm9330qca6175a_firmwaresa6150p_firmwareqcs610pmi8996qpm5620_firmwareqfe1045qca9561_firmwareqca4024_firmwarepm855a_firmwareqtc800hqcs2290qca6335qcs605_firmwaresd_675_firmwaresmr546_firmwarewtr3905qdm5671qfe2330qpm4650_firmwaresdr425_firmwaremdm9628qpa5460qdm2305_firmwareqpm5670_firmwaresd710_firmwareqca6574au_firmwaremdm9630qpm8870wcd9375_firmwareqpm5679qbt2000pmx50_firmwarewhs9410_firmwaresdr735gqdm3301_firmwareqca7500qcs6125smb1360qcs405qca1990_firmwareqfe3440fcrsw8577_firmwareqpa6560sdr675_firmwarewcd9341qdm4643_firmwarepm8937_firmwareqet4100_firmwaresd750gqpm5657wtr1605_firmwareqpm5875_firmwarewsa8830_firmwarewcn3988qca6438wtr3925qet4100wcn3610mdm9640ipq5018_firmwareqpm6585qca8337_firmwaresmb1355ipq8072aqln4650qtc800t_firmwaremsm8996au_firmwaresdr735g_firmwarewcd9330ipq8076a_firmwareqet5100mdm9225m_firmwareqca6564auwcn6856_firmwareqcn5164pm8994qet4101_firmwarepm7250bqln4642_firmwarepmk8001_firmwaresmb1355_firmwareqcn5054_firmwareqet4200aq_firmwaresdx50m_firmwaresdr735smb1395pm660lsmb358s_firmwarewtr5975wcd9335_firmwareqcn5052_firmwareqca6335_firmwareqca6320mdm9650_firmwarewcn3660b_firmwareqca9984qcn9024qpa8675qcn5550_firmwaresdr051_firmwaresdx55mwcd9330_firmwarepm670aqca6421_firmwarewtr3905_firmwareqsw8574wcn6851_firmwareqdm5670_firmwareipq8070pm7150a_firmwareqca9887_firmwarewtr3925l_firmwarepmc1000h_firmwareqca6564a_firmwareqdm2310_firmwarepm4250_firmwarepmd9645_firmwareqcn5121_firmwareqdm5677ipq6018pm855_firmwarepmm6155aupm855b_firmwareqca6595_firmwareqpm6582_firmwareqpm6375_firmwarepm640l_firmwareqpm5875sa8155psd675wtr4605qet4101pm670lqfe2330_firmwarepmm8155au_firmwaresdr051qln5030qcs2290_firmwarepm4125qpa2625_firmwarepm456sd7c_firmwareqfe2081fc_firmwarecsra6620qet5100_firmwareqfe1100_firmwareqpm4621qcn9072qet6100_firmwaresd765g_firmwareqpa8686smb1358_firmwareqca6390_firmwareipq6000qca6174_firmwareqcn5152_firmwareqca0000_firmwarepmr525_firmwareqca6584au_firmwareapq8076_firmwareqfe3340_firmwarepmi632_firmwareqcn7605qca9563sd662qpa8821_firmwareqfe1952_firmwaresdr660g_firmwareqca1064pm3003awcn3999_firmwareqca6436_firmwareqtc800tsmb1354qca6564au_firmwareqpm8820qfe2081fcqln5020_firmwaresa515m_firmwareapq8084sd821msm8992sm6250sd712_firmwareapq8017_firmwarewsa8810_firmwaresmb231qfe1100sd765_firmwareqdm5677_firmwareqca8081qet4200aqqca6174a_firmwareqpm6325_firmwareqdm2302_firmwarepmm8155aucsr8811qpa8673ipq4019sd210wcn6850_firmwarewsa8835_firmwareqca6564aqet6110pmi8952_firmwareqcm2290_firmwaremdm9635m_firmwareqpm5670wcn3990qcn9000sd_675mdm9625m_firmwarear9380_firmwaresdx24qcn9012pmi8994_firmwarepm8350bqdm2307_firmwarewsa8835rgr7640aupm8916_firmwareqca9889qca6174asmb1390_firmwareipq8074qca9994_firmwarepm8956_firmwareqtm525wtr6955qfe3335sd855sm4125_firmwarewtr6955_firmwarepm640pqcn5021ipq8069qcn5152sd768g_firmwaresmb1351smb1357_firmwareipq6005aqt1000_firmwareqcn9100qpm8895_firmwareqpa4340qfe1035_firmwareqcm4290qca9882_firmwaresdr8150sdx20smb1395_firmwaremdm9215sd_455pmd9655wcd9341_firmwarewsa8810qtc410s_firmwareqat5568_firmwarewtr4905_firmwareqdm5679sd_8cwcn3680bipq6010_firmwarepm3003a_firmwareqca6696sm4350sd845_firmwaresmb1381_firmwareqpa2625qca9990_firmwareipq8071_firmwareqcn9074_firmwarepm8956pm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-617
Reachable Assertion
CVE-2023-5517
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-7.5||HIGH
EPSS-0.16% / 37.40%
||
7 Day CHG~0.00%
Published-13 Feb, 2024 | 14:04
Updated-13 Feb, 2025 | 17:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Querying RFC 1918 reverse zones may cause an assertion failure when "nxdomain-redirect" is enabled

A flaw in query-handling code can cause `named` to exit prematurely with an assertion failure when: - `nxdomain-redirect <domain>;` is configured, and - the resolver receives a PTR query for an RFC 1918 address that would normally result in an authoritative NXDOMAIN response. This issue affects BIND 9 versions 9.12.0 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1.

Action-Not Available
Vendor-Fedora ProjectNetApp, Inc.Internet Systems Consortium, Inc.
Product-bindactive_iq_unified_managerfedoraBIND 9bind_9
CWE ID-CWE-617
Reachable Assertion
CVE-2017-3139
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-7.5||HIGH
EPSS-0.72% / 71.64%
||
7 Day CHG~0.00%
Published-09 Apr, 2019 | 17:07
Updated-05 Aug, 2024 | 14:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service flaw was found in the way BIND handled DNSSEC validation. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response.

Action-Not Available
Vendor-Red Hat, Inc.
Product-enterprise_linux_server_ausenterprise_linux_server_tusenterprise_linux_server_eusBIND
CWE ID-CWE-617
Reachable Assertion
CVE-2025-46354
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-7.5||HIGH
EPSS-0.05% / 16.61%
||
7 Day CHG~0.00%
Published-22 Jul, 2025 | 15:26
Updated-22 Aug, 2025 | 16:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability exists in the Distributed Transaction Commit/Abort Operation functionality of Bloomberg Comdb2 8.1. A specially crafted network packet can lead to a denial of service. An attacker can send a malicious packet to trigger this vulnerability.

Action-Not Available
Vendor-bloombergBloomberg
Product-comdb2Comdb2
CWE ID-CWE-617
Reachable Assertion
CVE-2020-11653
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.48% / 63.95%
||
7 Day CHG+0.02%
Published-08 Apr, 2020 | 00:00
Updated-04 Aug, 2024 | 11:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Varnish Cache before 6.0.6 LTS, 6.1.x and 6.2.x before 6.2.3, and 6.3.x before 6.3.2. It occurs when communication with a TLS termination proxy uses PROXY version 2. There can be an assertion failure and daemon restart, which causes a performance loss.

Action-Not Available
Vendor-varnish-cachevarnish-softwaren/aDebian GNU/LinuxopenSUSE
Product-varnish_cachedebian_linuxbackports_sleleapn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2020-11278
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.24% / 47.69%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 06:26
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible denial of service while handling host WMI command due to improper validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qpm5679_firmwaresm6250p_firmwareqca8337ipq8173_firmwareqfs2608_firmwareqfs2530qpm8870_firmwareqln1030qpa8688pm6125qcn5124qat5522_firmwarewcn3950_firmwarepm8150aqdm5670qca6595au_firmwareqpm5541_firmwareqpa5581_firmwaresa6155pm7150lqpa8821pm8998_firmwarewtr5975_firmwareqcs6125_firmwarepm456_firmwareqpa5580_firmwaresa415mwcn3998wcd9371_firmwarewcn3950qcn6024_firmwaresd720gsm4125qsw8573_firmwareqsm8350_firmwareqsw8574_firmwareqsm8350sd460_firmwaresmb2351_firmwaresd6905gqpa4360_firmwareqca8081_firmwarewcn3998_firmwarepm855pqca6420pm6150aqpm6670_firmwareipq8070_firmwareipq8078a_firmwarepm660_firmwarepm8150bipq8072_firmwaresa8155_firmwareqca6430qat3522pmr735awcd9340sdm830_firmwaresd765gsdr660qfs2630_firmwaresdr865qdm5620_firmwareqca9888_firmwaresmr545qca6696_firmwareqln5020wcd9371qca1062qcn5154_firmwarepmm855au_firmwaresm4350_firmwaresa8150ppm6350qdm5621qtc800sqat3514_firmwaresd660sd712pm640p_firmwaresd660_firmwareqcn5121qcn5022_firmwareqcn7606_firmwareqat5516_firmwarepm6150lwcn6750_firmwaresd8885gpm855l_firmwareqca6428_firmwareqtc410swcn3991qpa8801ipq8078pm8150l_firmwareipq8173qat5533_firmwaresdx55m_firmwaresdxr25gqpa8673_firmwarepm6150smb1354_firmwaresd670_firmwareqca6574qfs2630qpa8842csr8811_firmwaresdr052_firmwarewcd9380qln4640qcs410qpm5579_firmwaresmb1380_firmwarepmk8350_firmwareqcn5024pm855p_firmwaresmb1381pm7250qpa8803qcn9012_firmwaresdxr25g_firmwareqdm2301ipq6018_firmwarewcd9340_firmwarewsa8815wcn6850pmp8074_firmwareqdm5621_firmwareqdm2301_firmwareqpm6375ipq6028pmp8074wcn3980_firmwaresd730pm660l_firmwarepm6250_firmwarepm8008pm8350b_firmwareqtm525_firmwarepme605_firmwareqcn5064_firmwarepme605ipq8078_firmwareqpm5621_firmwareqcn5054qln1021aq_firmwareqcs603rsw8577qpa6560_firmwareqpa8802_firmwareqln4640_firmwareqpm5621qpm6582qcn9024_firmwareipq8174_firmwarepm8009_firmwaresd670qfs2580_firmwareqcm4290_firmwarewcn6855qcn7605_firmwarepm8150lpmi8998_firmwareqcs610_firmwaresa6145ppm660a_firmwarepm4250ar8031qpm5577wtr2965sdm630_firmwareqca6391_firmwarepm8150qca4024wcd9370_firmwareqat3516_firmwaresdx55qcn5021_firmwarecsra6640qat3555_firmwareqpa8803_firmwarepm855bsmb2351qln1031qcn7606qpm5870wsa8830pm660qet6110_firmwareqca1062_firmwareqpm6325pm6125_firmwareqbt1500qpa5581csrb31024pmx24_firmwareqbt1500_firmwareqpm5870_firmwareqcs4290qet6100pmm855auqca6420_firmwaresmb1396pm7150asd675_firmwareipq8072pm8350qpa5461_firmwareqpa4361_firmwarepm8350c_firmwareqca6426wcn3990_firmwareqca9984_firmwareqpm5641wcd9385_firmwareqdm5650_firmwareqpa4340_firmwarewcd9326_firmwarewhs9410pm7250_firmwaresdr845_firmwareqdm5620qln1021aqipq8074asmb1380pmk8002_firmwareqsw6310_firmwaresa8155qln1031_firmwareqdm4650_firmwareqcn5122_firmwarepmm6155au_firmwareqat5533sdx55_firmwareqcn6023_firmwaresm7250p_firmwareqsm7250_firmwareqpm6670pm7150l_firmwareqca6584auqpm4641qat5515_firmwareipq8174pm855qpm8830_firmwarepm8250qcn5052sdm630qdm4643qfs2530_firmwaresa415m_firmwarepmx55qpm4641_firmwareqcn9074wcn3988_firmwarepm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresa8195psdr735_firmwareqpm5677qat5515qca6694qat3514wcd9326wcd9335pm6350_firmwareqcn6023pm8004_firmwaresdr8150_firmwareqcs4290_firmwareqtc800h_firmwareqpm5620qpm4630qca6390wcd9375sd750g_firmwareaqt1000sm6250_firmwarepmm8195auqln4642qpm5677_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwaresmr525_firmwarepm8998wtr3925_firmwareqpm8820_firmwareqln1020_firmwareqpm6621_firmwarepm670a_firmwareqcm6125_firmwarepmx55_firmwareqca6595pm8150_firmwaresmb1398_firmwareqpm8830qat5522pm8150cpmr735bsd665_firmwareqpa4360pmk8003_firmwareqcn5154qca8075_firmwaresc8180xqpa4361ipq6005_firmwareqpm4640_firmwareqpm5577_firmwarewcn6855_firmwareqdm5679_firmwarepm8350csmr525qca9888qca6310_firmwareipq8070a_firmwarepm6150l_firmwarepmr525pm8150a_firmwareqca6574_firmwareqln1036aq_firmwaresd665pm6150a_firmwarepm6150_firmwareqca6175asd765qca6574a_firmwareqpm4630_firmwareqat3555qpa5461sd8c_firmwarewtr2965_firmwarepm670_firmwarecsrb31024_firmwareqfs2608qcn9070_firmwareqln1036aqqtc801sipq6028_firmwareipq8072a_firmwaresc8180x_firmwareqpm5641_firmwareqca9889_firmwaresd710qcn5122pm8008_firmwareqpm6621pmr735a_firmwarepmx50qcn5022sdr8250sd768gqca1064_firmwareqln1030_firmwarepm8004pm640lpmk8002qca8075qcn6024qcn9022sd845sd455_firmwaresdm830ipq6000_firmwareqcs410_firmwareqca6175a_firmwareqpa5580qpm5579sa6150p_firmwareqcs610qcn5550qpm5620_firmwareqdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqat3519qbt2000_firmwareqca4024_firmwarepm855a_firmwareipq8078aqtc800hsa8150p_firmwareqcs2290sdr8250_firmwareqca6335qcn5064csra6620_firmwareqcs605_firmwareqln1020smr546_firmwareqdm5671csra6640_firmwarepmc1000hqpm4650_firmwareqat3518sd8csdr425_firmwaresmr526_firmwareipq8076aqpa5460pm640a_firmwarewgr7640_firmwareqdm2305_firmwareqpm5670_firmwaresd710_firmwareqca6428qdm5652qca6574au_firmwareqcn5164_firmwareipq8071qpm8870wcd9375_firmwareqpm5679qbt2000sa6155_firmwarewcd9360qca6438_firmwarepmx50_firmwareqpa8675_firmwarewhs9410_firmwaresdr735gqpa5460_firmwarewcn3999qdm3301_firmwareqsm7250qcs6125ipq6010sd662_firmwareqcs405rsw8577_firmwareqdm2308_firmwareqca6436wcn6851sa6155pqcs603_firmwareqpa6560sdr675_firmwarewcd9341qdm4643_firmwareqca6431qet4100_firmwaresd750gwcn3910_firmwareqpm5657qpm5875_firmwarewsa8830_firmwaresd855_firmwareqdm5650wcn3988qca6438wtr3925sdr052sa8195p_firmwaresmb1390qet4100qpa8686_firmwareipq5018_firmwareqpm6585qca8337_firmwarewcd9380_firmwaresmb1355ipq8072aqln4650sdr735g_firmwarewgr7640ipq8076a_firmwareqat5568qdm5671_firmwareqet5100qca6564auqpa8801_firmwareqtm527_firmwaresd636wcn6856_firmwarepm8005_firmwareqcn5164qet4101_firmwarepm7250bqln4642_firmwaresmb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwareqcn5054_firmwareqet4200aq_firmwaresdx50m_firmwaresdr735smb1395pm660lsmr526qca8072_firmwarewtr5975qca6430_firmwarepmk8003qcn5052_firmwareqtc801s_firmwareqat3522_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqsw8573qcs605sd7cwcn3910qca6426_firmwarepm8350_firmwareqca9984qcn9024pm8009qpa8675qcn5550_firmwaresdr051_firmwaresdx55mpm670aqca6421_firmwareqat3518_firmwareqsw8574pmi8998sd6905g_firmwarear8031_firmwarepm855lwcn6851_firmwareqdm5670_firmwareipq8070sd8655gpm7150a_firmwarepm8150b_firmwaresmr545_firmwarepmc1000h_firmwareqca6564a_firmwareqdm2310_firmwarepm4250_firmwareqcn5121_firmwaresd8885g_firmwarepm670qdm5677pm8005ipq6018pm855_firmwareqdm2302pmm6155ausdxr1pm855b_firmwareqca6595_firmwareqcs405_firmwareqpm6582_firmwareqpm6375_firmwarepm640l_firmwareqln4650_firmwareqpm5875qet5100msa8155psd675qet4101qat3516pm670lqpm5658ar8035_firmwareqcm2290qpm5658_firmwareqcn5024_firmwarewcn3991_firmwareqdm5652_firmwarepmm8155au_firmwaresdr051qcn9070qln5030qcs2290_firmwarepm4125pmi632qpa2625_firmwarepm456sd7c_firmwarepm8350bh_firmwarecsra6620pmr735b_firmwareqet5100_firmwareqpm4621qcn9072qet6100_firmwarepm670l_firmwaresdr660gsd455sd765g_firmwareqpa8686qca6390_firmwareipq6000sd730_firmwarewcd9370qcn5152_firmwaresdr425pmr525_firmwareqca6584au_firmwareqcn9000_firmwareipq5018pmi632_firmwareqcn7605qpm5541qat5516sd662qpa8821_firmwareqcn5124_firmwaresdr660g_firmwarepm8350bhqca1064pm3003aqca6595auwcn3999_firmwareqca6436_firmwaresmb1354ipq5010qca6564au_firmwareqdm2305sa6155p_firmwareqca6310qpm8820qpm2630qln5020_firmwaresa515m_firmwaresmb1398sa6145p_firmwaresdr675sm6250sd712_firmwarewsa8810_firmwaresd765_firmwareqdm5677_firmwareqca8081qet4200aqipq8071aipq8071a_firmwarewcd9385qpm6325_firmwareqdm2302_firmwareqat3550_firmwarepmm8155auqln5040_firmwarepm4125_firmwarear8035csr8811qpa8673qca6694_firmwareqdm2310qln5030_firmwareqcn9100_firmwaresmb1396_firmwarewcn6850_firmwarewsa8835_firmwareqca6564asmr546pmx24qet6110qln5040qca8072qcm2290_firmwareqpm8895sdr845qpm5670wcn3990qcn9000qtm527pmk8350qcn9012pm8350bqdm2307_firmwarewsa8835qpm5657_firmwaresm6250ppm855asdr660_firmwareqca6574asmb1390_firmwareqca9889ipq8074qpm4640wcn6750qet5100m_firmwareipq8076_firmwareqpm4650qtm525sa515mwtr6955sd855sm4125_firmwaresd8cxipq8076wtr6955_firmwarepm640pqcn5021qcn5152sd768g_firmwaresdr865_firmwarepm8250_firmwaresd460qca6391sd8cx_firmwaresdxr1_firmwaresmb1351ipq6005aqt1000_firmwareqcn9100qpm8895_firmwarepm660aqpa4340qcm4290sdx50mpm640asdr8150smb1395_firmwareqdm4650pmd9655ipq8074_firmwareqca6574ausa8155p_firmwareqsw6310sd8655g_firmwarewcd9341_firmwareqcm6125wsa8810qtc410s_firmwareqpm2630_firmwareqat5568_firmwareqdm2308qat3550wcn6856qdm5679ipq6010_firmwarepm3003a_firmwareqca6696qtc800s_firmwaresm4350sd845_firmwaresmb1381_firmwareqpa2625sa6150pqcn9022_firmwareqpa8688_firmwareipq8070apmm8195au_firmwareqcn9072_firmwaresm7250psd720g_firmwareipq8071_firmwareqcn9074_firmwareqpm4621_firmwaresd636_firmwarepm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-617
Reachable Assertion
CVE-2023-40462
Matching Score-4
Assigner-Sierra Wireless Inc.
ShareView Details
Matching Score-4
Assigner-Sierra Wireless Inc.
CVSS Score-7.5||HIGH
EPSS-0.01% / 1.04%
||
7 Day CHG~0.00%
Published-04 Dec, 2023 | 22:53
Updated-13 Feb, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper input leads to DoS

The ACEManager component of ALEOS 4.16 and earlier does not perform input sanitization during authentication, which could potentially result in a Denial of Service (DoS) condition for ACEManager without impairing other router functions. ACEManager recovers from the DoS condition by restarting within ten seconds of becoming unavailable.

Action-Not Available
Vendor-sierrawirelessSierraWirelessDebian GNU/Linux
Product-es450rv55lx60aleoslx40gx450debian_linuxrv50xmp70ALEOS
CWE ID-CWE-617
Reachable Assertion
CVE-2023-39534
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.07% / 21.25%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 13:12
Updated-13 Feb, 2025 | 17:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Malformed GAP submessage triggers assertion failure

eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.10.0, 2.9.2, and 2.6.5, a malformed GAP submessage can trigger assertion failure, crashing FastDDS. Version 2.10.0, 2.9.2, and 2.6.5 contain a patch for this issue.

Action-Not Available
Vendor-eprosimaeProsimaDebian GNU/Linux
Product-fast_ddsdebian_linuxFast-DDS
CWE ID-CWE-617
Reachable Assertion
CVE-2023-38976
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.57% / 87.28%
||
7 Day CHG~0.00%
Published-21 Aug, 2023 | 00:00
Updated-07 Oct, 2024 | 17:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in weaviate v.1.20.0 allows a remote attacker to cause a denial of service via the handleUnbatchedGraphQLRequest function.

Action-Not Available
Vendor-weaviaten/a
Product-weaviaten/a
CWE ID-CWE-617
Reachable Assertion
CVE-2011-3596
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-13.88% / 94.05%
||
7 Day CHG~0.00%
Published-25 Nov, 2019 | 23:53
Updated-06 Aug, 2024 | 23:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Polipo before 1.0.4.1 suffers from a DoD vulnerability via specially-crafted HTTP POST / PUT request.

Action-Not Available
Vendor-polipo_projectpolipoDebian GNU/Linux
Product-debian_linuxpolipopolipo
CWE ID-CWE-617
Reachable Assertion
CVE-2023-37024
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.13% / 33.21%
||
7 Day CHG+0.01%
Published-21 Jan, 2025 | 00:00
Updated-23 Jan, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A reachable assertion in the Mobile Management Entity (MME) of Magma versions <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows remote attackers to crash the MME with an unauthenticated cellphone by sending a NAS packet containing an `Emergency Number List` Information Element.

Action-Not Available
Vendor-n/a
Product-n/a
CWE ID-CWE-617
Reachable Assertion
CVE-2025-27073
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.05% / 14.47%
||
7 Day CHG~0.00%
Published-06 Aug, 2025 | 07:26
Updated-20 Aug, 2025 | 19:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reachable Assertion in WLAN Firmware

Transient DOS while creating NDP instance.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm8735_firmwareqca6574ssg2115p_firmwaresm8750p_firmwareqcn9002sa7255pqcn9100sa7775pqam8650p_firmwareqcn5152_firmwarewcd9395sxr2330pwsa8845h_firmwareqca8084_firmwarewcd9378qca8082_firmwareqca6595_firmwareqca6678aqqcc2073_firmwaresnapdragon_865_5g_mobile_platform_firmwareipq9008wsa8835_firmwareqca6698aq_firmwareqcn6024snapdragon_ar2_gen_1_platformsnapdragon_8_gen_3_mobile_platformsm7635qca6426qamsrv1h_firmwarewcn6450qca6574a_firmwareqca8085_firmwaresxr2230p_firmwarecsr8811immersive_home_318_platformsxr2250p_firmwareipq8072asg8275pwcd9370qfw7124snapdragon_865_5g_mobile_platformsg8275p_firmwareqca8337immersive_home_318_platform_firmwaresnapdragon_8\+_gen_2_mobile_platformqca6436_firmwarewcn7861snapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)_firmwarefastconnect_6800_firmwareqcn6132_firmwarewsa8815_firmwareipq8072a_firmwarewsa8845_firmwareqca6391_firmwareipq6000_firmwareqcc2073wcd9375sd_8_gen1_5gipq5028qcn5024ipq8078_firmwareqcn6274_firmwareqcn5124_firmwareqca6564auqcn5164snapdragon_870_5g_mobile_platform_\(sm8250-ac\)_firmwareipq8076_firmwareqcn5154_firmwareqcn5122qcc2076_firmwareqca6574ausnapdragon_x75_5g_modem-rf_systemqcn5052_firmwareqcn9074_firmwareqca6584au_firmwareqamsrv1m_firmwareipq6028ipq8070a_firmwaresnapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)sa9000pqcn9100_firmwaresm8750pqcn5024_firmwaresnapdragon_ar1_gen_1_platform_firmwaresm7675qca6688aqwcn7750qca6787aq_firmwareipq6010_firmwareqca6554a_firmwareqca6584ausc8380xpipq6018qmp1000qca8075_firmwareqam8255p_firmwareqcn9011ipq5010_firmwareqca6787aqqca6688aq_firmwareqca8085wcd9380_firmwaresd_8_gen1_5g_firmwareqca6574aqca6797aq_firmwarewsa8830_firmwareipq8174_firmwarewsa8832_firmwareqcs8550qcs8550_firmwaressg2125pimmersive_home_214_platformsnapdragon_xr2_5g_platformqcm8550qcn6023qcm8550_firmwarewsa8835qcn5054_firmwareqcn9001_firmwareqcn5022_firmwareqca8081_firmwarefastconnect_6800ipq8078qca6426_firmwareqcn6224wcn7860sa8620p_firmwaresd865_5g_firmwareqca6595au_firmwarewcd9385_firmwareqca6696_firmwarewcn6740qca8072immersive_home_216_platform_firmwarewcd9370_firmwaresm8650q_firmwareqcn5154wsa8815sm8750_firmwarewsa8845hqca6574au_firmwareqca6595ausa8255pwcn6755sa7775p_firmwarewcd9390_firmwarewsa8810snapdragon_x75_5g_modem-rf_system_firmwarewcn6650qcn5054ipq6000snapdragon_ar1_gen_1_platform_\"luna1\"ipq9008_firmwareipq9574sa8775p_firmwaresrv1h_firmwareqcn9074qca9889fastconnect_7800_firmwareimmersive_home_214_platform_firmwareqca8081wcd9340_firmwareipq9574_firmwareqcn5022qca8386sm6650p_firmwaresm8735qca9889_firmwaresm8650qqcn9024wcn7881sm8635pipq6028_firmwareqmp1000_firmwaressg2115pipq6018_firmwareqcn9000wcn6755_firmwareqcn6224_firmwareqam8255pwcn7880_firmwaresnapdragon_ar1_gen_1_platformsm8635p_firmwareqam8775p_firmwarewsa8810_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwareqca6678aq_firmwareqca6696sm8550pqcc710sm8750qcn9274_firmwareqca6391qam8775psm6650_firmwareqca6554aqcn9022_firmwaresnapdragon_ar2_gen_1_platform_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqcn6122qca6777aq_firmwaresnapdragon_xr2_5g_platform_firmwaresxr2250pqcn6122_firmwarewsa8840_firmwarewcn7861_firmwaresnapdragon_x72_5g_modem-rf_system_firmwaressg2125p_firmwareqcc710_firmwaresa8620psxr2330p_firmwaresm8550p_firmwareimmersive_home_316_platformipq8078a_firmwareipq5028_firmwarewcd9380fastconnect_6900_firmwaresnapdragon_8_gen_1_mobile_platform_firmwaresrv1m_firmwareqcn9022immersive_home_216_platformqam8650psm7675_firmwaresxr1230p_firmwareqca8082sm7675pipq9554_firmwareipq8076a_firmwareqamsrv1hsnapdragon_8_gen_1_mobile_platformqca6777aqqamsrv1mipq8076aqcn5122_firmwaresxr2230pqcn9001qca8072_firmwareqca8084qca8075sm7675p_firmwaresa9000p_firmwareipq9570sm8635_firmwareqcc2076qcn5164_firmwareqcn9000_firmwareipq9570_firmwarear8035ipq8074a_firmwarewcd9395_firmwaresnapdragon_ar1_gen_1_platform_\"luna1\"_firmwarewcn6740_firmwarewcd9375_firmwaresm6650sa8255p_firmwarear8035_firmwareimmersive_home_316_platform_firmwareqcn9072ipq8071awsa8845wsa8840sa8775pfastconnect_7800srv1hqcn9070snapdragon_8_gen_3_mobile_platform_firmwareqca8337_firmwarewsa8832wsa8830snapdragon_8_gen_2_mobile_platformipq6010srv1mipq8070asxr1230pwcd9385qcn5124snapdragon_auto_5g_modem-rf_gen_2wcn6650_firmwaresa8650p_firmwarecsr8811_firmwareqcn9002_firmwaresnapdragon_x72_5g_modem-rf_systemqcn9003qca9888qca6436sa7255p_firmwareqca8386_firmwareipq8173_firmwarewcn7860_firmwaresm8635sc8380xp_firmwareipq8173qcn9012qca6797aqsnapdragon_870_5g_mobile_platform_\(sm8250-ac\)qcn6274wcn7881_firmwareqfw7114sm6650pqfw7114_firmwarewcd9340wcd9390qca4024_firmwareqca9888_firmwaresa8770p_firmwareipq8078asnapdragon_auto_5g_modem-rf_gen_2_firmwareqca6564au_firmwaresd865_5gqca6595wcn7880wcn6450_firmwareqcn6024_firmwareipq8071a_firmwareipq8074aqca4024fastconnect_6900qcn9024_firmwareqcn5152qcn9070_firmwareqcn6023_firmwareqcn9274ipq8076qcn9003_firmwareqcn9011_firmwaresa8650pipq8174sa8770pqcn5052wcd9378_firmwareqca6574_firmwareqcn6132qca6698aqipq9554qfw7124_firmwaresm7635_firmwareqcn9012_firmwareipq5010qcn9072_firmwarewcn7750_firmwareSnapdragon
CWE ID-CWE-617
Reachable Assertion
CVE-2023-34867
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.09% / 26.47%
||
7 Day CHG~0.00%
Published-14 Jun, 2023 | 00:00
Updated-03 Jan, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the ecma_property_hashmap_create at jerry-core/ecma/base/ecma-property-hashmap.c.

Action-Not Available
Vendor-jerryscriptn/a
Product-jerryscriptn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2025-27066
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.05% / 15.98%
||
7 Day CHG~0.00%
Published-06 Aug, 2025 | 07:26
Updated-06 Aug, 2025 | 20:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reachable Assertion in WLAN Firmware

Transient DOS while processing an ANQP message.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-Snapdragon
CWE ID-CWE-617
Reachable Assertion
CVE-2021-38385
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.63% / 69.48%
||
7 Day CHG~0.00%
Published-30 Aug, 2021 | 00:00
Updated-04 Aug, 2024 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tor before 0.3.5.16, 0.4.5.10, and 0.4.6.7 mishandles the relationship between batch-signature verification and single-signature verification, leading to a remote assertion failure, aka TROVE-2021-007.

Action-Not Available
Vendor-torprojectn/a
Product-torn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2021-38291
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.14% / 34.04%
||
7 Day CHG~0.00%
Published-12 Aug, 2021 | 00:00
Updated-04 Aug, 2024 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FFmpeg version (git commit de8e6e67e7523e48bb27ac224a0b446df05e1640) suffers from a an assertion failure at src/libavutil/mathematics.c.

Action-Not Available
Vendor-n/aDebian GNU/LinuxFFmpeg
Product-ffmpegdebian_linuxn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2023-34194
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.63% / 69.40%
||
7 Day CHG~0.00%
Published-13 Dec, 2023 | 00:00
Updated-02 Aug, 2024 | 16:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

StringEqual in TiXmlDeclaration::Parse in tinyxmlparser.cpp in TinyXML through 2.6.2 has a reachable assertion (and application exit) via a crafted XML document with a '\0' located after whitespace.

Action-Not Available
Vendor-tinyxml_projectn/a
Product-tinyxmln/a
CWE ID-CWE-617
Reachable Assertion
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • Next
Details not found