Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-46354

Summary
Assigner-talos
Assigner Org ID-b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b
Published At-22 Jul, 2025 | 15:26
Updated At-03 Nov, 2025 | 20:04
Rejected At-
Credits

A denial of service vulnerability exists in the Distributed Transaction Commit/Abort Operation functionality of Bloomberg Comdb2 8.1. A specially crafted network packet can lead to a denial of service. An attacker can send a malicious packet to trigger this vulnerability.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
ā–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:talos
Assigner Org ID:b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b
Published At:22 Jul, 2025 | 15:26
Updated At:03 Nov, 2025 | 20:04
Rejected At:
ā–¼CVE Numbering Authority (CNA)

A denial of service vulnerability exists in the Distributed Transaction Commit/Abort Operation functionality of Bloomberg Comdb2 8.1. A specially crafted network packet can lead to a denial of service. An attacker can send a malicious packet to trigger this vulnerability.

Affected Products
Vendor
Bloomberg
Product
Comdb2
Versions
Affected
  • 8.1
Problem Types
TypeCWE IDDescription
CWECWE-617CWE-617: Reachable Assertion
Type: CWE
CWE ID: CWE-617
Description: CWE-617: Reachable Assertion
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Discovered by a member of Cisco Talos.
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2198
N/A
Hyperlink: https://talosintelligence.com/vulnerability_reports/TALOS-2025-2198
Resource: N/A
ā–¼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2198
exploit
Hyperlink: https://talosintelligence.com/vulnerability_reports/TALOS-2025-2198
Resource:
exploit
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2198
N/A
Hyperlink: https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2198
Resource: N/A
Information is not available yet
ā–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:talos-cna@cisco.com
Published At:22 Jul, 2025 | 16:15
Updated At:03 Nov, 2025 | 20:19

A denial of service vulnerability exists in the Distributed Transaction Commit/Abort Operation functionality of Bloomberg Comdb2 8.1. A specially crafted network packet can lead to a denial of service. An attacker can send a malicious packet to trigger this vulnerability.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CPE Matches
bloomberg
bloomberg
>>comdb2>>8.1
cpe:2.3:a:bloomberg:comdb2:8.1:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-617Secondarytalos-cna@cisco.com
CWE ID: CWE-617
Type: Secondary
Source: talos-cna@cisco.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2198talos-cna@cisco.com
Exploit
Third Party Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2198af854a3a-2127-422b-91ae-364da2661108
N/A
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2198134c704f-9b21-4f2e-91b3-4a467353bcc0
Exploit
Third Party Advisory
Hyperlink: https://talosintelligence.com/vulnerability_reports/TALOS-2025-2198
Source: talos-cna@cisco.com
Resource:
Exploit
Third Party Advisory
Hyperlink: https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2198
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://talosintelligence.com/vulnerability_reports/TALOS-2025-2198
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Resource:
Exploit
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

279Records found
CVE-2025-36512
Matching Score-10
Assigner-Talos
ShareView Details
Matching Score-10
Assigner-Talos
CVSS Score-7.5||HIGH
EPSS-0.16% / 36.15%
||
7 Day CHG+0.10%
Published-22 Jul, 2025 | 15:26
Updated-03 Nov, 2025 | 20:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability exists in the Bloomberg Comdb2 8.1 database when handling a distributed transaction heartbeat. A specially crafted protocol buffer message can lead to a denial of service. An attacker can simply connect to a database instance over TCP and send the crafted message to trigger this vulnerability.

Action-Not Available
Vendor-bloombergBloomberg
Product-comdb2Comdb2
CWE ID-CWE-617
Reachable Assertion
CVE-2025-35966
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-7.5||HIGH
EPSS-0.40% / 60.86%
||
7 Day CHG+0.26%
Published-22 Jul, 2025 | 15:26
Updated-03 Nov, 2025 | 20:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A null pointer dereference vulnerability exists in the CDB2SQLQUERY protocol buffer message handling of Bloomberg Comdb2 8.1. A specially crafted protocol buffer message can lead to a denial of service. An attacker can simply connect to a database instance over TCP and send the crafted message to trigger this vulnerability.

Action-Not Available
Vendor-bloombergBloomberg
Product-comdb2Comdb2
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2025-36520
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-7.5||HIGH
EPSS-0.44% / 63.12%
||
7 Day CHG+0.28%
Published-22 Jul, 2025 | 15:26
Updated-03 Nov, 2025 | 20:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A null pointer dereference vulnerability exists in the net_connectmsg Protocol Buffer Message functionality of Bloomberg Comdb2 8.1. A specially crafted network packets can lead to a denial of service. An attacker can send packets to trigger this vulnerability.

Action-Not Available
Vendor-bloombergBloomberg
Product-comdb2Comdb2
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2025-48498
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-7.5||HIGH
EPSS-0.43% / 63.00%
||
7 Day CHG+0.28%
Published-22 Jul, 2025 | 15:26
Updated-03 Nov, 2025 | 20:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A null pointer dereference vulnerability exists in the Distributed Transaction component of Bloomberg Comdb2 8.1 when processing a number of fields used for coordination. A specially crafted protocol buffer message can lead to a denial of service. An attacker can simply connect to a database instance over TCP and send the crafted message to trigger this vulnerability.

Action-Not Available
Vendor-bloombergBloomberg
Product-comdb2Comdb2
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2025-41068
Matching Score-4
Assigner-Spanish National Cybersecurity Institute, S.A. (INCIBE)
ShareView Details
Matching Score-4
Assigner-Spanish National Cybersecurity Institute, S.A. (INCIBE)
CVSS Score-8.7||HIGH
EPSS-0.04% / 13.52%
||
7 Day CHG~0.00%
Published-27 Oct, 2025 | 12:47
Updated-29 Oct, 2025 | 11:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reachable Assertion vulnerability in Open5GS

Reachable Assertion vulnerability in Open5GS up to version 2.7.6 allows attackers with connectivity to the NRF to cause a denial of service. This is achieved by sending the creation of an NF with an invalid type via SBI and then requesting its data. The NRF executes a check that crashes the process, leaving the discovery service unresponsive.

Action-Not Available
Vendor-open5gsNewPlane
Product-open5gsOpen5GS
CWE ID-CWE-617
Reachable Assertion
CVE-2025-40777
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-7.5||HIGH
EPSS-0.10% / 27.46%
||
7 Day CHG~0.00%
Published-16 Jul, 2025 | 17:38
Updated-04 Nov, 2025 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
A possible assertion failure when 'stale-answer-client-timeout' is set to '0'

If a `named` caching resolver is configured with `serve-stale-enable` `yes`, and with `stale-answer-client-timeout` set to `0` (the only allowable value other than `disabled`), and if the resolver, in the process of resolving a query, encounters a CNAME chain involving a specific combination of cached or authoritative records, the daemon will abort with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.10, 9.21.0 through 9.21.9, and 9.20.9-S1 through 9.20.10-S1.

Action-Not Available
Vendor-Internet Systems Consortium, Inc.
Product-BIND 9
CWE ID-CWE-617
Reachable Assertion
CVE-2006-6767
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-14.11% / 94.45%
||
7 Day CHG~0.00%
Published-16 Jan, 2007 | 19:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

oftpd before 0.3.7 allows remote attackers to cause a denial of service (daemon abort) via a (1) LPRT or (2) LPASV command with an unsupported address family, which triggers an assertion failure.

Action-Not Available
Vendor-time-travellersn/a
Product-oftpdn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2021-45290
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.36% / 58.43%
||
7 Day CHG~0.00%
Published-21 Dec, 2021 | 17:25
Updated-04 Aug, 2024 | 04:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Denial of Service vulnerability exits in Binaryen 103 due to an assertion abort in wasm::handle_unreachable.

Action-Not Available
Vendor-webassemblyn/aFedora Project
Product-binaryenfedoran/a
CWE ID-CWE-617
Reachable Assertion
CVE-2006-5779
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-43.37% / 97.56%
||
7 Day CHG~0.00%
Published-07 Nov, 2006 | 18:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OpenLDAP before 2.3.29 allows remote attackers to cause a denial of service (daemon crash) via LDAP BIND requests with long authcid names, which triggers an assertion failure.

Action-Not Available
Vendor-openldapn/aCanonical Ltd.
Product-ubuntu_linuxopenldapn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2006-4574
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-6.82% / 91.44%
||
7 Day CHG~0.00%
Published-28 Oct, 2006 | 00:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Off-by-one error in the MIME Multipart dissector in Wireshark (formerly Ethereal) 0.10.1 through 0.99.3 allows remote attackers to cause a denial of service (crash) via certain vectors that trigger an assertion error related to unexpected length values.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-193
Off-by-one Error
CWE ID-CWE-617
Reachable Assertion
CVE-2006-4095
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-4.88% / 89.68%
||
7 Day CHG~0.00%
Published-06 Sep, 2006 | 00:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned.

Action-Not Available
Vendor-n/aCanonical Ltd.Apple Inc.Internet Systems Consortium, Inc.
Product-bindmac_os_xubuntu_linuxmac_os_x_servern/a
CWE ID-CWE-617
Reachable Assertion
CVE-2020-11218
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.26% / 49.35%
||
7 Day CHG~0.00%
Published-17 Mar, 2021 | 06:00
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in baseband when NW configures LTE betaOffset-RI-Index due to lack of data validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qca9377_firmwareqpm5679_firmwaresm6250p_firmwareqca8337qfs2530qpm8870_firmwarepm6125qat5522_firmwarewcn3950_firmwarepm8150aqdm5670qca6595au_firmwareqpm5541_firmwarepm7150lqpa8821pm8998_firmwareqcs6125_firmwarepm456_firmwareqpa5580_firmwaresa415mwcn3998wcd9371_firmwarewcn3950sm4125sd720gqsw8573_firmwarewcn3660bsd450_firmwareqfe4320qsw8574_firmwaresd460_firmwaresmb2351_firmwarepm8953_firmwareqpa4360_firmwarewcn3998_firmwareqfe2520_firmwarepm855pqca6420apq8053_firmwarepm6150apm660_firmwarepm8150bsa8155_firmwareqfe2101qca6430qat3522pmr735awcd9340sd765gsdr660sdr865qdm5620_firmwaresmb1358qca6696_firmwareqln5020wcd9371sd870_firmwarepmm855au_firmwaresd_8cxqfe3340qdm5621qtc800ssd865_5g_firmwaresd712pm640p_firmwarewcn6750_firmwareqat5516_firmwarepm6150lsd450pm855l_firmwareqtc410swcn3991qpa8801pm8150l_firmwareqat5533_firmwaresdx55m_firmwareqpa8673_firmwarepm6150smb1354_firmwaresd670_firmwaresd632_firmwareqpa8842sdr052_firmwarewcd9380qcs410qpm5579_firmwaresmb1380_firmwareqfe4309_firmwaresmb1381pm855p_firmwarepm7250qpa8803sdx24_firmwareqdm2301wcd9340_firmwarewsa8815wcn6850qfe2101_firmwareqdm5621_firmwareqdm2301_firmwareqpm6375sd_8c_firmwarewcn3980_firmwaresd730pm660l_firmwarepm6250_firmwarepm8008qtm525_firmwarepme605_firmwarepme605sd678_firmwareqpm5621_firmwareqln1021aq_firmwareqcs603qpa6560_firmwareqpa8802_firmwareqln4640_firmwareqfe4308_firmwareqpm5621qpm6582sd670pm8009_firmwareqfe4303qfs2580_firmwareqcm4290_firmwarepm8150lpmi8998_firmwareqcs610_firmwarepm4250qpm5577wtr2965sa2150pqca6391_firmwarepm8150pmi8937_firmwarewcd9370_firmwareqat3516_firmwaresdx55apq8053qat3555_firmwareqpa8803_firmwarewcn3660pm855bsmb2351qln1031pm660qet6110_firmwareqpm6325pm6125_firmwareqbt1500csrb31024pmx24_firmwarefsm10055_firmwareqbt1500_firmwareqcs4290pmm855auqca6420_firmwarepm7150asd675_firmwareqpa4361_firmwareqca6426wcn3990_firmwareqca9377qpa5373_firmwarewcd9385_firmwareqdm5650_firmwaresdxr2_5g_firmwarewcd9326_firmwarewhs9410wcn3615_firmwarewtr2955pm7250_firmwaresdr845_firmwareqdm5620qln1021aqsmb1380pmk8002_firmwareqsw6310_firmwaresa8155qln1031_firmwaresdx55_firmwareqat5533wcn3615sm7250p_firmwarepm8940qsm7250_firmwarepm7150l_firmwareqca6584auqat5515_firmwarepm855qpm8830_firmwarepm8250qfs2530_firmwaresa415m_firmwarepmx55wcn3988_firmwarepm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwarepm8953qat5515qpm5677wcd9326wcd9335pm8004_firmwaresdr8150_firmwareqcs4290_firmwareqtc800h_firmwareqca6390wcd9375aqt1000sm6250_firmwareqln4642msm8917_firmwareqpm5677_firmwarewsa8815_firmwarewtr3925_firmwarepmi8937pm8998smr525_firmwareqpm8820_firmwareqfe4301_firmwareapq8017qcm6125_firmwarepmx55_firmwarewtr2955_firmwareqfe4373fc_firmwaresd865_5gpm8150_firmwareqpm8830qat5522pm8150csd665_firmwareqpa4360sc8180xqpa4361qpm5577_firmwareqdm5679_firmwaresmr525qfe4305_firmwarepm6150l_firmwarepmr525pm8150a_firmwareqln1036aq_firmwaresd665pm6150a_firmwarepm6150_firmwaresd765qca6574a_firmwareqat3555wtr2965_firmwarepm670_firmwarecsrb31024_firmwareqln1036aqqtc801ssc8180x_firmwaresd710pm8008_firmwarepmr735a_firmwarepmx50sdr8250sd768gpm8004pm640lmsm8940pmk8002sd845qcs410_firmwareqpa5580qpm5579fsm10055qfe2550qcs610qdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqat3519qbt2000_firmwarepm855a_firmwareqtc800hsdr8250_firmwareqcs2290msm8917qcs605_firmwaresd_675_firmwareqdm5671pmc1000hqpm4650_firmwareqat3518sd632sdr425_firmwaresmr526_firmwarepm640a_firmwarewgr7640_firmwareqdm2305_firmwareqpm5670_firmwaresd710_firmwareqdm5652qca6574au_firmwareqpm8870wcd9375_firmwareqpm5679qbt2000wcd9360pmx50_firmwareqpa8675_firmwarewhs9410_firmwarepm8940_firmwareqdm3301_firmwareqsm7250qcs6125sd662_firmwareqdm2308_firmwareqca6436qcs603_firmwareqpa6560sdr675_firmwarewcn3660_firmwarewcd9341pmi8952pm8937_firmwareqca6431qet4100_firmwareqfe4320_firmwarewcn3910_firmwaresd855_firmwareqdm5650wcn3988wtr3925sdr052smb1390qet4100qpa8686_firmwareqpm6585qca8337_firmwarewcd9380_firmwaresmb1355qln4650wgr7640qet5100qdm5671_firmwareqpa8801_firmwareqca6564auqtm527_firmwarepm8005_firmwaremsm8940_firmwareqet4101_firmwarepm7250bqln4642_firmwaresmb1355_firmwarepm7250b_firmwaresmb1351_firmwaresdx50m_firmwaresmb1395pm660lsmr526qca6430_firmwarewcd9335_firmwareqtc801s_firmwarewcn3980qat3522_firmwareqsw8573qcs605wcn3910qca6426_firmwarewcn3660b_firmwareqfe4309pm8009qpa8675sdr051_firmwaresdx55mqca6421_firmwareqfe4373fcmsm8953qat3518_firmwarepmi8998qfe2520qsw8574pm855lqdm5670_firmwarepm7150a_firmwarepm8150b_firmwareqfe4302pmc1000h_firmwareqdm2310_firmwarepm4250_firmwaresd870pm670qdm5677pm8005pm855_firmwareqdm2302sdxr1pm855b_firmwareqpm6582_firmwareqpm6375_firmwarepm640l_firmwareqln4650_firmwareqet5100msa8155psd675qet4101qat3516pm670lqpm5658ar8035_firmwareqcm2290qpm5658_firmwarewcn3991_firmwareqdm5652_firmwaresd678sdr051qln5030qcs2290_firmwarepm4125pmi632qpa2625_firmwarepm456qet5100_firmwareqpa5373pm670l_firmwaresdr660gsd765g_firmwareqpa8686smb1358_firmwareqca6390_firmwaresd730_firmwarewcd9370sdr425pmr525_firmwareqca6584au_firmwareqfe3340_firmwarepmi632_firmwaresd_8cx_firmwareqpm5541qat5516sd662qpa8821_firmwareqfe4308sdr660g_firmwarepm3003awcn3680b_firmwareqca6595auqca6436_firmwaresmb1354qca6564au_firmwareqdm2305qpm8820pm8937qln5020_firmwaresa515m_firmwaresdxr2_5gsdr675sm6250sd712_firmwareapq8017_firmwarewsa8810_firmwaresd765_firmwareqdm5677_firmwareqca6174a_firmwarewcd9385qpm6325_firmwareqdm2302_firmwareqat3550_firmwareqln5040_firmwarepm4125_firmwarear8035qpa8673qdm2310qfe2550_firmwaremsm8953_firmwareqln5030_firmwareqfe4302_firmwarewcn6850_firmwarepmx24qet6110pmi8952_firmwareqcm2290_firmwareqln5040qpm8895sdr845qpm5670wcn3990sd_675qtm527sdx24qdm2307_firmwaresm6250ppm855asdr660_firmwareqca6574asmb1390_firmwareqca6174aqfe4303_firmwarewcn6750qet5100m_firmwareqpm4650qtm525sa515msa2150p_firmwaresd855sm4125_firmwareqfe4305pm640psd768g_firmwaresdr865_firmwarepm8250_firmwarepm6250sd460qca6391sdxr1_firmwaresmb1351aqt1000_firmwaremsm8920qpm8895_firmwareqcm4290sdx50mpm640asdr8150msm8920_firmwaresmb1395_firmwareqca6574ausa8155p_firmwareqsw6310wcd9341_firmwareqcm6125wsa8810qtc410s_firmwareqdm2308qat3550qdm5679sd_8cwcn3680bpm3003a_firmwareqca6696qfe4301qtc800s_firmwaresmb1381_firmwaresd845_firmwareqpa2625sm7250psd720g_firmwareqln4640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-617
Reachable Assertion
CVE-2020-11278
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.24% / 47.81%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 06:26
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible denial of service while handling host WMI command due to improper validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qpm5679_firmwaresm6250p_firmwareqca8337ipq8173_firmwareqfs2608_firmwareqfs2530qpm8870_firmwareqln1030qpa8688pm6125qcn5124qat5522_firmwarewcn3950_firmwarepm8150aqdm5670qca6595au_firmwareqpm5541_firmwareqpa5581_firmwaresa6155pm7150lqpa8821pm8998_firmwarewtr5975_firmwareqcs6125_firmwarepm456_firmwareqpa5580_firmwaresa415mwcn3998wcd9371_firmwarewcn3950qcn6024_firmwaresd720gsm4125qsw8573_firmwareqsm8350_firmwareqsw8574_firmwareqsm8350sd460_firmwaresmb2351_firmwaresd6905gqpa4360_firmwareqca8081_firmwarewcn3998_firmwarepm855pqca6420pm6150aqpm6670_firmwareipq8070_firmwareipq8078a_firmwarepm660_firmwarepm8150bipq8072_firmwaresa8155_firmwareqca6430qat3522pmr735awcd9340sdm830_firmwaresd765gsdr660qfs2630_firmwaresdr865qdm5620_firmwareqca9888_firmwaresmr545qca6696_firmwareqln5020wcd9371qca1062qcn5154_firmwarepmm855au_firmwaresm4350_firmwaresa8150ppm6350qdm5621qtc800sqat3514_firmwaresd660sd712pm640p_firmwaresd660_firmwareqcn5121qcn5022_firmwareqcn7606_firmwareqat5516_firmwarepm6150lwcn6750_firmwaresd8885gpm855l_firmwareqca6428_firmwareqtc410swcn3991qpa8801ipq8078pm8150l_firmwareipq8173qat5533_firmwaresdx55m_firmwaresdxr25gqpa8673_firmwarepm6150smb1354_firmwaresd670_firmwareqca6574qfs2630qpa8842csr8811_firmwaresdr052_firmwarewcd9380qln4640qcs410qpm5579_firmwaresmb1380_firmwarepmk8350_firmwareqcn5024pm855p_firmwaresmb1381pm7250qpa8803qcn9012_firmwaresdxr25g_firmwareqdm2301ipq6018_firmwarewcd9340_firmwarewsa8815wcn6850pmp8074_firmwareqdm5621_firmwareqdm2301_firmwareqpm6375ipq6028pmp8074wcn3980_firmwaresd730pm660l_firmwarepm6250_firmwarepm8008pm8350b_firmwareqtm525_firmwarepme605_firmwareqcn5064_firmwarepme605ipq8078_firmwareqpm5621_firmwareqcn5054qln1021aq_firmwareqcs603rsw8577qpa6560_firmwareqpa8802_firmwareqln4640_firmwareqpm5621qpm6582qcn9024_firmwareipq8174_firmwarepm8009_firmwaresd670qfs2580_firmwareqcm4290_firmwarewcn6855qcn7605_firmwarepm8150lpmi8998_firmwareqcs610_firmwaresa6145ppm660a_firmwarepm4250ar8031qpm5577wtr2965sdm630_firmwareqca6391_firmwarepm8150qca4024wcd9370_firmwareqat3516_firmwaresdx55qcn5021_firmwarecsra6640qat3555_firmwareqpa8803_firmwarepm855bsmb2351qln1031qcn7606qpm5870wsa8830pm660qet6110_firmwareqca1062_firmwareqpm6325pm6125_firmwareqbt1500qpa5581csrb31024pmx24_firmwareqbt1500_firmwareqpm5870_firmwareqcs4290qet6100pmm855auqca6420_firmwaresmb1396pm7150asd675_firmwareipq8072pm8350qpa5461_firmwareqpa4361_firmwarepm8350c_firmwareqca6426wcn3990_firmwareqca9984_firmwareqpm5641wcd9385_firmwareqdm5650_firmwareqpa4340_firmwarewcd9326_firmwarewhs9410pm7250_firmwaresdr845_firmwareqdm5620qln1021aqipq8074asmb1380pmk8002_firmwareqsw6310_firmwaresa8155qln1031_firmwareqdm4650_firmwareqcn5122_firmwarepmm6155au_firmwareqat5533sdx55_firmwareqcn6023_firmwaresm7250p_firmwareqsm7250_firmwareqpm6670pm7150l_firmwareqca6584auqpm4641qat5515_firmwareipq8174pm855qpm8830_firmwarepm8250qcn5052sdm630qdm4643qfs2530_firmwaresa415m_firmwarepmx55qpm4641_firmwareqcn9074wcn3988_firmwarepm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresa8195psdr735_firmwareqpm5677qat5515qca6694qat3514wcd9326wcd9335pm6350_firmwareqcn6023pm8004_firmwaresdr8150_firmwareqcs4290_firmwareqtc800h_firmwareqpm5620qpm4630qca6390wcd9375sd750g_firmwareaqt1000sm6250_firmwarepmm8195auqln4642qpm5677_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwaresmr525_firmwarepm8998wtr3925_firmwareqpm8820_firmwareqln1020_firmwareqpm6621_firmwarepm670a_firmwareqcm6125_firmwarepmx55_firmwareqca6595pm8150_firmwaresmb1398_firmwareqpm8830qat5522pm8150cpmr735bsd665_firmwareqpa4360pmk8003_firmwareqcn5154qca8075_firmwaresc8180xqpa4361ipq6005_firmwareqpm4640_firmwareqpm5577_firmwarewcn6855_firmwareqdm5679_firmwarepm8350csmr525qca9888qca6310_firmwareipq8070a_firmwarepm6150l_firmwarepmr525pm8150a_firmwareqca6574_firmwareqln1036aq_firmwaresd665pm6150a_firmwarepm6150_firmwareqca6175asd765qca6574a_firmwareqpm4630_firmwareqat3555qpa5461sd8c_firmwarewtr2965_firmwarepm670_firmwarecsrb31024_firmwareqfs2608qcn9070_firmwareqln1036aqqtc801sipq6028_firmwareipq8072a_firmwaresc8180x_firmwareqpm5641_firmwareqca9889_firmwaresd710qcn5122pm8008_firmwareqpm6621pmr735a_firmwarepmx50qcn5022sdr8250sd768gqca1064_firmwareqln1030_firmwarepm8004pm640lpmk8002qca8075qcn6024qcn9022sd845sd455_firmwaresdm830ipq6000_firmwareqcs410_firmwareqca6175a_firmwareqpa5580qpm5579sa6150p_firmwareqcs610qcn5550qpm5620_firmwareqdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqat3519qbt2000_firmwareqca4024_firmwarepm855a_firmwareipq8078aqtc800hsa8150p_firmwareqcs2290sdr8250_firmwareqca6335qcn5064csra6620_firmwareqcs605_firmwareqln1020smr546_firmwareqdm5671csra6640_firmwarepmc1000hqpm4650_firmwareqat3518sd8csdr425_firmwaresmr526_firmwareipq8076aqpa5460pm640a_firmwarewgr7640_firmwareqdm2305_firmwareqpm5670_firmwaresd710_firmwareqca6428qdm5652qca6574au_firmwareqcn5164_firmwareipq8071qpm8870wcd9375_firmwareqpm5679qbt2000sa6155_firmwarewcd9360qca6438_firmwarepmx50_firmwareqpa8675_firmwarewhs9410_firmwaresdr735gqpa5460_firmwarewcn3999qdm3301_firmwareqsm7250qcs6125ipq6010sd662_firmwareqcs405rsw8577_firmwareqdm2308_firmwareqca6436wcn6851sa6155pqcs603_firmwareqpa6560sdr675_firmwarewcd9341qdm4643_firmwareqca6431qet4100_firmwaresd750gwcn3910_firmwareqpm5657qpm5875_firmwarewsa8830_firmwaresd855_firmwareqdm5650wcn3988qca6438wtr3925sdr052sa8195p_firmwaresmb1390qet4100qpa8686_firmwareipq5018_firmwareqpm6585qca8337_firmwarewcd9380_firmwaresmb1355ipq8072aqln4650sdr735g_firmwarewgr7640ipq8076a_firmwareqat5568qdm5671_firmwareqet5100qca6564auqpa8801_firmwareqtm527_firmwaresd636wcn6856_firmwarepm8005_firmwareqcn5164qet4101_firmwarepm7250bqln4642_firmwaresmb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwareqcn5054_firmwareqet4200aq_firmwaresdx50m_firmwaresdr735smb1395pm660lsmr526qca8072_firmwarewtr5975qca6430_firmwarepmk8003qcn5052_firmwareqtc801s_firmwareqat3522_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqsw8573qcs605sd7cwcn3910qca6426_firmwarepm8350_firmwareqca9984qcn9024pm8009qpa8675qcn5550_firmwaresdr051_firmwaresdx55mpm670aqca6421_firmwareqat3518_firmwareqsw8574pmi8998sd6905g_firmwarear8031_firmwarepm855lwcn6851_firmwareqdm5670_firmwareipq8070sd8655gpm7150a_firmwarepm8150b_firmwaresmr545_firmwarepmc1000h_firmwareqca6564a_firmwareqdm2310_firmwarepm4250_firmwareqcn5121_firmwaresd8885g_firmwarepm670qdm5677pm8005ipq6018pm855_firmwareqdm2302pmm6155ausdxr1pm855b_firmwareqca6595_firmwareqcs405_firmwareqpm6582_firmwareqpm6375_firmwarepm640l_firmwareqln4650_firmwareqpm5875qet5100msa8155psd675qet4101qat3516pm670lqpm5658ar8035_firmwareqcm2290qpm5658_firmwareqcn5024_firmwarewcn3991_firmwareqdm5652_firmwarepmm8155au_firmwaresdr051qcn9070qln5030qcs2290_firmwarepm4125pmi632qpa2625_firmwarepm456sd7c_firmwarepm8350bh_firmwarecsra6620pmr735b_firmwareqet5100_firmwareqpm4621qcn9072qet6100_firmwarepm670l_firmwaresdr660gsd455sd765g_firmwareqpa8686qca6390_firmwareipq6000sd730_firmwarewcd9370qcn5152_firmwaresdr425pmr525_firmwareqca6584au_firmwareqcn9000_firmwareipq5018pmi632_firmwareqcn7605qpm5541qat5516sd662qpa8821_firmwareqcn5124_firmwaresdr660g_firmwarepm8350bhqca1064pm3003aqca6595auwcn3999_firmwareqca6436_firmwaresmb1354ipq5010qca6564au_firmwareqdm2305sa6155p_firmwareqca6310qpm8820qpm2630qln5020_firmwaresa515m_firmwaresmb1398sa6145p_firmwaresdr675sm6250sd712_firmwarewsa8810_firmwaresd765_firmwareqdm5677_firmwareqca8081qet4200aqipq8071aipq8071a_firmwarewcd9385qpm6325_firmwareqdm2302_firmwareqat3550_firmwarepmm8155auqln5040_firmwarepm4125_firmwarear8035csr8811qpa8673qca6694_firmwareqdm2310qln5030_firmwareqcn9100_firmwaresmb1396_firmwarewcn6850_firmwarewsa8835_firmwareqca6564asmr546pmx24qet6110qln5040qca8072qcm2290_firmwareqpm8895sdr845qpm5670wcn3990qcn9000qtm527pmk8350qcn9012pm8350bqdm2307_firmwarewsa8835qpm5657_firmwaresm6250ppm855asdr660_firmwareqca6574asmb1390_firmwareqca9889ipq8074qpm4640wcn6750qet5100m_firmwareipq8076_firmwareqpm4650qtm525sa515mwtr6955sd855sm4125_firmwaresd8cxipq8076wtr6955_firmwarepm640pqcn5021qcn5152sd768g_firmwaresdr865_firmwarepm8250_firmwaresd460qca6391sd8cx_firmwaresdxr1_firmwaresmb1351ipq6005aqt1000_firmwareqcn9100qpm8895_firmwarepm660aqpa4340qcm4290sdx50mpm640asdr8150smb1395_firmwareqdm4650pmd9655ipq8074_firmwareqca6574ausa8155p_firmwareqsw6310sd8655g_firmwarewcd9341_firmwareqcm6125wsa8810qtc410s_firmwareqpm2630_firmwareqat5568_firmwareqdm2308qat3550wcn6856qdm5679ipq6010_firmwarepm3003a_firmwareqca6696qtc800s_firmwaresm4350sd845_firmwaresmb1381_firmwareqpa2625sa6150pqcn9022_firmwareqpa8688_firmwareipq8070apmm8195au_firmwareqcn9072_firmwaresm7250psd720g_firmwareipq8071_firmwareqcn9074_firmwareqpm4621_firmwaresd636_firmwarepm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-617
Reachable Assertion
CVE-2020-11653
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.26% / 79.65%
||
7 Day CHG~0.00%
Published-08 Apr, 2020 | 00:00
Updated-04 Aug, 2024 | 11:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Varnish Cache before 6.0.6 LTS, 6.1.x and 6.2.x before 6.2.3, and 6.3.x before 6.3.2. It occurs when communication with a TLS termination proxy uses PROXY version 2. There can be an assertion failure and daemon restart, which causes a performance loss.

Action-Not Available
Vendor-varnish-cachevarnish-softwaren/aDebian GNU/LinuxopenSUSE
Product-varnish_cachedebian_linuxbackports_sleleapn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2020-11280
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.24% / 47.81%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 06:26
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service while processing fine timing measurement request (FTMR) frame with reserved bits set in the FTM parameter IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qpm5679_firmwaresm6250p_firmwareipq4028_firmwareqca8337ar9380ipq8173_firmwareqfs2608_firmwareqfs2530qpm8870_firmwareqln1030qpa8688pm6125qcn5124qat5522_firmwarewcn3950_firmwarepm8150aqdm5670qca6595au_firmwareqpm5541_firmwareqpa5581_firmwaresa6155pm7150lqpa8821pm8998_firmwarewtr5975_firmwareqcs6125_firmwarepm456_firmwareqpa5580_firmwaresa415mwcn3998wcd9371_firmwarewcn3950qcn6024_firmwaresd720gsm4125qsw8573_firmwareqsm8350_firmwareqsw8574_firmwareqsm8350sd460_firmwaresmb2351_firmwaresd6905gqpa4360_firmwareqca8081_firmwarewcn3998_firmwarepm855pqca6420pm6150aqca9986qpm6670_firmwareipq8070_firmwareipq8065ipq8078a_firmwarepm660_firmwarepm8150bipq8072_firmwaresa8155_firmwareipq8068qca6430qat3522pmr735awcd9340sdm830_firmwaresd765gsdr660qfs2630_firmwaresdr865qdm5620_firmwareqca9888_firmwaresmr545qca6696_firmwareqln5020wcd9371qca1062qcn5154_firmwarepmm855au_firmwaresm4350_firmwareqcn5501_firmwaresa8150ppm6350qdm5621ar7420_firmwareqtc800sqat3514_firmwareqca9992_firmwaresd660sd712pm640p_firmwaresd660_firmwareqcn5121qcn5022_firmwareqcn7606_firmwareqat5516_firmwarepm6150lwcn6750_firmwaresd8885gpm855l_firmwareqca6428_firmwareqca9985_firmwareqtc410sipq4018_firmwarewcn3991qca9980_firmwareqpa8801ipq8078pm8150l_firmwareipq8173qat5533_firmwaresdx55m_firmwaresdxr25gqpa8673_firmwarepm6150smb1354_firmwaresd670_firmwareqca6574qfs2630qpa8842csr8811_firmwaresdr052_firmwarewcd9380qln4640qcs410qpm5579_firmwaresmb1380_firmwarepmk8350_firmwareqcn5024pm855p_firmwaresmb1381pm7250qpa8803qca9985qcn9012_firmwaresdxr25g_firmwareqdm2301ipq6018_firmwarewcd9340_firmwarewsa8815wcn6850pmp8074_firmwareqdm5621_firmwareqdm2301_firmwareqpm6375ipq6028ipq8064pmp8074wcn3980_firmwaresd730pm660l_firmwarepm6250_firmwarepm8008pm8350b_firmwareqtm525_firmwarepme605_firmwareqcn5064_firmwarepme605ipq8078_firmwareqpm5621_firmwareqcn5054qln1021aq_firmwareqcs603qca9896rsw8577qpa6560_firmwareqca9994qpa8802_firmwareqln4640_firmwareqca9980qpm5621qcn9024_firmwareipq8174_firmwarepm8009_firmwareqpm6582qfs2580_firmwaresd670qcm4290_firmwarewcn6855qcn7605_firmwarepm8150lpmi8998_firmwareqcs610_firmwaresa6145ppm660a_firmwarepm4250qca9886_firmwarear8031qpm5577wtr2965qca6391_firmwarepm8150qca4024wcd9370_firmwareqat3516_firmwaresdx55qcn5021_firmwarecsra6640qat3555_firmwareqpa8803_firmwarepm855bsmb2351qln1031qcn7606qpm5870qcn5500wsa8830pm660qca9561qet6110_firmwareqca1062_firmwareqpm6325pm6125_firmwareqbt1500qpa5581csrb31024qca9563_firmwarepmx24_firmwareqbt1500_firmwareqpm5870_firmwareqca9992qcs4290pmm855auqet6100qca6420_firmwaresmb1396pm7150asd675_firmwareipq8072pm8350qpa5461_firmwareqpa4361_firmwarepm8350c_firmwareqca6426wcn3990_firmwareqca9984_firmwareqpm5641wcd9385_firmwareqdm5650_firmwareqpa4340_firmwarewcd9326_firmwarewhs9410pm7250_firmwaresdr845_firmwareqdm5620qln1021aqipq8074asmb1380qca9982pmk8002_firmwareqsw6310_firmwaresa8155qln1031_firmwareqdm4650_firmwareqcn5122_firmwarepmm6155au_firmwareqat5533sdx55_firmwareqcn6023_firmwaresm7250p_firmwareqsm7250_firmwareqpm6670pm7150l_firmwareqca6584auqpm4641qat5515_firmwareipq8174pm855qpm8830_firmwarepm8250qcn5052qdm4643qfs2530_firmwaresa415m_firmwarepmx55qpm4641_firmwareqcn9074wcn3988_firmwarepm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresa8195psdr735_firmwareqpm5677qat5515qca6694qca7550qat3514wcd9326wcd9335qca9982_firmwarepm6350_firmwareqcn6023pm8004_firmwaresdr8150_firmwareqcs4290_firmwareqtc800h_firmwareqpm5620qpm4630qca6390qca9898_firmwaresd750g_firmwareaqt1000wcd9375sm6250_firmwarepmm8195auqln4642qpm5677_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwaresmr525_firmwarepm8998wtr3925_firmwareqpm8820_firmwareqln1020_firmwareqpm6621_firmwarepm670a_firmwareqcm6125_firmwareqca9882pmx55_firmwareqca6595pm8150_firmwaresmb1398_firmwareqpm8830qat5522qca9896_firmwareipq8065_firmwarepm8150cpmr735bsd665_firmwareqpa4360pmk8003_firmwareqcn5154qca8075_firmwareqpa4361ipq6005_firmwareqpm4640_firmwareqpm5577_firmwarewcn6855_firmwareqdm5679_firmwarepm8350csmr525qca9888qca6310_firmwareipq8070a_firmwarepm6150l_firmwarepmr525pm8150a_firmwareqca6574_firmwareqca9886qcn5502_firmwareqln1036aq_firmwaresd665pm6150a_firmwarepm6150_firmwareqca6175asd765qca6574a_firmwareqpm4630_firmwareqat3555sd850_firmwareqpa5461sd8c_firmwarewtr2965_firmwarepm670_firmwarecsrb31024_firmwareqfs2608qcn9070_firmwareqln1036aqqtc801sipq6028_firmwareipq8072a_firmwareqca9531qpm5641_firmwareqca9889_firmwaresd710qcn5122pm8008_firmwareqpm6621pmr735a_firmwarepmx50qcn5022sdr8250sd768gqca1064_firmwareqln1030_firmwarepm8004pm640lpmk8002qca8075qcn6024qcn9022sd845sdm830ipq6000_firmwareqcs410_firmwareqca6175a_firmwareqpa5580qpm5579sa6150p_firmwareqcs610qcn5550qpm5620_firmwareqdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqca9561_firmwareqat3519qbt2000_firmwareqca4024_firmwarepm855a_firmwareipq8078aqtc800hsa8150p_firmwareqcs2290sdr8250_firmwareqca6335qcn5064csra6620_firmwareqcs605_firmwareqln1020smr546_firmwareqdm5671csra6640_firmwarepmc1000hqpm4650_firmwareqat3518qca9987_firmwaresd8csdr425_firmwaresmr526_firmwareipq8076aqpa5460pm640a_firmwarewgr7640_firmwareqdm2305_firmwareqpm5670_firmwaresd710_firmwareqca6428qdm5652qca6574au_firmwareqcn5164_firmwareipq8071qpm8870wcd9375_firmwareqpm5679qbt2000sa6155_firmwarewcd9360qca6438_firmwarepmx50_firmwareqpa8675_firmwarewhs9410_firmwaresdr735gqpa5460_firmwarewcn3999qdm3301_firmwareqca7500qsm7250ipq4029_firmwareqcs6125ipq6010sd662_firmwareqcs405rsw8577_firmwareqdm2308_firmwareqca6436wcn6851qcn3018_firmwaresa6155pqcs603_firmwareqpa6560sdr675_firmwarewcd9341ipq8068_firmwareqdm4643_firmwareqca6431qet4100_firmwaresd750gqca9988_firmwarewcn3910_firmwareqpm5657qpm5875_firmwarewsa8830_firmwaresd855_firmwareqdm5650wcn3988qca6438wtr3925sdr052sa8195p_firmwaresmb1390qca9898ipq4028qet4100qpa8686_firmwareipq5018_firmwareqpm6585qca8337_firmwarewcd9380_firmwaresmb1355ipq8072aqca7500_firmwareqln4650sdr735g_firmwarewgr7640ipq8076a_firmwareqat5568qca7550_firmwareqdm5671_firmwareqca6564auqet5100qpa8801_firmwareqtm527_firmwarewcn6856_firmwarepm8005_firmwareqcn5164qca9558qet4101_firmwarepm7250bqln4642_firmwareqca7520_firmwaresmb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwareqcn5054_firmwareqet4200aq_firmwareipq4019_firmwaresdx50m_firmwaresdr735smb1395pm660lsmr526qca8072_firmwarewtr5975qca6430_firmwarepmk8003qcn5052_firmwareqtc801s_firmwareqat3522_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqsw8573qcs605sd7cwcn3910qca6320qca9986_firmwareqca6426_firmwarepm8350_firmwareqca9984qcn9024pm8009qpa8675qcn5550_firmwaresdr051_firmwaresdx55mipq8064_firmwarepm670aqca6421_firmwareqat3518_firmwareqsw8574pmi8998sd6905g_firmwarear8031_firmwarepm855lwcn6851_firmwareqdm5670_firmwareipq8070sd8655gqcn5502pm7150a_firmwarepm8150b_firmwareqca9887_firmwaresmr545_firmwarepmc1000h_firmwareqca6564a_firmwareqdm2310_firmwarepm4250_firmwareqca9880qcn5121_firmwaresd8885g_firmwarepm670qdm5677pm8005ipq6018pm855_firmwareqcn3018qdm2302pmm6155ausdxr1pm855b_firmwareqca6595_firmwareqcs405_firmwareqpm6582_firmwareqpm6375_firmwarepm640l_firmwareqln4650_firmwareqpm5875qet5100msa8155psd675qet4101qca9531_firmwareqat3516pm670lqpm5658ar8035_firmwareqcm2290qpm5658_firmwareqcn5024_firmwarewcn3991_firmwareqdm5652_firmwarepmm8155au_firmwaresdr051qcn9070qln5030qca7520pm4125qcs2290_firmwarepmi632qpa2625_firmwarepm456sd7c_firmwarepm8350bh_firmwarecsra6620pmr735b_firmwareqet5100_firmwareqca9987qpm4621qcn9072qca9880_firmwareqet6100_firmwarepm670l_firmwaresdr660gsd765g_firmwareqpa8686ipq8069_firmwareqca6390_firmwareipq6000sd730_firmwarewcd9370qcn5152_firmwaresdr425pmr525_firmwareqca6584au_firmwareqcn9000_firmwareipq5018pmi632_firmwareqcn7605qpm5541qat5516qca9563sd662qpa8821_firmwareqcn5124_firmwaresdr660g_firmwarepm8350bhqca1064pm3003aqca6320_firmwareqca6595auwcn3999_firmwareqca6436_firmwaresmb1354ipq5010qca6564au_firmwareqdm2305sa6155p_firmwareqca6310qpm8820qpm2630qln5020_firmwaresa515m_firmwareqca9990smb1398qcn5501sa6145p_firmwaresdr675sm6250sd712_firmwarewsa8810_firmwaresd765_firmwareqdm5677_firmwareqca8081qet4200aqipq8071aqca6174a_firmwareipq8071a_firmwarewcd9385qpm6325_firmwareqdm2302_firmwareqat3550_firmwarepmm8155auqln5040_firmwarepm4125_firmwarear8035csr8811qpa8673ipq4019qca6694_firmwareqdm2310qln5030_firmwareqcn9100_firmwaresmb1396_firmwarewcn6850_firmwarewsa8835_firmwareqca6564asmr546pmx24qca9988qet6110qln5040qca8072qcm2290_firmwareqpm8895sdr845qpm5670wcn3990qcn9000qtm527ar9380_firmwarepmk8350qcn9012qca9558_firmwarepm8350bqdm2307_firmwarewsa8835qpm5657_firmwaresm6250ppm855asdr660_firmwareipq4018qca6574asmb1390_firmwareqca9889qca6174aipq8074qca9994_firmwareqpm4640wcn6750qet5100m_firmwareipq8076_firmwareqpm4650qtm525sa515mar7420wtr6955sd855sm4125_firmwaresd8cxipq8076wtr6955_firmwareqca9887pm640pqcn5021ipq8069qcn5152sd768g_firmwaresdr865_firmwarepm8250_firmwaresd460qca6391sd8cx_firmwaresdxr1_firmwaresmb1351ipq6005aqt1000_firmwareqcn9100qpm8895_firmwarepm660aqpa4340qcm4290sdx50mpm640aqca9882_firmwaresdr8150smb1395_firmwareqdm4650pmd9655ipq8074_firmwareqca6574ausa8155p_firmwareqsw6310sd8655g_firmwarewcd9341_firmwareqcm6125wsa8810qtc410s_firmwareqpm2630_firmwareqcn5500_firmwareqat5568_firmwareqdm2308qat3550wcn6856qdm5679ipq6010_firmwarepm3003a_firmwareqca6696qtc800s_firmwaresm4350sd845_firmwaresmb1381_firmwareqpa2625sa6150pqcn9022_firmwareqpa8688_firmwareqca9990_firmwareipq8070apmm8195au_firmwareqcn9072_firmwaresm7250psd720g_firmwareipq8071_firmwareqcn9074_firmwareqpm4621_firmwareipq4029sd850pm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-617
Reachable Assertion
CVE-2020-11296
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.26% / 49.35%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 06:26
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Arithmetic overflow can happen while processing NOA IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100qfe2080fc_firmwareqca9377_firmwareqpm5679_firmwarepmd9607_firmwareqca1023qfs2530qpm8870_firmwareqln1030pm6125mdm9645msm8992_firmwarewcn3950_firmwarepm8150aqdm5670qpm5541_firmwareqpa5581_firmwareqpa8821mdm8215qcs6125_firmwarepm456_firmwaresa415mwcn3998wcd9371_firmwarewcn3950mdm9206_firmwareqsw8573_firmwarewcn3660bqsm8350_firmwareqsm8350smb2351_firmwarepm855pwtr4605_firmwarepm6150aqca9367_firmwareipq8072_firmwaresa8155_firmwareipq8068qat3522qfe4455fcpmr735asdm830_firmwaresd765gsdr660qfe1045_firmwareqfe3345qfs2630_firmwaresdr865mdm9250_firmwareqdm5620_firmwaresmr545qca6696_firmwareqln5020qca1062mdm8215_firmwarepmm855au_firmwaresd_8cxpmm8920ausa8150pqfe3340sd660sd712pm640p_firmwareqcn5121pm6150lpm855l_firmwareqca6428_firmwareqtc410sipq4018_firmwareqca4531_firmwareqfe3335_firmwareqpa8801ipq8078qat5533_firmwareipq8173sdx55m_firmwareqpa8673_firmwaresd670_firmwareqfs2630pmm8996auqpm5579_firmwaresmb1380_firmwarepmk8350_firmwareqcn5024pm855p_firmwaresd690_5g_firmwaresmb1381pm7250wtr4905sdx24_firmwareqcn9012_firmwareqdm2301qca9890_firmwareqfe2101_firmwareqca6584_firmwareqdm5621_firmwareqpm6375sd_8c_firmwareipq6028ipq8064pmp8074qca1990wcn3980_firmwaresd730qfe3320_firmwarepm8008pm8350b_firmwaremdm9225pme605_firmwarepme605apq8064au_firmwaremdm9225mipq8078_firmwareqcn5054qln1021aq_firmwareqcs603qca6164_firmwareqln4640_firmwareqca9980qpm6582qcn9024_firmwareqcs610_firmwareapq8084_firmwareqca9886_firmwarear8031wtr2965qca6164qca6391_firmwarepmx20_firmwareqca4024qat3516_firmwareapq8053qcn5021_firmwareqca9379pm855bsmb2351qpa5581qfe1040_firmwarecsrb31024qca9563_firmwaremdm9628_firmwaremdm9650qbt1500_firmwareqpm5870_firmwarepmk8001qcs4290qet6100pmd9635_firmwareapq8009_firmwaresd690_5gmdm9310_firmwaresd675_firmwareipq8072qca6426qca9984_firmwareqca9377qpm5641sdxr2_5g_firmwarewtr2955rgr7640au_firmwarepm7250_firmwareqdm5620ipq8074aqca9982qcn5122_firmwareqat5533qcn6023_firmwaresm7250p_firmwarewcn3610_firmwareqsm7250_firmwareqpm6670pm7150l_firmwareqca6584aupm855pm8250qcn5052mdm9235m_firmwaremdm9607_firmwaremdm9655_firmwareqfs2530_firmwaresa415m_firmwareqat3519_firmwareqpm5677qat5515qca9982_firmwareqcs4290_firmwareqtc800h_firmwareqpm5620mdm9625sd750g_firmwareaqt1000sm6250_firmwarepmm8195auqln4642msm8994ipq5010_firmwareipq8074a_firmwaremdm9625msd888_5g_firmwaresmr525_firmwarewsa8815_firmwareqpm8820_firmwareapq8017qpm6621_firmwaremdm9630_firmwarewtr2955_firmwareqbt1000_firmwarepm8019qca6595smb1398_firmwareqca9896_firmwareipq8065_firmwarepm8150cpmr735bsd665_firmwareqcn5154qpm5577_firmwareqdm5679_firmwareqca6310_firmwareapq8094_firmwarepm6150l_firmwaremdm9615qca6574_firmwaresd665pm6150a_firmwarepmd9607mdm9310wtr2965_firmwarecsrb31024_firmwareqfs2608qcn9070_firmwareqln1036aqipq6028_firmwareipq8072a_firmwareqca9889_firmwaresd710mdm9607mdm9645_firmwareqln1035bd_firmwaresdx20m_firmwareqca6564_firmwareqca1064_firmwaresmb1350_firmwarepmk8002apq8096au_firmwareqcn9022sdm830smb1357qpa5580pm8018_firmwareqpm5579qfe2550qcn5550qdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqat3519qbt2000_firmwareipq8078asa8150p_firmwaresdr8250_firmwareqcn5064csra6620_firmwareqln1020csra6640_firmwarepmc1000hqat3518smr526_firmwareipq8076apm640a_firmwarewgr7640_firmwareqca4020qca6428qdm5652qcn5164_firmwareipq8071sa6155_firmwarewcd9360sdx20mqca6438_firmwareqpa8675_firmwarewtr1625lqpa5460_firmwarewcn3999qsm7250pm8996ipq4029_firmwareipq6010sd662_firmwareqdm2308_firmwareqca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwareipq8068_firmwarepmi8952mdm9655qca6431wcn3910_firmwareqfe1922sd855_firmwareqdm5650qfe2080fcsdr052sa8195p_firmwaresmb1390qca9898ipq4028qpa8686_firmwarewcd9380_firmwareqca7500_firmwarewgr7640csr6030qat5568qdm5671_firmwareqpa8801_firmwareqtm527_firmwarepm8005_firmwareqca9558pm7250b_firmwarepmd9655_firmwaresmb1351_firmwaremdm9230pm8996_firmwareipq4019_firmwaresmb358sar8151smr526qca8072_firmwareqca6174pmk8003qca6430_firmwareqtc801s_firmwareqat3522_firmwarewcn3980qsw8573qcs605qbt1000mdm9225_firmwaresd7cwcn3910qca6426_firmwarepm8350_firmwarepm8009ipq8064_firmwareqat3518_firmwaresd821_firmwarepmi8998qfe2520ar8031_firmwarepm855lpmd9635pm8150b_firmwaresd_636_firmwaresmr545_firmwareqca9880pm670sd210_firmwarepm8005qdm2302sdxr1apq8096auqcs405_firmwarepmi8996_firmwareqln4650_firmwareqet5100mqca9378a_firmwarepm8952qca9531_firmwareqat3516qpm5658ar8035_firmwareqcm2290qpm5658_firmwareqcn5024_firmwarewcn3991_firmwareqdm5652_firmwareqfe4465fcqcn9070pmi632qca9378pm8350bh_firmwarepmr735b_firmwaresmb1360_firmwareqca9880_firmwarepm670l_firmwaresdr660gqfe2340ipq8069_firmwaresd730_firmwarewcd9370sdr425qcn9000_firmwareipq5018qca9369ar8151_firmwaresd_8cx_firmwareqpm5541qat5516qcn5124_firmwarepm8350bhqca6320_firmwarewcn3680b_firmwareqca6595auipq5010qdm2305sa6155p_firmwareqca6310pm8937qpm2630qca9990sdxr2_5gsmb1398msm8994_firmwaresa6145p_firmwaresdr675ipq8071aipq8071a_firmwarewcd9385qat3550_firmwareqln5040_firmwarepm4125_firmwarear8035pm8019_firmwareapq8064auqca6694_firmwareqdm2310qfe2550_firmwareqcn9100_firmwareqln5030_firmwarepm8952_firmwaresd820smb1396_firmwarecsr6030_firmwaresmr546pmx24qfe1055qca8072qln5040qpm8895sdr845qtm527qfe3440fc_firmwarepmk8350qca9558_firmwaremsm8996aupm8994_firmwareqfe1035qpm5657_firmwaresd888_5gsm6250pqln1035bdpm855asdr660_firmwarepm8909_firmwareipq4018qca6574aqpm4640mdm9635mqet5100m_firmwareipq8076_firmwareqpm4650sa515mipq8076qfe1922_firmwareqca9887qca9378_firmwaresdr865_firmwareqfe4465fc_firmwarepm8250_firmwaresd460qca6391sdxr1_firmwaremdm9626pm660asdx50mpm640apm8916qdm4650ipq8074_firmwareqca6574ausa8155p_firmwareqsw6310qcm6125qpm2630_firmwaresmb231_firmwareqdm2308qat3550wcn6856sd835_firmwareqtc800s_firmwaresa6150pqcn9022_firmwareqpa8688_firmwareipq8070apmm8195au_firmwareqcn9072_firmwaresm7250psd720g_firmwareqpm4621_firmwareqca9896ipq4029sd850qln4640qfs2580mdm9640_firmwaresm6250p_firmwareipq4028_firmwareqfe4455fc_firmwareqca8337ar9380ipq8173_firmwareqfs2608_firmwareqpa8688qcn5124qat5522_firmwaresc8180x\+sdx55qca6595au_firmwaresa6155pm7150lpm8998_firmwaresd_455_firmwareapq8076wtr5975_firmwareqpa5580_firmwareqcn6024_firmwaresd720gsm4125wtr1605pmm8920au_firmwareqsw8574_firmwaresd460_firmwaremdm9230_firmwarepm8953_firmwareqpa4360_firmwareqca8081_firmwareqfe2520_firmwarewcn3998_firmwareqca6420apq8053_firmwareqpm6670_firmwareipq8070_firmwareipq8065ipq8078a_firmwarepm660_firmwarepm8150bqca0000qfe2101qca6430wcd9340mdm9625_firmwaresmb1358qca9888_firmwarewcd9371smb1350qfe1055_firmwareqcn5154_firmwaresm4350_firmwarewtr3950pm6350qdm5621qtc800sqat3514_firmwaremdm9330_firmwareqca9992_firmwaresd865_5g_firmwaresd660_firmwareqcn5022_firmwareqcn7606_firmwareqat5516_firmwarewcn3991qca9980_firmwarepm8150l_firmwarepm6150smb1354_firmwaremsm8976_firmwareqca6574qpa8842csr8811_firmwaresdr052_firmwarewcd9380qcs410qfe3100_firmwareqca9379_firmwareqpa8803pmd9645ipq6018_firmwarewcd9340_firmwarewsa8815wcn6850pmp8074_firmwareqdm2301_firmwaremdm9215_firmwaresd835pm660l_firmwarepm6250_firmwareqtm525_firmwareqcn5064_firmwareqca9890qpm5621_firmwareqca6234rsw8577qpa6560_firmwareqca9994qpa8802_firmwareqpm5621sd670ipq8174_firmwarepm8009_firmwareqfs2580_firmwareqcm4290_firmwarewcn6855qcn7605_firmwarepm8150lpmi8998_firmwaresa6145ppm660a_firmwarepm4250qca1023_firmwareqpm5577sdm630_firmwaresd820_firmwarepm8150wcd9370_firmwaresdx55csra6640qat3555_firmwarepmi8994qpa8803_firmwareqca6234_firmwareqln1031qcn7606qpm5870pm8909qfe1040wsa8830pm660qca9561qet6110_firmwareqca1062_firmwareqpm6325pm6125_firmwareqbt1500qfe2340_firmwaresd_636pmx24_firmwareqca9378aqca9992pmm855aumdm9250qca6420_firmwaresmb1396pm7150apm8350qca6564qpa4361_firmwarepm8350c_firmwareqpa5461_firmwarewcn3990_firmwareqca4531wcd9385_firmwareqdm5650_firmwareqpa4340_firmwarewcd9326_firmwarewhs9410wcn3615_firmwaresdr845_firmwareqln1021aqsmb1380pmk8002_firmwareapq8094qsw6310_firmwaresa8155qca6584qdm4650_firmwareqln1031_firmwarepmm6155au_firmwaresdx55_firmwarewcn3615qfe1952qpm4641qat5515_firmwareipq8174qpm8830_firmwareqca9367qfe2082fc_firmwareapq8092sdm630qdm4643wcn3988_firmwarepmx55qpm4641_firmwareqcn9074pm8150c_firmwareqca6421qdm3301qpa8842_firmwaresa8195psdr735_firmwarepm8953qca6694qat3514wcd9326wcd9335pm6350_firmwareqcn6023pm8004_firmwaresdr8150_firmwareqpm4630qca6390qca9898_firmwarewcd9375msm8976sc8180x\+sdx55_firmwareqpm5677_firmwareapq8092_firmwaresdx20_firmwarewtr3925_firmwarepm8998qln1020_firmwaremdm9235mpm670a_firmwareqcm6125_firmwareqca9882wtr1625l_firmwarepmx55_firmwaresd865_5gpm8150_firmwareqpm8830pmm8996au_firmwareqat5522qca9369_firmwareqpa4360pmk8003_firmwareqca8075_firmwareqpa4361ipq6005_firmwaremdm9206qpm4640_firmwarewcn6855_firmwarepm8350csmr525qca9888ipq8070a_firmwarepmr525pm8150a_firmwarewtr3950_firmwareqca9886qln1036aq_firmwarepm6150_firmwareqca6175asd765wtr3925lpmx20qca6574a_firmwareqpm4630_firmwareqat3555sd850_firmwareapq8009qpa5461qfe2082fcpm670_firmwareqtc801smdm9626_firmwareqca9531qpm5641_firmwareqfe3320qcn5122pm8008_firmwareqpm6621pmr735a_firmwarepmx50pm8018qfe3345_firmwareqcn5022sdr8250sd768gqln1030_firmwarepm8004pm640lqca8075qcn6024sd845mdm9615_firmwareipq6000_firmwareqcs410_firmwaremdm9330qca6175a_firmwaresa6150p_firmwareqcs610pmi8996qpm5620_firmwareqfe1045qca9561_firmwareqca4024_firmwarepm855a_firmwareqtc800hqcs2290qca6335qcs605_firmwaresd_675_firmwaresmr546_firmwarewtr3905qdm5671qfe2330qpm4650_firmwaresdr425_firmwaremdm9628qpa5460qdm2305_firmwareqpm5670_firmwaresd710_firmwareqca6574au_firmwaremdm9630qpm8870wcd9375_firmwareqpm5679qbt2000pmx50_firmwarewhs9410_firmwaresdr735gqdm3301_firmwareqca7500qcs6125smb1360qcs405qca1990_firmwareqfe3440fcrsw8577_firmwareqpa6560sdr675_firmwarewcd9341qdm4643_firmwarepm8937_firmwareqet4100_firmwaresd750gqpm5657wtr1605_firmwareqpm5875_firmwarewsa8830_firmwarewcn3988qca6438wtr3925qet4100wcn3610mdm9640ipq5018_firmwareqpm6585qca8337_firmwaresmb1355ipq8072aqln4650qtc800t_firmwaremsm8996au_firmwaresdr735g_firmwarewcd9330ipq8076a_firmwareqet5100mdm9225m_firmwareqca6564auwcn6856_firmwareqcn5164pm8994qet4101_firmwarepm7250bqln4642_firmwarepmk8001_firmwaresmb1355_firmwareqcn5054_firmwareqet4200aq_firmwaresdx50m_firmwaresdr735smb1395pm660lsmb358s_firmwarewtr5975wcd9335_firmwareqcn5052_firmwareqca6335_firmwareqca6320mdm9650_firmwarewcn3660b_firmwareqca9984qcn9024qpa8675qcn5550_firmwaresdr051_firmwaresdx55mwcd9330_firmwarepm670aqca6421_firmwarewtr3905_firmwareqsw8574wcn6851_firmwareqdm5670_firmwareipq8070pm7150a_firmwareqca9887_firmwarewtr3925l_firmwarepmc1000h_firmwareqca6564a_firmwareqdm2310_firmwarepm4250_firmwarepmd9645_firmwareqcn5121_firmwareqdm5677ipq6018pm855_firmwarepmm6155aupm855b_firmwareqca6595_firmwareqpm6582_firmwareqpm6375_firmwarepm640l_firmwareqpm5875sa8155psd675wtr4605qet4101pm670lqfe2330_firmwarepmm8155au_firmwaresdr051qln5030qcs2290_firmwarepm4125qpa2625_firmwarepm456sd7c_firmwareqfe2081fc_firmwarecsra6620qet5100_firmwareqfe1100_firmwareqpm4621qcn9072qet6100_firmwaresd765g_firmwareqpa8686smb1358_firmwareqca6390_firmwareipq6000qca6174_firmwareqcn5152_firmwareqca0000_firmwarepmr525_firmwareqca6584au_firmwareapq8076_firmwareqfe3340_firmwarepmi632_firmwareqcn7605qca9563sd662qpa8821_firmwareqfe1952_firmwaresdr660g_firmwareqca1064pm3003awcn3999_firmwareqca6436_firmwareqtc800tsmb1354qca6564au_firmwareqpm8820qfe2081fcqln5020_firmwaresa515m_firmwareapq8084sd821msm8992sm6250sd712_firmwareapq8017_firmwarewsa8810_firmwaresmb231qfe1100sd765_firmwareqdm5677_firmwareqca8081qet4200aqqca6174a_firmwareqpm6325_firmwareqdm2302_firmwarepmm8155aucsr8811qpa8673ipq4019sd210wcn6850_firmwarewsa8835_firmwareqca6564aqet6110pmi8952_firmwareqcm2290_firmwaremdm9635m_firmwareqpm5670wcn3990qcn9000sd_675mdm9625m_firmwarear9380_firmwaresdx24qcn9012pmi8994_firmwarepm8350bqdm2307_firmwarewsa8835rgr7640aupm8916_firmwareqca9889qca6174asmb1390_firmwareipq8074qca9994_firmwarepm8956_firmwareqtm525wtr6955qfe3335sd855sm4125_firmwarewtr6955_firmwarepm640pqcn5021ipq8069qcn5152sd768g_firmwaresmb1351smb1357_firmwareipq6005aqt1000_firmwareqcn9100qpm8895_firmwareqpa4340qfe1035_firmwareqcm4290qca9882_firmwaresdr8150sdx20smb1395_firmwaremdm9215sd_455pmd9655wcd9341_firmwarewsa8810qtc410s_firmwareqat5568_firmwarewtr4905_firmwareqdm5679sd_8cwcn3680bipq6010_firmwarepm3003a_firmwareqca6696sm4350sd845_firmwaresmb1381_firmwareqpa2625qca9990_firmwareipq8071_firmwareqcn9074_firmwarepm8956pm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-617
Reachable Assertion
CVE-2020-11135
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.24% / 47.81%
||
7 Day CHG~0.00%
Published-09 Sep, 2020 | 06:25
Updated-04 Aug, 2024 | 11:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Reachable assertion when wrong data size is returned by parser for ape clips' in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8098, Kamorta, MSM8917, MSM8953, Nicobar, QCM2150, QCS605, QM215, Rennell, SA6155P, SA8155P, Saipan, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-kamorta_firmwaresa6155p_firmwareqcm2150_firmwaremsm8953sdm450sdm636_firmwaresdm632_firmwareapq8098_firmwaresdm450_firmwaresdm632qcm2150sdm660sdm439sdm630sm8250_firmwaresdm429sm7150_firmwaresa8155p_firmwareqm215sdm710sm6150sdm710_firmwaresm7150msm8917sa6155psdm670sxr2130qcs605_firmwaresdm670_firmwaresm8150_firmwaresxr2130_firmwaresdm439_firmwaresdm636rennellsdm630_firmwareapq8098rennell_firmwareqm215_firmwareqcs605msm8953_firmwaresa8155psaipan_firmwaresm6150_firmwaremsm8917_firmwaresdm429_firmwaresm8250sm8150sxr1130_firmwarekamortanicobar_firmwaresaipansxr1130sdm660_firmwarenicobarSnapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-617
Reachable Assertion
CVE-2020-11274
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.24% / 47.81%
||
7 Day CHG~0.00%
Published-07 May, 2021 | 09:10
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in MODEM due to assert to the invalid configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qca9377_firmwarefsm10055qpm5679_firmwaresm6250p_firmwareqcs610qpm5620_firmwareqca8337qdm2307qca6431_firmwareqfs2608_firmwareqfs2530qpm8870_firmwareqpa8802wcd9360_firmwareqpm6585_firmwarepm6125qat3519qbt2000_firmwareqat5522_firmwarepm855a_firmwarewcn3950_firmwarepm8150asc8180x\+sdx55qtc800hqdm5670sdr8250_firmwareqca6595au_firmwareqpa5581_firmwarepm7150lqpa8821pm8998_firmwareqdm5671pmc1000hqpm4650_firmwareqcs6125_firmwareqat3518sd8cpm456_firmwareqpa5580_firmwaresa415mwcn3998wcd9371_firmwaresmr526_firmwarewcn3950sd720gpm640a_firmwareqsw8573_firmwareqdm2305_firmwareqpm5670_firmwareqsw8574_firmwaresmb2351_firmwareqdm5652sd6905gqpa4360_firmwareqca6574au_firmwareqpm8870wcd9375_firmwarewcn3998_firmwareqpm5679qbt2000pm855pqca6420wcd9360pm6150aqpm6670_firmwarepmx50_firmwareqpa8675_firmwarewhs9410_firmwaresdr735gpm8150bqdm3301_firmwareqsm7250qcs6125sa8155_firmwareqca6430qat3522pmr735awcd9340sd765gqdm2308_firmwarefsm10056_firmwaresdr660qca6436wcn6851qpa6560qfs2630_firmwaresdr675_firmwaresdr865qdm5620_firmwarewcd9341qdm4643_firmwareqca6431qca6696_firmwareqln5020wcd9371sd870_firmwareqet4100_firmwaresd750gpmm855au_firmwarewcn3910_firmwareqpm5657pm6350qdm5621qpm5875_firmwarewsa8830_firmwaresd855_firmwareqdm5650wcn3988pm640p_firmwaresdr052smb1390qat5516_firmwarepm6150lsd8885gpm855l_firmwareqet4100qpa8686_firmwareqpm6585qtc410swcn3991qca8337_firmwarewcd9380_firmwaresmb1355qln4650qpa8801sdr735g_firmwareqat5568qet5100qdm5671_firmwareqpa8801_firmwareqca6564aupm8150l_firmwareqat5533_firmwaresdx55m_firmwareqtm527_firmwarewcn6856_firmwarepm8005_firmwaresdxr25gqpa8673_firmwarepm6150qet4101_firmwarepm7250bqln4642_firmwareqfs2630qpa8842sdr052_firmwarewcd9380smb1355_firmwarepm7250b_firmwaresmb1351_firmwareqln4640qcs410smb1380_firmwarepmk8350_firmwaresmb1381pm855p_firmwaresdx50m_firmwaresdr735pm7250smb1395qpa8803sdx24_firmwaresmr526qca6430_firmwarepmk8003qtc801s_firmwarewcn3980qat3522_firmwaresdxr25g_firmwareqdm2301qsw8573wcd9340_firmwarewsa8815wcn6850wcn3910qdm5621_firmwareqdm2301_firmwareqca6426_firmwarepm8350_firmwarepm8009wcn3980_firmwareqpa8675sd730sdr051_firmwaresdx55mpm6250_firmwareqca6421_firmwarepm8008pm8350b_firmwareqtm525_firmwareqat3518_firmwareqsw8574pmi8998sd6905g_firmwaresd678_firmwareqpm5621_firmwarepm855lqln1021aq_firmwarewcn6851_firmwareqdm5670_firmwareqpa6560_firmwaresd8655gqpa8802_firmwareqln4640_firmwarepm7150a_firmwarepm8150b_firmwareqpm5621qpm6582pmc1000h_firmwarepm8009_firmwareqdm2310_firmwareqfs2580_firmwaresd480sd870wcn6855sd8885g_firmwarepm8150lpmi8998_firmwareqcs610_firmwareqdm5677pm8005pm855_firmwareqdm2302pmx60_firmwarepm855b_firmwareqpm6582_firmwareqca6391_firmwarepm640l_firmwarepm8150wcd9370_firmwareqln4650_firmwareqat3516_firmwareqpm5875sdx55qet5100msa8155psd675qet4101qat3555_firmwareqat3516qpa8803_firmwareqpm5658pm855bsmb2351qln1031qpm5658_firmwareqpm5870wcn3991_firmwareqdm5652_firmwarewsa8830sd678sdr051qet6110_firmwareqln5030pm6125_firmwareqbt1500fsm10056qpa5581pmi632qpa2625_firmwarepm456csrb31024pm8350bh_firmwarepmr735b_firmwarepmx24_firmwarefsm10055_firmwareqbt1500_firmwareqpm5870_firmwareqet5100_firmwareqpm4621qet6100_firmwareqet6100pmm855ausd765g_firmwareqpa8686qca6420_firmwareqca6390_firmwaresmb1396sd730_firmwarepm7150awcd9370sd675_firmwarepm8350qpa5461_firmwareqpa4361_firmwarepm8350c_firmwarepmr525_firmwareqca6426qca6584au_firmwarewcn3990_firmwareqca9377qpm5641pmi632_firmwarewcd9385_firmwareqdm5650_firmwarewhs9410qat5516pm7250_firmwaresdr845_firmwareqdm5620qln1021aqsmb1380qpa8821_firmwarepm8350bhpmk8002_firmwareqsw6310_firmwarepm3003asa8155qln1031_firmwareqdm4650_firmwaresdx55_firmwareqat5533qca6595ausm7250p_firmwareqca6436_firmwareqsm7250_firmwareqpm6670pm7150l_firmwareqca6564au_firmwareqca6584auqdm2305qpm8820qpm4641qat5515_firmwareqln5020_firmwaresa515m_firmwarepm855qpm8830_firmwarepm8250smb1398qdm4643qfs2530_firmwaresa415m_firmwarepmx55qpm4641_firmwarewcn3988_firmwaresdr675pm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresdr735_firmwaresm6250wsa8810_firmwareqpm5677qat5515sd765_firmwareqdm5677_firmwarepm6350_firmwarepm8004_firmwareqca6174a_firmwaresdr8150_firmwarewcd9385qtc800h_firmwareqdm2302_firmwareqpm5620qat3550_firmwareqln5040_firmwareqpm4630qca6390wcd9375sd750g_firmwareaqt1000qpa8673sc8180x\+sdx55_firmwaresm6250_firmwareqdm2310qln5030_firmwareqln4642qpm5677_firmwarewsa8815_firmwaresmb1396_firmwaresmr525_firmwarepm8998wcn6850_firmwarewsa8835_firmwareqpm8820_firmwareqpm6621_firmwarepmx24qcm6125_firmwareqet6110qln5040qpm8895sdr845qpm5670wcn3990pmx55_firmwareqtm527pmk8350pm8150_firmwaresdx24smb1398_firmwareqpm8830pm8350bqat5522qdm2307_firmwarewsa8835pm8150cpmr735bsd665_firmwareqpm5657_firmwaresm6250pqpa4360pm855apmk8003_firmwaresdr660_firmwareqpa4361qca6574aqpm4640_firmwarewcn6855_firmwaresmb1390_firmwareqdm5679_firmwareqca6174apm8350csmr525qpm4640pm6150l_firmwarepmr525pm8150a_firmwareqet5100m_firmwareqpm4650qtm525sa515mqln1036aq_firmwaresd855sd8cxsd665pm6150a_firmwarepm6150_firmwaresd765pm640pqca6574a_firmwareqpm4630_firmwaresd768g_firmwaresdr865_firmwareqat3555pm8250_firmwarepmx60qca6391sd8cx_firmwaresmb1351qpa5461aqt1000_firmwaresd8c_firmwareqpm8895_firmwarecsrb31024_firmwaresdx50mpm640aqfs2608sdr8150sd480_firmwareqln1036aqqtc801ssmb1395_firmwareqdm4650qca6574auqpm5641_firmwaresa8155p_firmwareqsw6310pm8008_firmwaresd8655g_firmwarewcd9341_firmwareqcm6125qpm6621wsa8810qtc410s_firmwarepmr735a_firmwareqat5568_firmwareqdm2308pmx50qat3550wcn6856qdm5679sdr8250sd768gpm3003a_firmwareqca6696smb1381_firmwaresd845_firmwarepm8004pm640lpmk8002qpa2625sd845sm7250psd720g_firmwareqpm4621_firmwareqcs410_firmwarepm6250qpa5580Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-617
Reachable Assertion
CVE-2025-32096
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.04% / 11.01%
||
7 Day CHG-0.11%
Published-25 Dec, 2025 | 00:00
Updated-05 Jan, 2026 | 19:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Pexip Infinity 33.0 through 37.0 before 37.1 has improper input validation in signaling that allows an attacker to trigger a software abort, resulting in a denial of service.

Action-Not Available
Vendor-pexipPexip
Product-pexip_infinityInfinity
CWE ID-CWE-617
Reachable Assertion
CVE-2018-15822
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.53% / 81.52%
||
7 Day CHG~0.00%
Published-23 Aug, 2018 | 22:00
Updated-05 Aug, 2024 | 10:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The flv_write_packet function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an empty audio packet, leading to an assertion failure.

Action-Not Available
Vendor-n/aCanonical Ltd.Debian GNU/LinuxFFmpeg
Product-ubuntu_linuxffmpegdebian_linuxn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2025-32095
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.10% / 27.27%
||
7 Day CHG-0.30%
Published-25 Dec, 2025 | 00:00
Updated-05 Jan, 2026 | 19:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Pexip Infinity before 37.0 has improper input validation in signalling that allows a remote attacker to trigger a software abort via a crafted signalling message, resulting in a denial of service.

Action-Not Available
Vendor-pexipPexip
Product-pexip_infinityInfinity
CWE ID-CWE-617
Reachable Assertion
CVE-2021-30332
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.26% / 49.35%
||
7 Day CHG~0.00%
Published-01 Apr, 2022 | 04:40
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible assertion due to improper validation of OTA configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwaresm6375wcn3991wsa8830qca8337_firmwarewcd9380_firmwaresd780gqca8337sd865_5gsdx55m_firmwarewcn6856_firmwarewcd9360_firmwaresd888sdx65wsa8835qcx315_firmwarewcd9380sd765g_firmwaresd888_5gqca6595au_firmwareqca6390_firmwaresd690_5gwcd9370qca6574asd690_5g_firmwarewcn6855_firmwaresm7325pqca6426wcn6750wcn3998wcd9385_firmwaresdxr2_5g_firmwaresa515msd_8_gen1_5g_firmwaresm6375_firmwarewsa8815sm7325p_firmwarewcn6850sd765qca6426_firmwaresm7315_firmwareqca6574a_firmwareqca6574au_firmwaresdx55_firmwaresd768g_firmwareqca6595auqca8081_firmwarewcd9375_firmwarewcn3998_firmwaresm7250p_firmwaresm7315qca6391wcd9360qca6436_firmwaresdx55mwcn6740_firmwaresd778gsdx65_firmwaresa515m_firmwareqcs6490qcm6490_firmwaresdxr2_5gsd480_firmwarewcn6851_firmwarewcn3988_firmwareqca6574ausd778g_firmwarewsa8810_firmwaresd765gwcd9341_firmwaresd480sd765_firmwaresd870qca6436wcn6851wsa8810wcn6855qca8081wcn6856wcd9385wcd9341sd768gqca6696_firmwareqcs6490_firmwaresd750gsd870_firmwarewcn6740qca6696qca6391_firmwareqca6390ar8035sd750g_firmwarewcd9375sd780g_firmwarewcd9370_firmwaresdx55sd888_firmwarewsa8830_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresm7250pqcx315sm8475wcn6750_firmwarear8035_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-617
Reachable Assertion
CVE-2024-42645
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 16.52%
||
7 Day CHG~0.00%
Published-29 Jul, 2025 | 00:00
Updated-06 Aug, 2025 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in FlashMQ v1.14.0 allows attackers to cause an assertion failure via sending a crafted retain message, leading to a Denial of Service (DoS).

Action-Not Available
Vendor-flashmqn/a
Product-flashmqn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2024-42644
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 15.84%
||
7 Day CHG~0.00%
Published-29 Jul, 2025 | 00:00
Updated-06 Aug, 2025 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FlashMQ v1.14.0 was discovered to contain an assertion failure in the function PublishCopyFactory::getNewPublish, which occurs when the QoS value of the publish object is greater than 0.

Action-Not Available
Vendor-flashmqn/a
Product-flashmqn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2021-30328
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.24% / 47.81%
||
7 Day CHG~0.00%
Published-01 Apr, 2022 | 04:40
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible assertion due to improper validation of invalid NR CSI-IM resource configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwaresm6375wcn3991wsa8830qca8337_firmwarewcd9380_firmwareqca8337sd865_5gsdx55m_firmwarewcn6856_firmwarewcd9360_firmwaresd888sdx65wsa8835qcx315_firmwarewcd9380sd765g_firmwareqca6595au_firmwareqca6390_firmwaresd690_5gwcd9370qca6574asd690_5g_firmwarewcn6855_firmwareqca6426wcn6750wcn3998wcd9385_firmwaresdxr2_5g_firmwaresa515msd_8_gen1_5g_firmwaresm6375_firmwarewsa8815wcn6850sd765qca6426_firmwaresm7315_firmwareqca6574a_firmwareqca6574au_firmwaresdx55_firmwaresd768g_firmwarewcd9375_firmwareqca6595auqca8081_firmwarewcn3998_firmwaresm7250p_firmwaresm7315qca6391wcd9360qca6436_firmwaresdx55msdx65_firmwaresa515m_firmwaresdxr2_5gsd480_firmwarewcn6851_firmwarewcn3988_firmwareqca6574auwsa8810_firmwaresd765gwcd9341_firmwaresd480sd765_firmwaresd870qca6436wcn6851wsa8810wcn6855qca8081wcn6856wcd9385wcd9341sd768gqca6696_firmwaresd750gsd870_firmwareqca6696qca6391_firmwareqca6390ar8035sd750g_firmwarewcd9375wcd9370_firmwaresdx55sd888_firmwarewsa8830_firmwaresd865_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresm7250pqcx315sm8475wcn6750_firmwarear8035_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-617
Reachable Assertion
CVE-2019-6476
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-5.9||MEDIUM
EPSS-1.27% / 79.72%
||
7 Day CHG~0.00%
Published-17 Oct, 2019 | 19:17
Updated-16 Sep, 2024 | 16:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
An error in QNAME minimization code can cause BIND to exit with an assertion failure

A defect in code added to support QNAME minimization can cause named to exit with an assertion failure if a forwarder returns a referral rather than resolving the query. This affects BIND versions 9.14.0 up to 9.14.6, and 9.15.0 up to 9.15.4.

Action-Not Available
Vendor-Internet Systems Consortium, Inc.
Product-bindBIND 9
CWE ID-CWE-617
Reachable Assertion
CVE-2025-27073
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.05% / 14.49%
||
7 Day CHG~0.00%
Published-06 Aug, 2025 | 07:26
Updated-20 Aug, 2025 | 19:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reachable Assertion in WLAN Firmware

Transient DOS while creating NDP instance.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm8735_firmwareqca6574ssg2115p_firmwaresm8750p_firmwareqcn9002sa7255pqcn9100sa7775pqam8650p_firmwareqcn5152_firmwarewcd9395sxr2330pwsa8845h_firmwareqca8084_firmwarewcd9378qca8082_firmwareqca6595_firmwareqca6678aqqcc2073_firmwaresnapdragon_865_5g_mobile_platform_firmwareipq9008wsa8835_firmwareqca6698aq_firmwareqcn6024snapdragon_ar2_gen_1_platformsnapdragon_8_gen_3_mobile_platformsm7635qca6426qamsrv1h_firmwarewcn6450qca6574a_firmwareqca8085_firmwaresxr2230p_firmwarecsr8811immersive_home_318_platformsxr2250p_firmwareipq8072asg8275pwcd9370qfw7124snapdragon_865_5g_mobile_platformsg8275p_firmwareqca8337immersive_home_318_platform_firmwaresnapdragon_8\+_gen_2_mobile_platformqca6436_firmwarewcn7861snapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)_firmwarefastconnect_6800_firmwareqcn6132_firmwarewsa8815_firmwareipq8072a_firmwarewsa8845_firmwareqca6391_firmwareipq6000_firmwareqcc2073wcd9375sd_8_gen1_5gipq5028qcn5024ipq8078_firmwareqcn6274_firmwareqcn5124_firmwareqca6564auqcn5164snapdragon_870_5g_mobile_platform_\(sm8250-ac\)_firmwareipq8076_firmwareqcn5154_firmwareqcn5122qcc2076_firmwareqca6574ausnapdragon_x75_5g_modem-rf_systemqcn5052_firmwareqcn9074_firmwareqca6584au_firmwareqamsrv1m_firmwareipq6028ipq8070a_firmwaresnapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)sa9000pqcn9100_firmwaresm8750pqcn5024_firmwaresnapdragon_ar1_gen_1_platform_firmwaresm7675qca6688aqwcn7750qca6787aq_firmwareipq6010_firmwareqca6554a_firmwareqca6584ausc8380xpipq6018qmp1000qca8075_firmwareqam8255p_firmwareqcn9011ipq5010_firmwareqca6787aqqca6688aq_firmwareqca8085wcd9380_firmwaresd_8_gen1_5g_firmwareqca6574aqca6797aq_firmwarewsa8830_firmwareipq8174_firmwarewsa8832_firmwareqcs8550qcs8550_firmwaressg2125pimmersive_home_214_platformsnapdragon_xr2_5g_platformqcm8550qcn6023qcm8550_firmwarewsa8835qcn5054_firmwareqcn9001_firmwareqcn5022_firmwareqca8081_firmwarefastconnect_6800ipq8078qca6426_firmwareqcn6224wcn7860sa8620p_firmwaresd865_5g_firmwareqca6595au_firmwarewcd9385_firmwareqca6696_firmwarewcn6740qca8072immersive_home_216_platform_firmwarewcd9370_firmwaresm8650q_firmwareqcn5154wsa8815sm8750_firmwarewsa8845hqca6574au_firmwareqca6595ausa8255pwcn6755sa7775p_firmwarewcd9390_firmwarewsa8810snapdragon_x75_5g_modem-rf_system_firmwarewcn6650qcn5054ipq6000snapdragon_ar1_gen_1_platform_\"luna1\"ipq9008_firmwareipq9574sa8775p_firmwaresrv1h_firmwareqcn9074qca9889fastconnect_7800_firmwareimmersive_home_214_platform_firmwareqca8081wcd9340_firmwareipq9574_firmwareqcn5022qca8386sm6650p_firmwaresm8735qca9889_firmwaresm8650qqcn9024wcn7881sm8635pipq6028_firmwareqmp1000_firmwaressg2115pipq6018_firmwareqcn9000wcn6755_firmwareqcn6224_firmwareqam8255pwcn7880_firmwaresnapdragon_ar1_gen_1_platformsm8635p_firmwareqam8775p_firmwarewsa8810_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwareqca6678aq_firmwareqca6696sm8550pqcc710sm8750qcn9274_firmwareqca6391qam8775psm6650_firmwareqca6554aqcn9022_firmwaresnapdragon_ar2_gen_1_platform_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqcn6122qca6777aq_firmwaresnapdragon_xr2_5g_platform_firmwaresxr2250pqcn6122_firmwarewsa8840_firmwarewcn7861_firmwaresnapdragon_x72_5g_modem-rf_system_firmwaressg2125p_firmwareqcc710_firmwaresa8620psxr2330p_firmwaresm8550p_firmwareimmersive_home_316_platformipq8078a_firmwareipq5028_firmwarewcd9380fastconnect_6900_firmwaresnapdragon_8_gen_1_mobile_platform_firmwaresrv1m_firmwareqcn9022immersive_home_216_platformqam8650psm7675_firmwaresxr1230p_firmwareqca8082sm7675pipq9554_firmwareipq8076a_firmwareqamsrv1hsnapdragon_8_gen_1_mobile_platformqca6777aqqamsrv1mipq8076aqcn5122_firmwaresxr2230pqcn9001qca8072_firmwareqca8084qca8075sm7675p_firmwaresa9000p_firmwareipq9570sm8635_firmwareqcc2076qcn5164_firmwareqcn9000_firmwareipq9570_firmwarear8035ipq8074a_firmwarewcd9395_firmwaresnapdragon_ar1_gen_1_platform_\"luna1\"_firmwarewcn6740_firmwarewcd9375_firmwaresm6650sa8255p_firmwarear8035_firmwareimmersive_home_316_platform_firmwareqcn9072ipq8071awsa8845wsa8840sa8775pfastconnect_7800srv1hqcn9070snapdragon_8_gen_3_mobile_platform_firmwareqca8337_firmwarewsa8832wsa8830snapdragon_8_gen_2_mobile_platformipq6010srv1mipq8070asxr1230pwcd9385qcn5124snapdragon_auto_5g_modem-rf_gen_2wcn6650_firmwaresa8650p_firmwarecsr8811_firmwareqcn9002_firmwaresnapdragon_x72_5g_modem-rf_systemqcn9003qca9888qca6436sa7255p_firmwareqca8386_firmwareipq8173_firmwarewcn7860_firmwaresm8635sc8380xp_firmwareipq8173qcn9012qca6797aqsnapdragon_870_5g_mobile_platform_\(sm8250-ac\)qcn6274wcn7881_firmwareqfw7114sm6650pqfw7114_firmwarewcd9340wcd9390qca4024_firmwareqca9888_firmwaresa8770p_firmwareipq8078asnapdragon_auto_5g_modem-rf_gen_2_firmwareqca6564au_firmwaresd865_5gqca6595wcn7880wcn6450_firmwareqcn6024_firmwareipq8071a_firmwareipq8074aqca4024fastconnect_6900qcn9024_firmwareqcn5152qcn9070_firmwareqcn6023_firmwareqcn9274ipq8076qcn9003_firmwareqcn9011_firmwaresa8650pipq8174sa8770pqcn5052wcd9378_firmwareqca6574_firmwareqcn6132qca6698aqipq9554qfw7124_firmwaresm7635_firmwareqcn9012_firmwareipq5010qcn9072_firmwarewcn7750_firmwareSnapdragon
CWE ID-CWE-617
Reachable Assertion
CVE-2020-8617
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-7.5||HIGH
EPSS-92.63% / 99.75%
||
7 Day CHG~0.00%
Published-19 May, 2020 | 14:05
Updated-16 Sep, 2024 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c

Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration does not otherwise make use of it, almost all current BIND servers are vulnerable. In releases of BIND dating from March 2018 and after, an assertion check in tsig.c detects this inconsistent state and deliberately exits. Prior to the introduction of the check the server would continue operating in an inconsistent state, with potentially harmful results.

Action-Not Available
Vendor-Debian GNU/LinuxCanonical Ltd.openSUSEFedora ProjectInternet Systems Consortium, Inc.
Product-ubuntu_linuxdebian_linuxfedorabindleapBIND9
CWE ID-CWE-617
Reachable Assertion
CVE-2019-6469
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-5.9||MEDIUM
EPSS-1.06% / 77.86%
||
7 Day CHG~0.00%
Published-09 Oct, 2019 | 14:17
Updated-17 Sep, 2024 | 01:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BIND Supported Preview Edition can exit with an assertion failure if ECS is in use

An error in the EDNS Client Subnet (ECS) feature for recursive resolvers can cause BIND to exit with an assertion failure when processing a response that has malformed RRSIGs. Versions affected: BIND 9.10.5-S1 -> 9.11.6-S1 of BIND 9 Supported Preview Edition.

Action-Not Available
Vendor-Internet Systems Consortium, Inc.
Product-bindBIND 9 Supported Preview Edition
CWE ID-CWE-617
Reachable Assertion
CVE-2019-6468
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-5.3||MEDIUM
EPSS-1.06% / 77.86%
||
7 Day CHG~0.00%
Published-09 Oct, 2019 | 14:17
Updated-16 Sep, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BIND Supported Preview Edition can exit with an assertion failure if nxdomain-redirect is used

In BIND Supported Preview Edition, an error in the nxdomain-redirect feature can occur in versions which support EDNS Client Subnet (ECS) features. In those versions which have ECS support, enabling nxdomain-redirect is likely to lead to BIND exiting due to assertion failure. Versions affected: BIND Supported Preview Edition version 9.10.5-S1 -> 9.11.5-S5. ONLY BIND Supported Preview Edition releases are affected.

Action-Not Available
Vendor-Internet Systems Consortium, Inc.
Product-bindBIND 9 Supported Preview Edition
CWE ID-CWE-617
Reachable Assertion
CVE-2020-8621
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-7.5||HIGH
EPSS-4.88% / 89.69%
||
7 Day CHG~0.00%
Published-21 Aug, 2020 | 20:50
Updated-16 Sep, 2024 | 16:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Attempting QNAME minimization after forwarding can lead to an assertion failure in resolver.c

In BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3, If a server is configured with both QNAME minimization and 'forward first' then an attacker who can send queries to it may be able to trigger the condition that will cause the server to crash. Servers that 'forward only' are not affected.

Action-Not Available
Vendor-Canonical Ltd.openSUSEInternet Systems Consortium, Inc.NetApp, Inc.Synology, Inc.
Product-ubuntu_linuxdns_serverbindleapsteelstore_cloud_integrated_storageBIND9
CWE ID-CWE-617
Reachable Assertion
CVE-2023-27783
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.30% / 79.98%
||
7 Day CHG~0.00%
Published-16 Mar, 2023 | 00:00
Updated-26 Feb, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue found in TCPreplay tcprewrite v.4.4.3 allows a remote attacker to cause a denial of service via the tcpedit_dlt_cleanup function at plugins/dlt_plugins.c.

Action-Not Available
Vendor-n/aBroadcom Inc.
Product-tcpreplayn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2019-25037
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.03% / 77.53%
||
7 Day CHG~0.00%
Published-27 Apr, 2021 | 05:17
Updated-19 Nov, 2024 | 14:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unbound before 1.9.5 allows an assertion failure and denial of service in dname_pkt_copy via an invalid packet. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited

Action-Not Available
Vendor-nlnetlabsn/aDebian GNU/Linux
Product-unbounddebian_linuxn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2019-25036
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.02% / 77.47%
||
7 Day CHG~0.00%
Published-27 Apr, 2021 | 05:17
Updated-05 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unbound before 1.9.5 allows an assertion failure and denial of service in synth_cname. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited

Action-Not Available
Vendor-nlnetlabsn/aDebian GNU/Linux
Product-unbounddebian_linuxn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2023-27789
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.39% / 59.90%
||
7 Day CHG~0.00%
Published-16 Mar, 2023 | 00:00
Updated-26 Feb, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the cidr2cidr function at the cidr.c:178 endpoint.

Action-Not Available
Vendor-n/aBroadcom Inc.
Product-tcpreplayn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2019-18844
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.54% / 67.74%
||
7 Day CHG~0.00%
Published-13 Nov, 2019 | 19:12
Updated-05 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Device Model in ACRN before 2019w25.5-140000p relies on assert calls in devicemodel/hw/pci/core.c and devicemodel/include/pci_core.h (instead of other mechanisms for propagating error information or diagnostic information), which might allow attackers to cause a denial of service (assertion failure) within pci core. This is fixed in 1.2. 6199e653418e is a mitigation for pre-1.1 versions, whereas 2b3dedfb9ba1 is a mitigation for 1.1.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-acrnn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2023-27788
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.35% / 57.85%
||
7 Day CHG~0.00%
Published-16 Mar, 2023 | 00:00
Updated-26 Feb, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue found in TCPrewrite v.4.4.3 allows a remote attacker to cause a denial of service via the ports2PORT function at the portmap.c:69 endpoint.

Action-Not Available
Vendor-n/aBroadcom Inc.
Product-tcpreplayn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2024-39949
Matching Score-4
Assigner-Dahua Technologies
ShareView Details
Matching Score-4
Assigner-Dahua Technologies
CVSS Score-7.5||HIGH
EPSS-0.53% / 67.20%
||
7 Day CHG~0.00%
Published-31 Jul, 2024 | 03:42
Updated-30 Sep, 2025 | 11:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been found in Dahua products.Ā Attackers can send carefully crafted data packets to the interface with vulnerabilities, causing the device to crash.

Action-Not Available
Vendor-Dahua Technology Co., Ltd
Product-nvr4432-16p-4ks2\/i_firmwarenvr4208-8p-4ks3nvr4208-8p-4ks2\/l_firmwarenvr4232-4ks2\/l_firmwarenvr4108-4ks3nvr4108-4ks2\/lnvr4204-p-4ks2\/l_firmwarenvr4108hs-4ks3_firmwarenvr4232-4ks3nvr4232-16p-4ks3_firmwarenvr4232-16p-4ks3nvr4104-4ks3_firmwarenvr4816-16p-4ks2\/i_firmwarenvr4108-4ks2\/l_firmwarenvr4108-8p-4ks2\/l_firmwarenvr4104hs-p-4ks3nvr4216-4ks2\/lnvr4116hs-8p-4ks3_firmwarenvr4416-4ks2\/invr4816-16p-4ks2\/invr4104hs-4ks2\/l_firmwarenvr4108-8p-4ks3_firmwarenvr4204-p-4ks2\/lnvr4104hs-p-4ks3\(960g\)nvr4416-4ks2\/i_firmwarenvr4104-4ks3nvr4832-4ks2\/i_firmwarenvr4104-p-4ks3nvr4232-16p-4ks2\/lnvr4108-p-4ks3nvr4108-4ks3_firmwarenvr4108hs-4ks2\/lnvr4204-4ks3_firmwarenvr4204-4ks2\/lnvr4108hs-4ks2\/l_firmwarenvr4232-16p-4ks2\/l_firmwarenvr4108hs-8p-4ks3_firmwarenvr4832-16p-4ks2\/i_firmwarenvr4216-16p-4ks3_firmwarenvr4116hs-8p-4ks2\/lnvr4108hs-p-4ks2\/lnvr4104-p-4ks2\/lnvr4104hs-p-4ks3_firmwarenvr4104-p-4ks3_firmwarenvr4432-4ks2\/invr4208-4ks3nvr4208-4ks2\/l_firmwarenvr4208-8p-4ks3_firmwarenvr4104-4ks2\/l_firmwarenvr4204-p-4ks3_firmwarenvr4204-p-4ks3nvr4108hs-8p-4ks2\/lnvr4116-4ks3nvr4104hs-4ks2\/lnvr4108hs-4ks3\(960g\)nvr4104-p-4ks3\(960g\)nvr4216-4ks3nvr4104hs-4ks3\(960g\)_firmwarenvr4432-16p-4ks2\/invr4216-4ks3_firmwarenvr4232-4ks2\/lnvr4816-4ks2\/i_firmwarenvr4108hs-p-4ks3nvr4208-4ks2\/lnvr4116hs-4ks3nvr4816-4ks2\/invr4108-8p-4ks3nvr4108-p-4ks2\/l_firmwarenvr4216-16p-4ks2\/lnvr4416-16p-4ks2\/i_firmwarenvr4108hs-4ks3nvr4116-4ks2\/l_firmwarenvr4204-4ks2\/l_firmwarenvr4104hs-4ks3nvr4116hs-8p-4ks3nvr4104hs-p-4ks3\(960g\)_firmwarenvr4108hs-4ks3\(960g\)_firmwarenvr4108-p-4ks2\/lnvr4104-4ks2\/lnvr4116-8p-4ks3_firmwarenvr4208-8p-4ks2\/lnvr4116hs-4ks2\/lnvr4216-16p-4ks3nvr4116-8p-4ks3nvr4432-4ks2\/i_firmwarenvr4208-4ks3_firmwarenvr4832-16p-4ks2\/invr4108hs-8p-4ks3nvr4108hs-p-4ks2\/l_firmwarenvr4104-p-4ks3\(960g\)_firmwarenvr4104hs-4ks3\(960g\)nvr4104hs-p-4ks2\/lnvr4216-4ks2\/l_firmwarenvr4116-4ks2\/lnvr4116-8p-4ks2\/lnvr4108-8p-4ks2\/lnvr4116hs-8p-4ks2\/l_firmwarenvr4216-16p-4ks2\/l_firmwarenvr4232-4ks3_firmwarenvr4116hs-4ks3_firmwarenvr4104-p-4ks2\/l_firmwarenvr4108hs-8p-4ks2\/l_firmwarenvr4116-4ks3_firmwarenvr4116hs-4ks2\/l_firmwarenvr4108hs-p-4ks3_firmwarenvr4832-4ks2\/invr4116-8p-4ks2\/l_firmwarenvr4104hs-p-4ks2\/l_firmwarenvr4416-16p-4ks2\/invr4104hs-4ks3_firmwarenvr4204-4ks3nvr4108-p-4ks3_firmwareNVR4XXXnvr4xxx_firmware
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-617
Reachable Assertion
CVE-2017-13752
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.01% / 77.35%
||
7 Day CHG~0.00%
Published-29 Aug, 2017 | 06:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a reachable assertion abort in the function jpc_dequantize() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack.

Action-Not Available
Vendor-n/aJasPerFedora Project
Product-jasperfedoran/a
CWE ID-CWE-617
Reachable Assertion
CVE-2020-3651
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.24% / 47.81%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-04 Aug, 2024 | 07:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Active command timeout since WM status change cmd is not removed from active queue if peer sends multiple deauth frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCM2150, QCN7605, QCS605, QM215, SC8180X, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwareqcm2150_firmwaremdm9640_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaremsm8909w_firmwaremsm8996ausdm429w_firmwareapq8009_firmwaremsm8917qcs605_firmwaresc8180xmdm9206qca9379_firmwareqca6174asdx24_firmwaresdm636qca9377qcn7605mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwareqca6574au_firmwaresdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009apq8053_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwaresdx20qcm2150msm8920_firmwaresdm630mdm9607_firmwaresdm660sc8180x_firmwareqca6574auqm215mdm9607apq8017_firmwareqcn7605_firmwaremsm8937mdm9207c_firmwaremsm8905mdm9207cqca6174a_firmwaresm8150_firmwareapq8096ausdm439_firmwaresdm630_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940apq8053apq8096au_firmwaremsm8917_firmwaresm8150sdx20_firmwareapq8017qca9379sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-617
Reachable Assertion
CVE-2020-3645
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.37% / 58.93%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 15:05
Updated-04 Aug, 2024 | 07:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Firmware will hit assert in WLAN firmware If encrypted data length in FILS IE of reassoc response is more than 528 bytes in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ6018, IPQ8074, Kamorta, Nicobar, QCA6390, QCA8081, QCN7605, QCS404, QCS405, QCS605, Rennell, SC7180, SC8180X, SDA845, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm850_firmwarekamorta_firmwaresdm845qcs404_firmwaresc8180x_firmwareqcs405sm7150_firmwareipq8074_firmwaresdm710sc7180_firmwaresm6150sdm710_firmwaresm7150qca6390_firmwareqcn7605_firmwaresdm670qca8081sxr2130sc8180xqcs605_firmwareipq6018sdm670_firmwareqcs404sm8150_firmwaresxr2130_firmwareipq8074qcs405_firmwarerennellsc7180sda845_firmwareqcn7605rennell_firmwareqca6390ipq6018_firmwareqcs605sm6150_firmwaresm8150sdm850sxr1130_firmwarekamortaqca8081_firmwarenicobar_firmwaresxr1130sda845nicobarsdm845_firmwareSnapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-617
Reachable Assertion
CVE-2020-36230
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.55% / 87.84%
||
7 Day CHG~0.00%
Published-25 Jan, 2021 | 09:43
Updated-04 Aug, 2024 | 17:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service.

Action-Not Available
Vendor-openldapn/aThe Apache Software FoundationApple Inc.Debian GNU/Linux
Product-debian_linuxbookkeepermac_os_xopenldapmacosn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2026-4046
Matching Score-4
Assigner-GNU C Library
ShareView Details
Matching Score-4
Assigner-GNU C Library
CVSS Score-7.5||HIGH
EPSS-0.08% / 23.54%
||
7 Day CHG+0.01%
Published-30 Mar, 2026 | 17:16
Updated-20 Apr, 2026 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
iconv crash due to assertion failure with untrusted input

The iconv() function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application. This vulnerability can be trivially mitigated by removing the IBM1390 and IBM1399 character sets from systems that do not need them.

Action-Not Available
Vendor-The GNU C LibraryGNU
Product-glibcglibc
CWE ID-CWE-617
Reachable Assertion
CVE-2011-3596
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-13.88% / 94.39%
||
7 Day CHG~0.00%
Published-25 Nov, 2019 | 23:53
Updated-06 Aug, 2024 | 23:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Polipo before 1.0.4.1 suffers from a DoD vulnerability via specially-crafted HTTP POST / PUT request.

Action-Not Available
Vendor-polipo_projectpolipoDebian GNU/Linux
Product-debian_linuxpolipopolipo
CWE ID-CWE-617
Reachable Assertion
CVE-2019-10894
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-12.65% / 94.07%
||
7 Day CHG~0.00%
Published-09 Apr, 2019 | 03:50
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This was addressed in epan/dissectors/packet-gssapi.c by ensuring that a valid dissector is called.

Action-Not Available
Vendor-n/aWireshark FoundationDebian GNU/LinuxCanonical Ltd.Fedora ProjectopenSUSE
Product-ubuntu_linuxdebian_linuxfedorawiresharkleapn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2025-21452
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.04% / 12.20%
||
7 Day CHG~0.00%
Published-06 Aug, 2025 | 07:25
Updated-20 Aug, 2025 | 19:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reachable Assertion in Modem

Transient DOS while processing a random-access response (RAR) with an invalid PDU length on LTE network.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055_firmwaresnapdragon_778g_5g_mobile_platform_firmwareqca6421_firmwaresm7325p_firmwarewsa8810_firmwareqcm5430_firmwaresdx57mfastconnect_6700wcd9395qca6431_firmwareqca6696snapdragon_855\+\/860_mobile_platform_\(sm8150-ac\)_firmwaresdx55_firmwaresnapdragon_auto_5g_modem-rfqca6391qca6174a_firmwarewcd9378sm6650_firmwaresnapdragon_865_5g_mobile_platform_firmwaresnapdragon_765g_5g_mobile_platform_\(sm7250-ab\)wsa8835_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareqca6698aq_firmwaresnapdragon_768g_5g_mobile_platform_\(sm7250-ac\)qcm6490_firmwaresnapdragon_xr2_5g_platform_firmwaresnapdragon_auto_5g_modem-rf_firmwaresm7635wcn7861_firmwareqca6426wcn6450qcs6490qca6574a_firmwaresnapdragon_695_5g_mobile_platformsnapdragon_865_5g_mobile_platformwcd9370snapdragon_690_5g_mobile_platform_firmwaresd855snapdragon_780g_5g_mobile_platform_firmwareqca8337qca6436_firmwareqcm5430wcn7861snapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)_firmwarewcd9380snapdragon_888\+_5g_mobile_platform_\(sm8350-ac\)_firmwarefastconnect_6800_firmwarewsa8815_firmwarefastconnect_6900_firmwareqca6391_firmwarewcd9375snapdragon_780g_5g_mobile_platformsnapdragon_782g_mobile_platform_\(sm7325-af\)qcs5430_firmwaresnapdragon_480_5g_mobile_platformsnapdragon_870_5g_mobile_platform_\(sm8250-ac\)_firmwaresnapdragon_778g\+_5g_mobile_platform_\(sm7325-ae\)_firmwaresnapdragon_480\+_5g_mobile_platform_\(sm4350-ac\)_firmwaresdx57m_firmwareqca6574au315_5g_iot_modem_firmwarewcn3988qcm6490snapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)wcd9360sdx55snapdragon_888\+_5g_mobile_platform_\(sm8350-ac\)ar8035sm6370snapdragon_765_5g_mobile_platform_\(sm7250-aa\)_firmwaresnapdragon_855_mobile_platform_firmwarewcd9380_firmwarefastconnect_6200_firmwarewcd9395_firmwarefastconnect_6200snapdragon_x35_5g_modem-rf_systemqca6574asnapdragon_855\+\/860_mobile_platform_\(sm8150-ac\)wcn6740_firmwarewsa8830_firmwarewcd9375_firmwaresnapdragon_4_gen_1_mobile_platformsm6650ar8035_firmwarewsa8832_firmwareqcs5430snapdragon_xr2_5g_platformwsa8835sxr2130315_5g_iot_modemsnapdragon_855_mobile_platformqca8337_firmwarewsa8830wsa8832sm7325pfastconnect_6800wcn3988_firmwaresm7250pqca6426_firmwaresnapdragon_768g_5g_mobile_platform_\(sm7250-ac\)_firmwaresd865_5g_firmwarewcd9385qca6595au_firmwareqca6696_firmwaresnapdragon_480_5g_mobile_platform_firmwarewcd9385_firmwarewcn6650_firmwarevideo_collaboration_vc3_platform_firmwarefsm10055snapdragon_480\+_5g_mobile_platform_\(sm4350-ac\)sm7250p_firmwareqca6421wcn6740qca6436wcd9370_firmwareqca6574au_firmwarewsa8815snapdragon_888_5g_mobile_platformwcn6755fastconnect_6700_firmwareqca6595ausm6370_firmwaresnapdragon_765g_5g_mobile_platform_\(sm7250-ab\)_firmwareqep8111wcd9341wsa8810snapdragon_888_5g_mobile_platform_firmwaresnapdragon_870_5g_mobile_platform_\(sm8250-ac\)wcn6650sxr2130_firmwarewcn7881_firmwaresnapdragon_695_5g_mobile_platform_firmwaresnapdragon_690_5g_mobile_platformsd855_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewcd9340wcd9360_firmwarevideo_collaboration_vc3_platformsd865_5gsnapdragon_4_gen_1_mobile_platform_firmwarewcd9340_firmwarewcn6450_firmwareqca6431fastconnect_6900snapdragon_778g\+_5g_mobile_platform_\(sm7325-ae\)snapdragon_782g_mobile_platform_\(sm7325-af\)_firmwareqep8111_firmwarewcd9341_firmwaresnapdragon_765_5g_mobile_platform_\(sm7250-aa\)wcn7881snapdragon_x35_5g_modem-rf_system_firmwareqca6174awcd9378_firmwareqca6698aqqcs6490_firmwaresnapdragon_x55_5g_modem-rf_systemsm7635_firmwaresnapdragon_778g_5g_mobile_platformwcn6755_firmwaresnapdragon_7c\+_gen_3_computeSnapdragon
CWE ID-CWE-617
Reachable Assertion
CVE-2017-3139
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-7.5||HIGH
EPSS-0.72% / 72.77%
||
7 Day CHG~0.00%
Published-09 Apr, 2019 | 17:07
Updated-05 Aug, 2024 | 14:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service flaw was found in the way BIND handled DNSSEC validation. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response.

Action-Not Available
Vendor-Red Hat, Inc.
Product-enterprise_linux_server_ausenterprise_linux_server_tusenterprise_linux_server_eusBIND
CWE ID-CWE-617
Reachable Assertion
CVE-2024-4076
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-7.5||HIGH
EPSS-0.11% / 28.71%
||
7 Day CHG~0.00%
Published-23 Jul, 2024 | 14:40
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Assertion failure when serving both stale cache data and authoritative zone content

Client queries that trigger serving stale data and that also require lookups in local authoritative zone data may result in an assertion failure. This issue affects BIND 9 versions 9.16.13 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.33-S1 through 9.11.37-S1, 9.16.13-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.27-S1.

Action-Not Available
Vendor-Internet Systems Consortium, Inc.
Product-BIND 9bind
CWE ID-CWE-617
Reachable Assertion
CVE-2025-20666
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.86% / 75.21%
||
7 Day CHG~0.00%
Published-05 May, 2025 | 02:49
Updated-17 Feb, 2026 | 15:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Modem, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00650610; Issue ID: MSV-2933.

Action-Not Available
Vendor-MediaTek Inc.
Product-mt8666mt8673mt6853tmt8791tmt6883nr15mt6855mt8771mt6833pmt2735mt6890mt6893mt6877tmt6877mt6875tmt6853mt6891mt8675mt8795tmt8797mt8798mt6875mt8791mt6885mt6855tmt6833mt8667mt6889mt6873mt6877ttmt6880MT2735, MT6833, MT6833P, MT6853, MT6853T, MT6855, MT6855T, MT6873, MT6875, MT6875T, MT6877, MT6877T, MT6877TT, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT8666, MT8667, MT8673, MT8675, MT8771, MT8791, MT8791T, MT8795T, MT8797, MT8798
CWE ID-CWE-617
Reachable Assertion
CVE-2025-15530
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.06% / 17.87%
||
7 Day CHG+0.01%
Published-17 Jan, 2026 | 11:02
Updated-23 Feb, 2026 | 09:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Open5GS s11-handler.c assertion

A vulnerability was determined in Open5GS up to 2.7.6. This affects the function sgwc_s11_handle_create_indirect_data_forwarding_tunnel_request of the file /src/sgwc/s11-handler.c. Executing a manipulation can lead to reachable assertion. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. The issue report is flagged as already-fixed.

Action-Not Available
Vendor-open5gsn/a
Product-open5gsOpen5GS
CWE ID-CWE-617
Reachable Assertion
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • Next
Details not found