Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-8804

Summary
Assigner-VulDB
Assigner Org ID-1af790b2-7ee1-4545-860a-a788eba489b5
Published At-10 Aug, 2025 | 10:02
Updated At-15 Aug, 2025 | 13:44
Rejected At-
Credits

Open5GS AMF ngap_build_downlink_nas_transport assertion

A vulnerability was found in Open5GS up to 2.7.5. Affected by this vulnerability is the function ngap_build_downlink_nas_transport of the component AMF. The manipulation leads to reachable assertion. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.7.6 is able to address this issue. The identifier of the patch is bca0a7b6e01d254f4223b83831162566d4626428. It is recommended to upgrade the affected component.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:VulDB
Assigner Org ID:1af790b2-7ee1-4545-860a-a788eba489b5
Published At:10 Aug, 2025 | 10:02
Updated At:15 Aug, 2025 | 13:44
Rejected At:
▼CVE Numbering Authority (CNA)
Open5GS AMF ngap_build_downlink_nas_transport assertion

A vulnerability was found in Open5GS up to 2.7.5. Affected by this vulnerability is the function ngap_build_downlink_nas_transport of the component AMF. The manipulation leads to reachable assertion. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.7.6 is able to address this issue. The identifier of the patch is bca0a7b6e01d254f4223b83831162566d4626428. It is recommended to upgrade the affected component.

Affected Products
Vendor
n/a
Product
Open5GS
Modules
  • AMF
Versions
Affected
  • 2.7.0
  • 2.7.1
  • 2.7.2
  • 2.7.3
  • 2.7.4
  • 2.7.5
Unaffected
  • 2.7.6
Problem Types
TypeCWE IDDescription
CWECWE-617Reachable Assertion
Type: CWE
CWE ID: CWE-617
Description: Reachable Assertion
Metrics
VersionBase scoreBase severityVector
4.06.9MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
3.15.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C
3.05.3MEDIUM
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C
2.05.0N/A
AV:N/AC:L/Au:N/C:N/I:N/A:P/E:POC/RL:OF/RC:C
Version: 4.0
Base score: 6.9
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
Version: 3.1
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C
Version: 3.0
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C
Version: 2.0
Base score: 5.0
Base severity: N/A
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P/E:POC/RL:OF/RC:C
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
reporter
lixxxiang (VulDB User)
analyst
lixxxiang (VulDB User)
Timeline
EventDate
Advisory disclosed2025-08-09 00:00:00
VulDB entry created2025-08-09 02:00:00
VulDB entry last update2025-08-15 15:47:27
Event: Advisory disclosed
Date: 2025-08-09 00:00:00
Event: VulDB entry created
Date: 2025-08-09 02:00:00
Event: VulDB entry last update
Date: 2025-08-15 15:47:27
Replaced By
Rejected Reason
References
HyperlinkResource
https://vuldb.com/?id.319333
vdb-entry
technical-description
https://vuldb.com/?ctiid.319333
signature
permissions-required
https://vuldb.com/?submit.626124
third-party-advisory
https://vuldb.com/?submit.625698
third-party-advisory
https://github.com/open5gs/open5gs/issues/3950
issue-tracking
https://github.com/open5gs/open5gs/issues/3950#issuecomment-3034693457
issue-tracking
https://github.com/user-attachments/files/21030801/newdata_for_ngap.zip
exploit
https://github.com/open5gs/open5gs/commit/bca0a7b6e01d254f4223b83831162566d4626428
patch
https://github.com/open5gs/open5gs/releases/tag/v2.7.6
patch
https://github.com/ZHENGHAOHELLO/BugReport/blob/main/CVE-2025-8804
related
Hyperlink: https://vuldb.com/?id.319333
Resource:
vdb-entry
technical-description
Hyperlink: https://vuldb.com/?ctiid.319333
Resource:
signature
permissions-required
Hyperlink: https://vuldb.com/?submit.626124
Resource:
third-party-advisory
Hyperlink: https://vuldb.com/?submit.625698
Resource:
third-party-advisory
Hyperlink: https://github.com/open5gs/open5gs/issues/3950
Resource:
issue-tracking
Hyperlink: https://github.com/open5gs/open5gs/issues/3950#issuecomment-3034693457
Resource:
issue-tracking
Hyperlink: https://github.com/user-attachments/files/21030801/newdata_for_ngap.zip
Resource:
exploit
Hyperlink: https://github.com/open5gs/open5gs/commit/bca0a7b6e01d254f4223b83831162566d4626428
Resource:
patch
Hyperlink: https://github.com/open5gs/open5gs/releases/tag/v2.7.6
Resource:
patch
Hyperlink: https://github.com/ZHENGHAOHELLO/BugReport/blob/main/CVE-2025-8804
Resource:
related
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/open5gs/open5gs/issues/3950
exploit
Hyperlink: https://github.com/open5gs/open5gs/issues/3950
Resource:
exploit
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cna@vuldb.com
Published At:10 Aug, 2025 | 10:15
Updated At:15 Aug, 2025 | 14:15

A vulnerability was found in Open5GS up to 2.7.5. Affected by this vulnerability is the function ngap_build_downlink_nas_transport of the component AMF. The manipulation leads to reachable assertion. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.7.6 is able to address this issue. The identifier of the patch is bca0a7b6e01d254f4223b83831162566d4626428. It is recommended to upgrade the affected component.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.05.5MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Secondary3.15.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Secondary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Type: Secondary
Version: 4.0
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Secondary
Version: 3.1
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
open5gs
open5gs
>>open5gs>>Versions before 2.7.6(exclusive)
cpe:2.3:a:open5gs:open5gs:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-617Secondarycna@vuldb.com
CWE ID: CWE-617
Type: Secondary
Source: cna@vuldb.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/ZHENGHAOHELLO/BugReport/blob/main/CVE-2025-8804cna@vuldb.com
N/A
https://github.com/open5gs/open5gs/commit/bca0a7b6e01d254f4223b83831162566d4626428cna@vuldb.com
Patch
https://github.com/open5gs/open5gs/issues/3950cna@vuldb.com
Issue Tracking
https://github.com/open5gs/open5gs/issues/3950#issuecomment-3034693457cna@vuldb.com
Issue Tracking
https://github.com/open5gs/open5gs/releases/tag/v2.7.6cna@vuldb.com
Release Notes
https://github.com/user-attachments/files/21030801/newdata_for_ngap.zipcna@vuldb.com
Exploit
https://vuldb.com/?ctiid.319333cna@vuldb.com
Permissions Required
VDB Entry
https://vuldb.com/?id.319333cna@vuldb.com
Third Party Advisory
VDB Entry
https://vuldb.com/?submit.625698cna@vuldb.com
N/A
https://vuldb.com/?submit.626124cna@vuldb.com
Third Party Advisory
VDB Entry
https://github.com/open5gs/open5gs/issues/3950134c704f-9b21-4f2e-91b3-4a467353bcc0
Issue Tracking
Hyperlink: https://github.com/ZHENGHAOHELLO/BugReport/blob/main/CVE-2025-8804
Source: cna@vuldb.com
Resource: N/A
Hyperlink: https://github.com/open5gs/open5gs/commit/bca0a7b6e01d254f4223b83831162566d4626428
Source: cna@vuldb.com
Resource:
Patch
Hyperlink: https://github.com/open5gs/open5gs/issues/3950
Source: cna@vuldb.com
Resource:
Issue Tracking
Hyperlink: https://github.com/open5gs/open5gs/issues/3950#issuecomment-3034693457
Source: cna@vuldb.com
Resource:
Issue Tracking
Hyperlink: https://github.com/open5gs/open5gs/releases/tag/v2.7.6
Source: cna@vuldb.com
Resource:
Release Notes
Hyperlink: https://github.com/user-attachments/files/21030801/newdata_for_ngap.zip
Source: cna@vuldb.com
Resource:
Exploit
Hyperlink: https://vuldb.com/?ctiid.319333
Source: cna@vuldb.com
Resource:
Permissions Required
VDB Entry
Hyperlink: https://vuldb.com/?id.319333
Source: cna@vuldb.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://vuldb.com/?submit.625698
Source: cna@vuldb.com
Resource: N/A
Hyperlink: https://vuldb.com/?submit.626124
Source: cna@vuldb.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://github.com/open5gs/open5gs/issues/3950
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Resource:
Issue Tracking

Change History

0
Information is not available yet

Similar CVEs

341Records found
CVE-2017-13749
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.01% / 76.19%
||
7 Day CHG~0.00%
Published-29 Aug, 2017 | 06:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a reachable assertion abort in the function jpc_pi_nextrpcl() in jpc/jpc_t2cod.c in JasPer 2.0.12 that will lead to a remote denial of service attack.

Action-Not Available
Vendor-n/aFedora ProjectJasPer
Product-fedorajaspern/a
CWE ID-CWE-617
Reachable Assertion
CVE-2017-12959
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.47% / 63.66%
||
7 Day CHG~0.00%
Published-18 Aug, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a reachable assertion abort in the function dict_add_mrset() in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to a remote denial of service attack.

Action-Not Available
Vendor-n/aGNU
Product-psppn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2021-40083
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.84% / 73.77%
||
7 Day CHG~0.00%
Published-25 Aug, 2021 | 00:21
Updated-04 Aug, 2024 | 02:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Knot Resolver before 5.3.2 is prone to an assertion failure, triggerable by a remote attacker in an edge case (NSEC3 with too many iterations used for a positive wildcard proof).

Action-Not Available
Vendor-nicn/a
Product-knot_resolvern/a
CWE ID-CWE-617
Reachable Assertion
CVE-2020-11274
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.24% / 47.69%
||
7 Day CHG~0.00%
Published-07 May, 2021 | 09:10
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in MODEM due to assert to the invalid configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qca9377_firmwarefsm10055qpm5679_firmwaresm6250p_firmwareqcs610qpm5620_firmwareqca8337qdm2307qca6431_firmwareqfs2608_firmwareqfs2530qpm8870_firmwareqpa8802wcd9360_firmwareqpm6585_firmwarepm6125qat3519qbt2000_firmwareqat5522_firmwarepm855a_firmwarewcn3950_firmwarepm8150asc8180x\+sdx55qtc800hqdm5670sdr8250_firmwareqca6595au_firmwareqpa5581_firmwarepm7150lqpa8821pm8998_firmwareqdm5671pmc1000hqpm4650_firmwareqcs6125_firmwareqat3518sd8cpm456_firmwareqpa5580_firmwaresa415mwcn3998wcd9371_firmwaresmr526_firmwarewcn3950sd720gpm640a_firmwareqsw8573_firmwareqdm2305_firmwareqpm5670_firmwareqsw8574_firmwaresmb2351_firmwareqdm5652sd6905gqpa4360_firmwareqca6574au_firmwareqpm8870wcd9375_firmwarewcn3998_firmwareqpm5679qbt2000pm855pqca6420wcd9360pm6150aqpm6670_firmwarepmx50_firmwareqpa8675_firmwarewhs9410_firmwaresdr735gpm8150bqdm3301_firmwareqsm7250qcs6125sa8155_firmwareqca6430qat3522pmr735awcd9340sd765gqdm2308_firmwarefsm10056_firmwaresdr660qca6436wcn6851qpa6560qfs2630_firmwaresdr675_firmwaresdr865qdm5620_firmwarewcd9341qdm4643_firmwareqca6431qca6696_firmwareqln5020wcd9371sd870_firmwareqet4100_firmwaresd750gpmm855au_firmwarewcn3910_firmwareqpm5657pm6350qdm5621qpm5875_firmwarewsa8830_firmwaresd855_firmwareqdm5650wcn3988pm640p_firmwaresdr052smb1390qat5516_firmwarepm6150lsd8885gpm855l_firmwareqet4100qpa8686_firmwareqpm6585qtc410swcn3991qca8337_firmwarewcd9380_firmwaresmb1355qln4650qpa8801sdr735g_firmwareqat5568qet5100qdm5671_firmwareqpa8801_firmwareqca6564aupm8150l_firmwareqat5533_firmwaresdx55m_firmwareqtm527_firmwarewcn6856_firmwarepm8005_firmwaresdxr25gqpa8673_firmwarepm6150qet4101_firmwarepm7250bqln4642_firmwareqfs2630qpa8842sdr052_firmwarewcd9380smb1355_firmwarepm7250b_firmwaresmb1351_firmwareqln4640qcs410smb1380_firmwarepmk8350_firmwaresmb1381pm855p_firmwaresdx50m_firmwaresdr735pm7250smb1395qpa8803sdx24_firmwaresmr526qca6430_firmwarepmk8003qtc801s_firmwarewcn3980qat3522_firmwaresdxr25g_firmwareqdm2301qsw8573wcd9340_firmwarewsa8815wcn6850wcn3910qdm5621_firmwareqdm2301_firmwareqca6426_firmwarepm8350_firmwarepm8009wcn3980_firmwareqpa8675sd730sdr051_firmwaresdx55mpm6250_firmwareqca6421_firmwarepm8008pm8350b_firmwareqtm525_firmwareqat3518_firmwareqsw8574pmi8998sd6905g_firmwaresd678_firmwareqpm5621_firmwarepm855lqln1021aq_firmwarewcn6851_firmwareqdm5670_firmwareqpa6560_firmwaresd8655gqpa8802_firmwareqln4640_firmwarepm7150a_firmwarepm8150b_firmwareqpm5621qpm6582pmc1000h_firmwarepm8009_firmwareqdm2310_firmwareqfs2580_firmwaresd480sd870wcn6855sd8885g_firmwarepm8150lpmi8998_firmwareqcs610_firmwareqdm5677pm8005pm855_firmwareqdm2302pmx60_firmwarepm855b_firmwareqpm6582_firmwareqca6391_firmwarepm640l_firmwarepm8150wcd9370_firmwareqln4650_firmwareqat3516_firmwareqpm5875sdx55qet5100msa8155psd675qet4101qat3555_firmwareqat3516qpa8803_firmwareqpm5658pm855bsmb2351qln1031qpm5658_firmwareqpm5870wcn3991_firmwareqdm5652_firmwarewsa8830sd678sdr051qet6110_firmwareqln5030pm6125_firmwareqbt1500fsm10056qpa5581pmi632qpa2625_firmwarepm456csrb31024pm8350bh_firmwarepmr735b_firmwarepmx24_firmwarefsm10055_firmwareqbt1500_firmwareqpm5870_firmwareqet5100_firmwareqpm4621qet6100_firmwareqet6100pmm855ausd765g_firmwareqpa8686qca6420_firmwareqca6390_firmwaresmb1396sd730_firmwarepm7150awcd9370sd675_firmwarepm8350qpa5461_firmwareqpa4361_firmwarepm8350c_firmwarepmr525_firmwareqca6426qca6584au_firmwarewcn3990_firmwareqca9377qpm5641pmi632_firmwarewcd9385_firmwareqdm5650_firmwarewhs9410qat5516pm7250_firmwaresdr845_firmwareqdm5620qln1021aqsmb1380qpa8821_firmwarepm8350bhpmk8002_firmwareqsw6310_firmwarepm3003asa8155qln1031_firmwareqdm4650_firmwaresdx55_firmwareqat5533qca6595ausm7250p_firmwareqca6436_firmwareqsm7250_firmwareqpm6670pm7150l_firmwareqca6564au_firmwareqca6584auqdm2305qpm8820qpm4641qat5515_firmwareqln5020_firmwaresa515m_firmwarepm855qpm8830_firmwarepm8250smb1398qdm4643qfs2530_firmwaresa415m_firmwarepmx55qpm4641_firmwarewcn3988_firmwaresdr675pm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresdr735_firmwaresm6250wsa8810_firmwareqpm5677qat5515sd765_firmwareqdm5677_firmwarepm6350_firmwarepm8004_firmwareqca6174a_firmwaresdr8150_firmwarewcd9385qtc800h_firmwareqdm2302_firmwareqpm5620qat3550_firmwareqln5040_firmwareqpm4630qca6390wcd9375sd750g_firmwareaqt1000qpa8673sc8180x\+sdx55_firmwaresm6250_firmwareqdm2310qln5030_firmwareqln4642qpm5677_firmwarewsa8815_firmwaresmb1396_firmwaresmr525_firmwarepm8998wcn6850_firmwarewsa8835_firmwareqpm8820_firmwareqpm6621_firmwarepmx24qcm6125_firmwareqet6110qln5040qpm8895sdr845qpm5670wcn3990pmx55_firmwareqtm527pmk8350pm8150_firmwaresdx24smb1398_firmwareqpm8830pm8350bqat5522qdm2307_firmwarewsa8835pm8150cpmr735bsd665_firmwareqpm5657_firmwaresm6250pqpa4360pm855apmk8003_firmwaresdr660_firmwareqpa4361qca6574aqpm4640_firmwarewcn6855_firmwaresmb1390_firmwareqdm5679_firmwareqca6174apm8350csmr525qpm4640pm6150l_firmwarepmr525pm8150a_firmwareqet5100m_firmwareqpm4650qtm525sa515mqln1036aq_firmwaresd855sd8cxsd665pm6150a_firmwarepm6150_firmwaresd765pm640pqca6574a_firmwareqpm4630_firmwaresd768g_firmwaresdr865_firmwareqat3555pm8250_firmwarepmx60qca6391sd8cx_firmwaresmb1351qpa5461aqt1000_firmwaresd8c_firmwareqpm8895_firmwarecsrb31024_firmwaresdx50mpm640aqfs2608sdr8150sd480_firmwareqln1036aqqtc801ssmb1395_firmwareqdm4650qca6574auqpm5641_firmwaresa8155p_firmwareqsw6310pm8008_firmwaresd8655g_firmwarewcd9341_firmwareqcm6125qpm6621wsa8810qtc410s_firmwarepmr735a_firmwareqat5568_firmwareqdm2308pmx50qat3550wcn6856qdm5679sdr8250sd768gpm3003a_firmwareqca6696smb1381_firmwaresd845_firmwarepm8004pm640lpmk8002qpa2625sd845sm7250psd720g_firmwareqpm4621_firmwareqcs410_firmwarepm6250qpa5580Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-617
Reachable Assertion
CVE-2017-13746
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.64% / 81.17%
||
7 Day CHG~0.00%
Published-29 Aug, 2017 | 06:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1297 in JasPer 2.0.12 that will lead to a remote denial of service attack.

Action-Not Available
Vendor-n/aFedora ProjectJasPer
Product-fedorajaspern/a
CWE ID-CWE-617
Reachable Assertion
CVE-2017-13745
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.48% / 64.12%
||
7 Day CHG~0.00%
Published-29 Aug, 2017 | 06:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a reachable assertion abort in the function jpc_dec_process_sot() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack by triggering an unexpected jpc_ppmstabtostreams return value, a different vulnerability than CVE-2018-9154.

Action-Not Available
Vendor-n/aJasPer
Product-jaspern/a
CWE ID-CWE-617
Reachable Assertion
CVE-2017-7539
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-5.3||MEDIUM
EPSS-1.79% / 81.97%
||
7 Day CHG~0.00%
Published-26 Jul, 2018 | 14:00
Updated-05 Aug, 2024 | 16:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An assertion-failure flaw was found in Qemu before 2.10.1, in the Network Block Device (NBD) server's initial connection negotiation, where the I/O coroutine was undefined. This could crash the qemu-nbd server if a client sent unexpected data during connection negotiation. A remote user or process could use this flaw to crash the qemu-nbd server resulting in denial of service.

Action-Not Available
Vendor-QEMURed Hat, Inc.
Product-openstackvirtualizationqemuenterprise_linuxQemu
CWE ID-CWE-617
Reachable Assertion
CWE ID-CWE-20
Improper Input Validation
CVE-2023-43523
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.14% / 35.23%
||
7 Day CHG~0.00%
Published-06 Feb, 2024 | 05:47
Updated-17 Jun, 2025 | 21:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reachable Assertion in WLAN Firmware

Transient DOS while processing 11AZ RTT management action frame received through OTA.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qam8255p_firmwaresnapdragon_8_gen_1_mobile_platformqca8337qfw7124sg8275p_firmwareipq8173_firmwareqam8775pqcf8001snapdragon_870_5g_mobile_platform_firmwareqcn5124qca4024_firmwarewsa8840immersive_home_318_platform_firmwareipq8078aipq5028_firmwareqca6595au_firmwareqca6554a_firmwareipq8076aqca8386_firmwareqcn6024_firmwareimmersive_home_316_platform_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareqcn6412qca6574au_firmwareqcn5164_firmwareqcn6422_firmwareqca8081_firmwaresnapdragon_xr2\+_gen_1_platformqcn9002ipq8078a_firmwareipq5028wsa8840_firmwareqca6698aqqca0000qcf8001_firmwareipq6010sc8380xp_firmwaresdx65mwcd9340qcn6132qcn9013qca6436qcf8000qca6698aq_firmwareipq5312qca9888_firmwareqam8775p_firmwareqcn6122qca6696_firmwareipq9008_firmwareqcn5154_firmwareqca6797aqqcc710_firmwarewsa8830_firmwaresd865_5g_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwareqcn5022_firmwareimmersive_home_216_platform_firmwareqca8337_firmwarewcd9380_firmwaressg2125pipq8072aipq8076a_firmwareipq8078qca6564auqca8084ipq8173qcm8550qcn9001_firmwareipq9008qcn5164qca6574qcn6402_firmwarecsr8811_firmwarewcd9380ipq9554_firmwareqcn5054_firmwareqcn5024sxr1230psg8275pqca8072_firmwareqcn9012_firmwareqcn5052_firmwareqcn9274_firmwareqfw7114_firmwarewsa8845qcc2073_firmwareipq6018_firmwarewcd9340_firmwarewsa8815snapdragon_865\+_5g_mobile_platformqca6426_firmwaresc8380xpipq6028qcn9024ipq9574_firmwaresnapdragon_xr2\+_gen_1_platform_firmwareimmersive_home_3210_platform_firmwareipq5302wcn6740_firmwaresnapdragon_xr2_5g_platformsnapdragon_x65_5g_modem-rf_systemipq8078_firmwarefastconnect_6900qcn5054snapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwareqca6797aq_firmwareqcn9024_firmwareipq8174_firmwaresnapdragon_8\+_gen_2_mobile_platformwsa8832qcn6412_firmwareipq5332ipq5302_firmwareimmersive_home_326_platformipq6018qcc710immersive_home_214_platformqca6595_firmwarewcd9395qca6391_firmwareimmersive_home_214_platform_firmwareqca4024sm8550p_firmwareqcn6402ssg2115p_firmwareqfw7124_firmwareqam8255par8035_firmwareqcn5024_firmwarewsa8830qcn9070sxr2230p_firmwareqam8650psnapdragon_865_5g_mobile_platformqcn6224_firmwareqca8082qcn9072qca8386ipq6000ssg2115pqcn5152_firmwareqca0000_firmwareqca6426qca6584au_firmwareqcn9000_firmwaresnapdragon_8_gen_2_mobile_platformipq9554wcd9385_firmwareimmersive_home_216_platformimmersive_home_316_platformimmersive_home_318_platformipq8074aqcn5124_firmwareqca8082_firmwaresnapdragon_x55_5g_modem-rf_systemqcn5122_firmwareqca6595auqcn6023_firmwaresnapdragon_8_gen_3_mobile_platformqfw7114wsa8845h_firmwareqca6436_firmwareipq5010qca6564au_firmwareqca6584ausnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareqcn9274snapdragon_870_5g_mobile_platformipq8174qcn9001qcn5052qcs8550_firmwareqcn9074qca8085wsa8810_firmwareqcn6224wsa8845hsnapdragon_ar2_gen_1_platform_firmwaresnapdragon_x75_5g_modem-rf_systemwcd9395_firmwareqca8081ipq8071aqcn6023sdx65m_firmwareipq8071a_firmwareimmersive_home_3210_platformqca8085_firmwaresxr2130_firmwarewcd9385ipq9570ar8035csr8811wcd9390qcn9100_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwarewsa8835_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqca8072qcn9000qcf8000_firmwareqca6554asd865_5gfastconnect_6800qca6595qcn9012immersive_home_326_platform_firmwareqcn6122_firmwarewsa8835sxr1230p_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwaresd_8_gen1_5gqcn6274qcn6422qcn5154qca8075_firmwaressg2125p_firmwareqca6574asxr2130qca9889qcn6132_firmwareqcn9003_firmwareqca9888qcc2076_firmwareipq8070a_firmwareqcn9003ipq8076_firmwareqca6574_firmwaresxr2230pipq8076wsa8845_firmwaresnapdragon_xr2_5g_platform_firmwareqca6574a_firmwareqcn5152snapdragon_x55_5g_modem-rf_system_firmwareqca6391fastconnect_7800qcn9100snapdragon_865\+_5g_mobile_platform_firmwareqcn6274_firmwarewsa8832_firmwareipq9570_firmwareqcn9070_firmwareipq6028_firmwareipq8072a_firmwareqcn6432_firmwareipq5312_firmwareqca6574auqca9889_firmwareipq9574qcn5122fastconnect_7800_firmwarewsa8810ipq5332_firmwaresm8550psnapdragon_8_gen_1_mobile_platform_firmwaresnapdragon_ar2_gen_1_platformqcn5022qcn9013_firmwareqam8650p_firmwareipq6010_firmwarewcn6740qca6696qcs8550qca8075qcn9022_firmwaresnapdragon_8_gen_3_mobile_platform_firmwareqcn6024qcn9022qcc2076wcd9390_firmwareipq8070aqcn9002_firmwareqcn9072_firmwareipq6000_firmwareqcn9074_firmwareqcc2073qcn6432Snapdragon
CWE ID-CWE-617
Reachable Assertion
CVE-2017-7478
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-15.23% / 94.35%
||
7 Day CHG~0.00%
Published-15 May, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OpenVPN version 2.3.12 and newer is vulnerable to unauthenticated Denial of Service of server via received large control packet. Note that this issue is fixed in 2.3.15 and 2.4.2.

Action-Not Available
Vendor-openvpnOpenVPN Technologies, Inc
Product-openvpnopenvpn
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-617
Reachable Assertion
CVE-2017-13752
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.01% / 76.19%
||
7 Day CHG~0.00%
Published-29 Aug, 2017 | 06:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a reachable assertion abort in the function jpc_dequantize() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack.

Action-Not Available
Vendor-n/aFedora ProjectJasPer
Product-fedorajaspern/a
CWE ID-CWE-617
Reachable Assertion
CVE-2017-12960
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.47% / 63.66%
||
7 Day CHG~0.00%
Published-18 Aug, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a reachable assertion abort in the function dict_rename_var() in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service.

Action-Not Available
Vendor-n/aGNU
Product-psppn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2017-13751
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.01% / 76.19%
||
7 Day CHG~0.00%
Published-29 Aug, 2017 | 06:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a reachable assertion abort in the function calcstepsizes() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack.

Action-Not Available
Vendor-n/aFedora ProjectJasPer
Product-fedorajaspern/a
CWE ID-CWE-617
Reachable Assertion
CVE-2017-13747
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.01% / 76.19%
||
7 Day CHG~0.00%
Published-29 Aug, 2017 | 06:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a reachable assertion abort in the function jpc_floorlog2() in jpc/jpc_math.c in JasPer 2.0.12 that will lead to a remote denial of service attack.

Action-Not Available
Vendor-n/aFedora ProjectJasPer
Product-fedorajaspern/a
CWE ID-CWE-617
Reachable Assertion
CVE-2017-11692
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.64% / 69.56%
||
7 Day CHG~0.00%
Published-30 Jul, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The function "Token& Scanner::peek" in scanner.cpp in yaml-cpp 0.5.3 and earlier allows remote attackers to cause a denial of service (assertion failure and application exit) via a '!2' string.

Action-Not Available
Vendor-yaml-cpp_projectn/a
Product-yaml-cppn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2023-43529
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.15% / 36.60%
||
7 Day CHG~0.00%
Published-06 May, 2024 | 14:32
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reachable Assertion in Data Modem

Transient DOS while processing IKEv2 Informational request messages, when a malformed fragment packet is received.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm8550_firmwareqcs410_firmwaresw5100psd865_5gqcs610_firmwarewcd9335wcd9370qca8081_firmwaresnapdragon_7c_gen_2_compute_firmwareqca6696snapdragon_x70_modem-rf_firmwarewcd9340_firmwarewcd9341_firmwarewcd9395_firmwareqcn6024qcc710_firmwareqca6426snapdragon_8\+_gen_1_mobilewcn6740_firmwarefastconnect_6700snapdragon_780g_5g_mobilesnapdragon_750g_5g_mobilesnapdragon_685_4g_mobilesnapdragon_x50_5g_modem-rf_firmwaresnapdragon_782g_mobile_firmwarewsa8832_firmwareqca8337qca6426_firmwarewcd9395snapdragon_auto_4g_modemsnapdragon_665_mobile_firmwaresc8180xp-aaabqca6574au_firmwaresnapdragon_690_5g_mobile_firmwaresnapdragon_x72_5g_modem-rfwcd9341qca6574auwcd9390snapdragon_888\+_5g_mobile_firmwarewsa8810_firmwaresd730_firmwarewsa8845h_firmwarecsra6640snapdragon_778g_5g_mobile_firmwaresc8180xp-acafsd730snapdragon_690_5g_mobilefastconnect_6800_firmwareqcs5430qcn6024_firmwareqcm5430qcm5430_firmwarevideo_collaboration_vc1_platform_firmwareqcm6125_firmwaresnapdragon_678_mobile_firmwareqcc710snapdragon_xr2_5g_firmware315_5g_iot_modem_firmwarefastconnect_6900snapdragon_w5\+_gen_1_wearable_firmwarevideo_collaboration_vc1_platformqep8111qfw7114snapdragon_730_mobile_firmwarewcd9385_firmwareqca6421315_5g_iot_modemwcd9360snapdragon_x65_5g_modem-rfqcs4490snapdragon_730_mobilesnapdragon_680_4g_mobilewsa8845qca6421_firmwareqcm6125sc8180x-adqca6564au_firmwarewsa8810snapdragon_888_5g_mobile_firmwareqca6595ausnapdragon_888_5g_mobilesm7315_firmwaresnapdragon_662_mobile_firmwaresnapdragon_685_4g_mobile_firmwarewsa8840qcs8550_firmwaresnapdragon_730g_mobilesnapdragon_782g_mobilesnapdragon_x35_5g_modem-rf_firmwaresnapdragon_8_gen_2_mobile_firmwaresnapdragon_x55_5g_modem-rfqfw7124_firmwareqca6436_firmwarewcd9371_firmwaresnapdragon_695_5g_mobile_firmwareqcs4490_firmwaresnapdragon_x55_5g_modem-rf_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewcn3910_firmwaresnapdragon_460_mobilesnapdragon_8_gen_2_mobileqca6420wcn3910wcd9370_firmwarecsrb31024qca6574asnapdragon_x72_5g_modem-rf_firmwaresnapdragon_8\+_gen_2_mobileqca6174awcd9340qcm2290snapdragon_auto_5g_modem-rf_gen_2qcm6490sm8550p_firmwareqcm8550wcn3988snapdragon_765_5g_mobile_firmwaresnapdragon_662_mobileqcn9024sd675_firmwaresnapdragon_855_mobile_firmwareqca6430_firmwaresdx57msmart_audio_400qcn9024_firmwarewsa8845hqcs410qcm2290_firmwaresnapdragon_765g_5g_mobile_firmwarewsa8830sm8550psnapdragon_768g_5g_mobile_firmwaresnapdragon_7c_gen_2_computesc8180x\+sdx55_firmwarear8035snapdragon_7c_compute_firmwareqcm4325qcn6224snapdragon_865\+_5g_mobile_firmwaresc8180x\+sdx55qca6698aqwcn3950_firmwaresm6250snapdragon_480\+_5g_mobilefastconnect_6200sm7325p_firmwarewcd9360_firmwaresc8180x-acaf_firmwaresnapdragon_480_5g_mobile_firmwarefastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwarewcn3990snapdragon_x75_5g_modem-rf_firmwaresnapdragon_8_gen_3_mobilesnapdragon_855_mobileqcs6490snapdragon_695_5g_mobilesc8180xp-acaf_firmwaresnapdragon_778g_5g_mobilefastconnect_6200_firmwarewsa8830_firmwaresnapdragon_460_mobile_firmwareqcn6224_firmwareqca6431wsa8845_firmwarewsa8832snapdragon_auto_4g_modem_firmwaresnapdragon_480_5g_mobilesnapdragon_750g_5g_mobile_firmwaresdx57m_firmwaresxr2130_firmwaresnapdragon_860_mobile_firmwaresnapdragon_x35_5g_modem-rfar8035_firmwaresc8180xp-aaab_firmwaresnapdragon_778g\+_5g_mobilesd888_firmwareqca6564auqcs6125_firmwaresc8180xp-adsm6250p_firmwarewsa8815_firmwareqca8337_firmwareqcm4290sg8275p_firmwareqca9377_firmwareqcm6490_firmwaresnapdragon_665_mobilesm7250p_firmwareqcm4490_firmwarewcn3950qcs6125snapdragon_870_5g_mobile_firmwaresnapdragon_730g_mobile_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_7c\+_gen_3_computesnapdragon_732g_mobilesnapdragon_778g\+_5g_mobile_firmwaresmart_audio_400_firmwaresnapdragon_870_5g_mobilesd_675_firmwaresnapdragon_678_mobilesnapdragon_720g_mobilesm7250pcsrb31024_firmwaresc8180x-acafsm6250_firmwaresc8180x-ad_firmwaresnapdragon_7c_computeqca6584ausd888qcn6274_firmwaresnapdragon_675_mobile_firmwaresw5100_firmwarewcn6740snapdragon_768g_5g_mobilesnapdragon_780g_5g_mobile_firmwaresnapdragon_8_gen_3_mobile_firmwarefastconnect_6800qfw7114_firmwarefastconnect_7800_firmwaresnapdragon_675_mobilesnapdragon_865_5g_mobile_firmwarewcd9371fastconnect_6900_firmwarewcd9380snapdragon_xr2_5gsnapdragon_x24_lte_modemsnapdragon_auto_5g_modem-rf_firmwaresc8180x-aaabsc8180x-aaab_firmwaresw5100video_collaboration_vc3_platformaqt1000snapdragon_4_gen_1_mobile_firmwaresd855qca6431_firmwarewcn3990_firmwaresm7315qca6698aq_firmwareqcs2290wcd9385snapdragon_888\+_5g_mobileqcs2290_firmwaresnapdragon_8_gen_1_mobilesnapdragon_680_4g_mobile_firmwareqcs4290wcd9390_firmwaresnapdragon_865\+_5g_mobileqep8111_firmwareqca6430snapdragon_855\+_mobilesg8275psm6250psnapdragon_765_5g_mobilesnapdragon_860_mobilesdx55_firmwaresc8180xp-ad_firmwaresnapdragon_auto_5g_modem-rfsxr2130qcm4490snapdragon_x65_5g_modem-rf_firmwarecsra6640_firmwaresnapdragon_480\+_5g_mobile_firmwareqca6174a_firmwaresm7325psnapdragon_732g_mobile_firmwaresnapdragon_x50_5g_modem-rfqca6420_firmwareaqt1000_firmwareqcs6490_firmwaresd855_firmwarewcd9335_firmwarewcn3980_firmwareqca6436snapdragon_x70_modem-rfqca6584au_firmwaresnapdragon_x24_lte_modem_firmwarewsa8835qca6391_firmwarewsa8840_firmwareqcn6274qfw7124qca6595au_firmwareqcs610sw5100p_firmwareqca6696_firmwareqcs4290_firmwarewcd9380_firmwarecsra6620qca8081wsa8815sg4150pqca9377snapdragon_x75_5g_modem-rfqcm4325_firmwareqca6574a_firmwaresdx55snapdragon_4_gen_1_mobileqcm4290_firmwaresnapdragon_720g_mobile_firmwaresnapdragon_865_5g_mobilesnapdragon_855\+_mobile_firmwaresd675wcd9375_firmwareqca6391qcs5430_firmwaresg4150p_firmwarecsra6620_firmwareqcs8550fastconnect_7800sd865_5g_firmwaresnapdragon_8\+_gen_2_mobile_firmwarewcd9375snapdragon_765g_5g_mobilewcn3988_firmwaresd_675snapdragon_8\+_gen_1_mobile_firmwarewsa8835_firmwarewcn3980snapdragon_w5\+_gen_1_wearablesnapdragon_8_gen_1_mobile_firmwareSnapdragonqcm2290_firmwareaqt1000_firmwareqca6564au_firmwareqca9377_firmwareqca8337_firmwareqcm4490_firmwareqcm8550_firmwareqcn6274_firmwareqcs4490_firmware315_5g_iot_modem_firmwareqcs2290_firmwarecsrb31024_firmwareqcm6490_firmwareqca6431_firmwarefastconnect_6900_firmwareqcs8550_firmwareqcn6224_firmwarefastconnect_6700_firmwareqcn9024_firmwarefastconnect_7800_firmwareqca6420_firmwareqca6595au_firmwareqcm4290_firmwareqcs610_firmwarecsra6620_firmwareqca6698aq_firmwarecsra6640_firmwareqcm5430_firmwareqca6174a_firmwareqcs6125_firmwareqcs4290_firmwareqca6584au_firmwareqep8111_firmwareqca6696_firmwareqca6430_firmwareqcs6490_firmwareqfw7114_firmwareqcs5430_firmwareqca6391_firmwareqcn6024_firmwareqcm4325_firmwareqcc710_firmwareqca6426_firmwareqca6574a_firmwarefastconnect_6200_firmwareqca6574au_firmwareqca8081_firmwarefastconnect_6800_firmwareqcs410_firmwareqfw7124_firmwareqca6436_firmwarear8035_firmwareqcm6125_firmwareqca6421_firmware
CWE ID-CWE-617
Reachable Assertion
CVE-2020-11296
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.26% / 49.08%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 06:26
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Arithmetic overflow can happen while processing NOA IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100qfe2080fc_firmwareqca9377_firmwareqpm5679_firmwarepmd9607_firmwareqca1023qfs2530qpm8870_firmwareqln1030pm6125mdm9645msm8992_firmwarewcn3950_firmwarepm8150aqdm5670qpm5541_firmwareqpa5581_firmwareqpa8821mdm8215qcs6125_firmwarepm456_firmwaresa415mwcn3998wcd9371_firmwarewcn3950mdm9206_firmwareqsw8573_firmwarewcn3660bqsm8350_firmwareqsm8350smb2351_firmwarepm855pwtr4605_firmwarepm6150aqca9367_firmwareipq8072_firmwaresa8155_firmwareipq8068qat3522qfe4455fcpmr735asdm830_firmwaresd765gsdr660qfe1045_firmwareqfe3345qfs2630_firmwaresdr865mdm9250_firmwareqdm5620_firmwaresmr545qca6696_firmwareqln5020qca1062mdm8215_firmwarepmm855au_firmwaresd_8cxpmm8920ausa8150pqfe3340sd660sd712pm640p_firmwareqcn5121pm6150lpm855l_firmwareqca6428_firmwareqtc410sipq4018_firmwareqca4531_firmwareqfe3335_firmwareqpa8801ipq8078qat5533_firmwareipq8173sdx55m_firmwareqpa8673_firmwaresd670_firmwareqfs2630pmm8996auqpm5579_firmwaresmb1380_firmwarepmk8350_firmwareqcn5024pm855p_firmwaresd690_5g_firmwaresmb1381pm7250wtr4905sdx24_firmwareqcn9012_firmwareqdm2301qca9890_firmwareqfe2101_firmwareqca6584_firmwareqdm5621_firmwareqpm6375sd_8c_firmwareipq6028ipq8064pmp8074qca1990wcn3980_firmwaresd730qfe3320_firmwarepm8008pm8350b_firmwaremdm9225pme605_firmwarepme605apq8064au_firmwaremdm9225mipq8078_firmwareqcn5054qln1021aq_firmwareqcs603qca6164_firmwareqln4640_firmwareqca9980qpm6582qcn9024_firmwareqcs610_firmwareapq8084_firmwareqca9886_firmwarear8031wtr2965qca6164qca6391_firmwarepmx20_firmwareqca4024qat3516_firmwareapq8053qcn5021_firmwareqca9379pm855bsmb2351qpa5581qfe1040_firmwarecsrb31024qca9563_firmwaremdm9628_firmwaremdm9650qbt1500_firmwareqpm5870_firmwarepmk8001qcs4290qet6100pmd9635_firmwareapq8009_firmwaresd690_5gmdm9310_firmwaresd675_firmwareipq8072qca6426qca9984_firmwareqca9377qpm5641sdxr2_5g_firmwarewtr2955rgr7640au_firmwarepm7250_firmwareqdm5620ipq8074aqca9982qcn5122_firmwareqat5533qcn6023_firmwaresm7250p_firmwarewcn3610_firmwareqsm7250_firmwareqpm6670pm7150l_firmwareqca6584aupm855pm8250qcn5052mdm9235m_firmwaremdm9607_firmwaremdm9655_firmwareqfs2530_firmwaresa415m_firmwareqat3519_firmwareqpm5677qat5515qca9982_firmwareqcs4290_firmwareqtc800h_firmwareqpm5620mdm9625sd750g_firmwareaqt1000sm6250_firmwarepmm8195auqln4642msm8994ipq5010_firmwareipq8074a_firmwaremdm9625msd888_5g_firmwaresmr525_firmwarewsa8815_firmwareqpm8820_firmwareapq8017qpm6621_firmwaremdm9630_firmwarewtr2955_firmwareqbt1000_firmwarepm8019qca6595smb1398_firmwareqca9896_firmwareipq8065_firmwarepm8150cpmr735bsd665_firmwareqcn5154qpm5577_firmwareqdm5679_firmwareqca6310_firmwareapq8094_firmwarepm6150l_firmwaremdm9615qca6574_firmwaresd665pm6150a_firmwarepmd9607mdm9310wtr2965_firmwarecsrb31024_firmwareqfs2608qcn9070_firmwareqln1036aqipq6028_firmwareipq8072a_firmwareqca9889_firmwaresd710mdm9607mdm9645_firmwareqln1035bd_firmwaresdx20m_firmwareqca6564_firmwareqca1064_firmwaresmb1350_firmwarepmk8002apq8096au_firmwareqcn9022sdm830smb1357qpa5580pm8018_firmwareqpm5579qfe2550qcn5550qdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqat3519qbt2000_firmwareipq8078asa8150p_firmwaresdr8250_firmwareqcn5064csra6620_firmwareqln1020csra6640_firmwarepmc1000hqat3518smr526_firmwareipq8076apm640a_firmwarewgr7640_firmwareqca4020qca6428qdm5652qcn5164_firmwareipq8071sa6155_firmwarewcd9360sdx20mqca6438_firmwareqpa8675_firmwarewtr1625lqpa5460_firmwarewcn3999qsm7250pm8996ipq4029_firmwareipq6010sd662_firmwareqdm2308_firmwareqca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwareipq8068_firmwarepmi8952mdm9655qca6431wcn3910_firmwareqfe1922sd855_firmwareqdm5650qfe2080fcsdr052sa8195p_firmwaresmb1390qca9898ipq4028qpa8686_firmwarewcd9380_firmwareqca7500_firmwarewgr7640csr6030qat5568qdm5671_firmwareqpa8801_firmwareqtm527_firmwarepm8005_firmwareqca9558pm7250b_firmwarepmd9655_firmwaresmb1351_firmwaremdm9230pm8996_firmwareipq4019_firmwaresmb358sar8151smr526qca8072_firmwareqca6174pmk8003qca6430_firmwareqtc801s_firmwareqat3522_firmwarewcn3980qsw8573qcs605qbt1000mdm9225_firmwaresd7cwcn3910qca6426_firmwarepm8350_firmwarepm8009ipq8064_firmwareqat3518_firmwaresd821_firmwarepmi8998qfe2520ar8031_firmwarepm855lpmd9635pm8150b_firmwaresd_636_firmwaresmr545_firmwareqca9880pm670sd210_firmwarepm8005qdm2302sdxr1apq8096auqcs405_firmwarepmi8996_firmwareqln4650_firmwareqet5100mqca9378a_firmwarepm8952qca9531_firmwareqat3516qpm5658ar8035_firmwareqcm2290qpm5658_firmwareqcn5024_firmwarewcn3991_firmwareqdm5652_firmwareqfe4465fcqcn9070pmi632qca9378pm8350bh_firmwarepmr735b_firmwaresmb1360_firmwareqca9880_firmwarepm670l_firmwaresdr660gqfe2340ipq8069_firmwaresd730_firmwarewcd9370sdr425qcn9000_firmwareipq5018qca9369ar8151_firmwaresd_8cx_firmwareqpm5541qat5516qcn5124_firmwarepm8350bhqca6320_firmwarewcn3680b_firmwareqca6595auipq5010qdm2305sa6155p_firmwareqca6310pm8937qpm2630qca9990sdxr2_5gsmb1398msm8994_firmwaresa6145p_firmwaresdr675ipq8071aipq8071a_firmwarewcd9385qat3550_firmwareqln5040_firmwarepm4125_firmwarear8035pm8019_firmwareapq8064auqca6694_firmwareqdm2310qfe2550_firmwareqcn9100_firmwareqln5030_firmwarepm8952_firmwaresd820smb1396_firmwarecsr6030_firmwaresmr546pmx24qfe1055qca8072qln5040qpm8895sdr845qtm527qfe3440fc_firmwarepmk8350qca9558_firmwaremsm8996aupm8994_firmwareqfe1035qpm5657_firmwaresd888_5gsm6250pqln1035bdpm855asdr660_firmwarepm8909_firmwareipq4018qca6574aqpm4640mdm9635mqet5100m_firmwareipq8076_firmwareqpm4650sa515mipq8076qfe1922_firmwareqca9887qca9378_firmwaresdr865_firmwareqfe4465fc_firmwarepm8250_firmwaresd460qca6391sdxr1_firmwaremdm9626pm660asdx50mpm640apm8916qdm4650ipq8074_firmwareqca6574ausa8155p_firmwareqsw6310qcm6125qpm2630_firmwaresmb231_firmwareqdm2308qat3550wcn6856sd835_firmwareqtc800s_firmwaresa6150pqcn9022_firmwareqpa8688_firmwareipq8070apmm8195au_firmwareqcn9072_firmwaresm7250psd720g_firmwareqpm4621_firmwareqca9896ipq4029sd850qln4640qfs2580mdm9640_firmwaresm6250p_firmwareipq4028_firmwareqfe4455fc_firmwareqca8337ar9380ipq8173_firmwareqfs2608_firmwareqpa8688qcn5124qat5522_firmwaresc8180x\+sdx55qca6595au_firmwaresa6155pm7150lpm8998_firmwaresd_455_firmwareapq8076wtr5975_firmwareqpa5580_firmwareqcn6024_firmwaresd720gsm4125wtr1605pmm8920au_firmwareqsw8574_firmwaresd460_firmwaremdm9230_firmwarepm8953_firmwareqpa4360_firmwareqca8081_firmwareqfe2520_firmwarewcn3998_firmwareqca6420apq8053_firmwareqpm6670_firmwareipq8070_firmwareipq8065ipq8078a_firmwarepm660_firmwarepm8150bqca0000qfe2101qca6430wcd9340mdm9625_firmwaresmb1358qca9888_firmwarewcd9371smb1350qfe1055_firmwareqcn5154_firmwaresm4350_firmwarewtr3950pm6350qdm5621qtc800sqat3514_firmwaremdm9330_firmwareqca9992_firmwaresd865_5g_firmwaresd660_firmwareqcn5022_firmwareqcn7606_firmwareqat5516_firmwarewcn3991qca9980_firmwarepm8150l_firmwarepm6150smb1354_firmwaremsm8976_firmwareqca6574qpa8842csr8811_firmwaresdr052_firmwarewcd9380qcs410qfe3100_firmwareqca9379_firmwareqpa8803pmd9645ipq6018_firmwarewcd9340_firmwarewsa8815wcn6850pmp8074_firmwareqdm2301_firmwaremdm9215_firmwaresd835pm660l_firmwarepm6250_firmwareqtm525_firmwareqcn5064_firmwareqca9890qpm5621_firmwareqca6234rsw8577qpa6560_firmwareqca9994qpa8802_firmwareqpm5621sd670ipq8174_firmwarepm8009_firmwareqfs2580_firmwareqcm4290_firmwarewcn6855qcn7605_firmwarepm8150lpmi8998_firmwaresa6145ppm660a_firmwarepm4250qca1023_firmwareqpm5577sdm630_firmwaresd820_firmwarepm8150wcd9370_firmwaresdx55csra6640qat3555_firmwarepmi8994qpa8803_firmwareqca6234_firmwareqln1031qcn7606qpm5870pm8909qfe1040wsa8830pm660qca9561qet6110_firmwareqca1062_firmwareqpm6325pm6125_firmwareqbt1500qfe2340_firmwaresd_636pmx24_firmwareqca9378aqca9992pmm855aumdm9250qca6420_firmwaresmb1396pm7150apm8350qca6564qpa4361_firmwarepm8350c_firmwareqpa5461_firmwarewcn3990_firmwareqca4531wcd9385_firmwareqdm5650_firmwareqpa4340_firmwarewcd9326_firmwarewhs9410wcn3615_firmwaresdr845_firmwareqln1021aqsmb1380pmk8002_firmwareapq8094qsw6310_firmwaresa8155qca6584qdm4650_firmwareqln1031_firmwarepmm6155au_firmwaresdx55_firmwarewcn3615qfe1952qpm4641qat5515_firmwareipq8174qpm8830_firmwareqca9367qfe2082fc_firmwareapq8092sdm630qdm4643wcn3988_firmwarepmx55qpm4641_firmwareqcn9074pm8150c_firmwareqca6421qdm3301qpa8842_firmwaresa8195psdr735_firmwarepm8953qca6694qat3514wcd9326wcd9335pm6350_firmwareqcn6023pm8004_firmwaresdr8150_firmwareqpm4630qca6390qca9898_firmwarewcd9375msm8976sc8180x\+sdx55_firmwareqpm5677_firmwareapq8092_firmwaresdx20_firmwarewtr3925_firmwarepm8998qln1020_firmwaremdm9235mpm670a_firmwareqcm6125_firmwareqca9882wtr1625l_firmwarepmx55_firmwaresd865_5gpm8150_firmwareqpm8830pmm8996au_firmwareqat5522qca9369_firmwareqpa4360pmk8003_firmwareqca8075_firmwareqpa4361ipq6005_firmwaremdm9206qpm4640_firmwarewcn6855_firmwarepm8350csmr525qca9888ipq8070a_firmwarepmr525pm8150a_firmwarewtr3950_firmwareqca9886qln1036aq_firmwarepm6150_firmwareqca6175asd765wtr3925lpmx20qca6574a_firmwareqpm4630_firmwareqat3555sd850_firmwareapq8009qpa5461qfe2082fcpm670_firmwareqtc801smdm9626_firmwareqca9531qpm5641_firmwareqfe3320qcn5122pm8008_firmwareqpm6621pmr735a_firmwarepmx50pm8018qfe3345_firmwareqcn5022sdr8250sd768gqln1030_firmwarepm8004pm640lqca8075qcn6024sd845mdm9615_firmwareipq6000_firmwareqcs410_firmwaremdm9330qca6175a_firmwaresa6150p_firmwareqcs610pmi8996qpm5620_firmwareqfe1045qca9561_firmwareqca4024_firmwarepm855a_firmwareqtc800hqcs2290qca6335qcs605_firmwaresd_675_firmwaresmr546_firmwarewtr3905qdm5671qfe2330qpm4650_firmwaresdr425_firmwaremdm9628qpa5460qdm2305_firmwareqpm5670_firmwaresd710_firmwareqca6574au_firmwaremdm9630qpm8870wcd9375_firmwareqpm5679qbt2000pmx50_firmwarewhs9410_firmwaresdr735gqdm3301_firmwareqca7500qcs6125smb1360qcs405qca1990_firmwareqfe3440fcrsw8577_firmwareqpa6560sdr675_firmwarewcd9341qdm4643_firmwarepm8937_firmwareqet4100_firmwaresd750gqpm5657wtr1605_firmwareqpm5875_firmwarewsa8830_firmwarewcn3988qca6438wtr3925qet4100wcn3610mdm9640ipq5018_firmwareqpm6585qca8337_firmwaresmb1355ipq8072aqln4650qtc800t_firmwaremsm8996au_firmwaresdr735g_firmwarewcd9330ipq8076a_firmwareqet5100mdm9225m_firmwareqca6564auwcn6856_firmwareqcn5164pm8994qet4101_firmwarepm7250bqln4642_firmwarepmk8001_firmwaresmb1355_firmwareqcn5054_firmwareqet4200aq_firmwaresdx50m_firmwaresdr735smb1395pm660lsmb358s_firmwarewtr5975wcd9335_firmwareqcn5052_firmwareqca6335_firmwareqca6320mdm9650_firmwarewcn3660b_firmwareqca9984qcn9024qpa8675qcn5550_firmwaresdr051_firmwaresdx55mwcd9330_firmwarepm670aqca6421_firmwarewtr3905_firmwareqsw8574wcn6851_firmwareqdm5670_firmwareipq8070pm7150a_firmwareqca9887_firmwarewtr3925l_firmwarepmc1000h_firmwareqca6564a_firmwareqdm2310_firmwarepm4250_firmwarepmd9645_firmwareqcn5121_firmwareqdm5677ipq6018pm855_firmwarepmm6155aupm855b_firmwareqca6595_firmwareqpm6582_firmwareqpm6375_firmwarepm640l_firmwareqpm5875sa8155psd675wtr4605qet4101pm670lqfe2330_firmwarepmm8155au_firmwaresdr051qln5030qcs2290_firmwarepm4125qpa2625_firmwarepm456sd7c_firmwareqfe2081fc_firmwarecsra6620qet5100_firmwareqfe1100_firmwareqpm4621qcn9072qet6100_firmwaresd765g_firmwareqpa8686smb1358_firmwareqca6390_firmwareipq6000qca6174_firmwareqcn5152_firmwareqca0000_firmwarepmr525_firmwareqca6584au_firmwareapq8076_firmwareqfe3340_firmwarepmi632_firmwareqcn7605qca9563sd662qpa8821_firmwareqfe1952_firmwaresdr660g_firmwareqca1064pm3003awcn3999_firmwareqca6436_firmwareqtc800tsmb1354qca6564au_firmwareqpm8820qfe2081fcqln5020_firmwaresa515m_firmwareapq8084sd821msm8992sm6250sd712_firmwareapq8017_firmwarewsa8810_firmwaresmb231qfe1100sd765_firmwareqdm5677_firmwareqca8081qet4200aqqca6174a_firmwareqpm6325_firmwareqdm2302_firmwarepmm8155aucsr8811qpa8673ipq4019sd210wcn6850_firmwarewsa8835_firmwareqca6564aqet6110pmi8952_firmwareqcm2290_firmwaremdm9635m_firmwareqpm5670wcn3990qcn9000sd_675mdm9625m_firmwarear9380_firmwaresdx24qcn9012pmi8994_firmwarepm8350bqdm2307_firmwarewsa8835rgr7640aupm8916_firmwareqca9889qca6174asmb1390_firmwareipq8074qca9994_firmwarepm8956_firmwareqtm525wtr6955qfe3335sd855sm4125_firmwarewtr6955_firmwarepm640pqcn5021ipq8069qcn5152sd768g_firmwaresmb1351smb1357_firmwareipq6005aqt1000_firmwareqcn9100qpm8895_firmwareqpa4340qfe1035_firmwareqcm4290qca9882_firmwaresdr8150sdx20smb1395_firmwaremdm9215sd_455pmd9655wcd9341_firmwarewsa8810qtc410s_firmwareqat5568_firmwarewtr4905_firmwareqdm5679sd_8cwcn3680bipq6010_firmwarepm3003a_firmwareqca6696sm4350sd845_firmwaresmb1381_firmwareqpa2625qca9990_firmwareipq8071_firmwareqcn9074_firmwarepm8956pm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-617
Reachable Assertion
CVE-2017-3137
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-7.5||HIGH
EPSS-34.71% / 96.88%
||
7 Day CHG~0.00%
Published-16 Jan, 2019 | 20:00
Updated-17 Sep, 2024 | 01:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
A response packet can cause a resolver to terminate when processing an answer containing a CNAME or DNAME

Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could lead to a situation in which named would exit with an assertion failure when processing a response in which records occurred in an unusual order. Affects BIND 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0-P3, 9.11.1b1->9.11.1rc1, and 9.9.9-S8.

Action-Not Available
Vendor-Red Hat, Inc.NetApp, Inc.Debian GNU/LinuxInternet Systems Consortium, Inc.
Product-enterprise_linux_serverdebian_linuxenterprise_linux_server_eusenterprise_linux_server_ausenterprise_linux_workstationdata_ontap_edgeoncommand_balancebindenterprise_linux_server_tusenterprise_linux_desktopelement_softwareBIND 9
CWE ID-CWE-617
Reachable Assertion
CVE-2023-5517
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-7.5||HIGH
EPSS-0.16% / 37.40%
||
7 Day CHG~0.00%
Published-13 Feb, 2024 | 14:04
Updated-13 Feb, 2025 | 17:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Querying RFC 1918 reverse zones may cause an assertion failure when "nxdomain-redirect" is enabled

A flaw in query-handling code can cause `named` to exit prematurely with an assertion failure when: - `nxdomain-redirect <domain>;` is configured, and - the resolver receives a PTR query for an RFC 1918 address that would normally result in an authoritative NXDOMAIN response. This issue affects BIND 9 versions 9.12.0 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1.

Action-Not Available
Vendor-Fedora ProjectNetApp, Inc.Internet Systems Consortium, Inc.
Product-bindactive_iq_unified_managerfedoraBIND 9bind_9
CWE ID-CWE-617
Reachable Assertion
CVE-2017-3139
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-7.5||HIGH
EPSS-0.72% / 71.64%
||
7 Day CHG~0.00%
Published-09 Apr, 2019 | 17:07
Updated-05 Aug, 2024 | 14:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service flaw was found in the way BIND handled DNSSEC validation. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response.

Action-Not Available
Vendor-Red Hat, Inc.
Product-enterprise_linux_server_ausenterprise_linux_server_tusenterprise_linux_server_eusBIND
CWE ID-CWE-617
Reachable Assertion
CVE-2025-46354
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-7.5||HIGH
EPSS-0.05% / 16.61%
||
7 Day CHG~0.00%
Published-22 Jul, 2025 | 15:26
Updated-22 Aug, 2025 | 16:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability exists in the Distributed Transaction Commit/Abort Operation functionality of Bloomberg Comdb2 8.1. A specially crafted network packet can lead to a denial of service. An attacker can send a malicious packet to trigger this vulnerability.

Action-Not Available
Vendor-bloombergBloomberg
Product-comdb2Comdb2
CWE ID-CWE-617
Reachable Assertion
CVE-2020-11653
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.48% / 63.95%
||
7 Day CHG+0.02%
Published-08 Apr, 2020 | 00:00
Updated-04 Aug, 2024 | 11:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Varnish Cache before 6.0.6 LTS, 6.1.x and 6.2.x before 6.2.3, and 6.3.x before 6.3.2. It occurs when communication with a TLS termination proxy uses PROXY version 2. There can be an assertion failure and daemon restart, which causes a performance loss.

Action-Not Available
Vendor-varnish-cachevarnish-softwaren/aDebian GNU/LinuxopenSUSE
Product-varnish_cachedebian_linuxbackports_sleleapn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2020-11278
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.24% / 47.69%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 06:26
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible denial of service while handling host WMI command due to improper validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qpm5679_firmwaresm6250p_firmwareqca8337ipq8173_firmwareqfs2608_firmwareqfs2530qpm8870_firmwareqln1030qpa8688pm6125qcn5124qat5522_firmwarewcn3950_firmwarepm8150aqdm5670qca6595au_firmwareqpm5541_firmwareqpa5581_firmwaresa6155pm7150lqpa8821pm8998_firmwarewtr5975_firmwareqcs6125_firmwarepm456_firmwareqpa5580_firmwaresa415mwcn3998wcd9371_firmwarewcn3950qcn6024_firmwaresd720gsm4125qsw8573_firmwareqsm8350_firmwareqsw8574_firmwareqsm8350sd460_firmwaresmb2351_firmwaresd6905gqpa4360_firmwareqca8081_firmwarewcn3998_firmwarepm855pqca6420pm6150aqpm6670_firmwareipq8070_firmwareipq8078a_firmwarepm660_firmwarepm8150bipq8072_firmwaresa8155_firmwareqca6430qat3522pmr735awcd9340sdm830_firmwaresd765gsdr660qfs2630_firmwaresdr865qdm5620_firmwareqca9888_firmwaresmr545qca6696_firmwareqln5020wcd9371qca1062qcn5154_firmwarepmm855au_firmwaresm4350_firmwaresa8150ppm6350qdm5621qtc800sqat3514_firmwaresd660sd712pm640p_firmwaresd660_firmwareqcn5121qcn5022_firmwareqcn7606_firmwareqat5516_firmwarepm6150lwcn6750_firmwaresd8885gpm855l_firmwareqca6428_firmwareqtc410swcn3991qpa8801ipq8078pm8150l_firmwareipq8173qat5533_firmwaresdx55m_firmwaresdxr25gqpa8673_firmwarepm6150smb1354_firmwaresd670_firmwareqca6574qfs2630qpa8842csr8811_firmwaresdr052_firmwarewcd9380qln4640qcs410qpm5579_firmwaresmb1380_firmwarepmk8350_firmwareqcn5024pm855p_firmwaresmb1381pm7250qpa8803qcn9012_firmwaresdxr25g_firmwareqdm2301ipq6018_firmwarewcd9340_firmwarewsa8815wcn6850pmp8074_firmwareqdm5621_firmwareqdm2301_firmwareqpm6375ipq6028pmp8074wcn3980_firmwaresd730pm660l_firmwarepm6250_firmwarepm8008pm8350b_firmwareqtm525_firmwarepme605_firmwareqcn5064_firmwarepme605ipq8078_firmwareqpm5621_firmwareqcn5054qln1021aq_firmwareqcs603rsw8577qpa6560_firmwareqpa8802_firmwareqln4640_firmwareqpm5621qpm6582qcn9024_firmwareipq8174_firmwarepm8009_firmwaresd670qfs2580_firmwareqcm4290_firmwarewcn6855qcn7605_firmwarepm8150lpmi8998_firmwareqcs610_firmwaresa6145ppm660a_firmwarepm4250ar8031qpm5577wtr2965sdm630_firmwareqca6391_firmwarepm8150qca4024wcd9370_firmwareqat3516_firmwaresdx55qcn5021_firmwarecsra6640qat3555_firmwareqpa8803_firmwarepm855bsmb2351qln1031qcn7606qpm5870wsa8830pm660qet6110_firmwareqca1062_firmwareqpm6325pm6125_firmwareqbt1500qpa5581csrb31024pmx24_firmwareqbt1500_firmwareqpm5870_firmwareqcs4290qet6100pmm855auqca6420_firmwaresmb1396pm7150asd675_firmwareipq8072pm8350qpa5461_firmwareqpa4361_firmwarepm8350c_firmwareqca6426wcn3990_firmwareqca9984_firmwareqpm5641wcd9385_firmwareqdm5650_firmwareqpa4340_firmwarewcd9326_firmwarewhs9410pm7250_firmwaresdr845_firmwareqdm5620qln1021aqipq8074asmb1380pmk8002_firmwareqsw6310_firmwaresa8155qln1031_firmwareqdm4650_firmwareqcn5122_firmwarepmm6155au_firmwareqat5533sdx55_firmwareqcn6023_firmwaresm7250p_firmwareqsm7250_firmwareqpm6670pm7150l_firmwareqca6584auqpm4641qat5515_firmwareipq8174pm855qpm8830_firmwarepm8250qcn5052sdm630qdm4643qfs2530_firmwaresa415m_firmwarepmx55qpm4641_firmwareqcn9074wcn3988_firmwarepm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresa8195psdr735_firmwareqpm5677qat5515qca6694qat3514wcd9326wcd9335pm6350_firmwareqcn6023pm8004_firmwaresdr8150_firmwareqcs4290_firmwareqtc800h_firmwareqpm5620qpm4630qca6390wcd9375sd750g_firmwareaqt1000sm6250_firmwarepmm8195auqln4642qpm5677_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwaresmr525_firmwarepm8998wtr3925_firmwareqpm8820_firmwareqln1020_firmwareqpm6621_firmwarepm670a_firmwareqcm6125_firmwarepmx55_firmwareqca6595pm8150_firmwaresmb1398_firmwareqpm8830qat5522pm8150cpmr735bsd665_firmwareqpa4360pmk8003_firmwareqcn5154qca8075_firmwaresc8180xqpa4361ipq6005_firmwareqpm4640_firmwareqpm5577_firmwarewcn6855_firmwareqdm5679_firmwarepm8350csmr525qca9888qca6310_firmwareipq8070a_firmwarepm6150l_firmwarepmr525pm8150a_firmwareqca6574_firmwareqln1036aq_firmwaresd665pm6150a_firmwarepm6150_firmwareqca6175asd765qca6574a_firmwareqpm4630_firmwareqat3555qpa5461sd8c_firmwarewtr2965_firmwarepm670_firmwarecsrb31024_firmwareqfs2608qcn9070_firmwareqln1036aqqtc801sipq6028_firmwareipq8072a_firmwaresc8180x_firmwareqpm5641_firmwareqca9889_firmwaresd710qcn5122pm8008_firmwareqpm6621pmr735a_firmwarepmx50qcn5022sdr8250sd768gqca1064_firmwareqln1030_firmwarepm8004pm640lpmk8002qca8075qcn6024qcn9022sd845sd455_firmwaresdm830ipq6000_firmwareqcs410_firmwareqca6175a_firmwareqpa5580qpm5579sa6150p_firmwareqcs610qcn5550qpm5620_firmwareqdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqat3519qbt2000_firmwareqca4024_firmwarepm855a_firmwareipq8078aqtc800hsa8150p_firmwareqcs2290sdr8250_firmwareqca6335qcn5064csra6620_firmwareqcs605_firmwareqln1020smr546_firmwareqdm5671csra6640_firmwarepmc1000hqpm4650_firmwareqat3518sd8csdr425_firmwaresmr526_firmwareipq8076aqpa5460pm640a_firmwarewgr7640_firmwareqdm2305_firmwareqpm5670_firmwaresd710_firmwareqca6428qdm5652qca6574au_firmwareqcn5164_firmwareipq8071qpm8870wcd9375_firmwareqpm5679qbt2000sa6155_firmwarewcd9360qca6438_firmwarepmx50_firmwareqpa8675_firmwarewhs9410_firmwaresdr735gqpa5460_firmwarewcn3999qdm3301_firmwareqsm7250qcs6125ipq6010sd662_firmwareqcs405rsw8577_firmwareqdm2308_firmwareqca6436wcn6851sa6155pqcs603_firmwareqpa6560sdr675_firmwarewcd9341qdm4643_firmwareqca6431qet4100_firmwaresd750gwcn3910_firmwareqpm5657qpm5875_firmwarewsa8830_firmwaresd855_firmwareqdm5650wcn3988qca6438wtr3925sdr052sa8195p_firmwaresmb1390qet4100qpa8686_firmwareipq5018_firmwareqpm6585qca8337_firmwarewcd9380_firmwaresmb1355ipq8072aqln4650sdr735g_firmwarewgr7640ipq8076a_firmwareqat5568qdm5671_firmwareqet5100qca6564auqpa8801_firmwareqtm527_firmwaresd636wcn6856_firmwarepm8005_firmwareqcn5164qet4101_firmwarepm7250bqln4642_firmwaresmb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwareqcn5054_firmwareqet4200aq_firmwaresdx50m_firmwaresdr735smb1395pm660lsmr526qca8072_firmwarewtr5975qca6430_firmwarepmk8003qcn5052_firmwareqtc801s_firmwareqat3522_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqsw8573qcs605sd7cwcn3910qca6426_firmwarepm8350_firmwareqca9984qcn9024pm8009qpa8675qcn5550_firmwaresdr051_firmwaresdx55mpm670aqca6421_firmwareqat3518_firmwareqsw8574pmi8998sd6905g_firmwarear8031_firmwarepm855lwcn6851_firmwareqdm5670_firmwareipq8070sd8655gpm7150a_firmwarepm8150b_firmwaresmr545_firmwarepmc1000h_firmwareqca6564a_firmwareqdm2310_firmwarepm4250_firmwareqcn5121_firmwaresd8885g_firmwarepm670qdm5677pm8005ipq6018pm855_firmwareqdm2302pmm6155ausdxr1pm855b_firmwareqca6595_firmwareqcs405_firmwareqpm6582_firmwareqpm6375_firmwarepm640l_firmwareqln4650_firmwareqpm5875qet5100msa8155psd675qet4101qat3516pm670lqpm5658ar8035_firmwareqcm2290qpm5658_firmwareqcn5024_firmwarewcn3991_firmwareqdm5652_firmwarepmm8155au_firmwaresdr051qcn9070qln5030qcs2290_firmwarepm4125pmi632qpa2625_firmwarepm456sd7c_firmwarepm8350bh_firmwarecsra6620pmr735b_firmwareqet5100_firmwareqpm4621qcn9072qet6100_firmwarepm670l_firmwaresdr660gsd455sd765g_firmwareqpa8686qca6390_firmwareipq6000sd730_firmwarewcd9370qcn5152_firmwaresdr425pmr525_firmwareqca6584au_firmwareqcn9000_firmwareipq5018pmi632_firmwareqcn7605qpm5541qat5516sd662qpa8821_firmwareqcn5124_firmwaresdr660g_firmwarepm8350bhqca1064pm3003aqca6595auwcn3999_firmwareqca6436_firmwaresmb1354ipq5010qca6564au_firmwareqdm2305sa6155p_firmwareqca6310qpm8820qpm2630qln5020_firmwaresa515m_firmwaresmb1398sa6145p_firmwaresdr675sm6250sd712_firmwarewsa8810_firmwaresd765_firmwareqdm5677_firmwareqca8081qet4200aqipq8071aipq8071a_firmwarewcd9385qpm6325_firmwareqdm2302_firmwareqat3550_firmwarepmm8155auqln5040_firmwarepm4125_firmwarear8035csr8811qpa8673qca6694_firmwareqdm2310qln5030_firmwareqcn9100_firmwaresmb1396_firmwarewcn6850_firmwarewsa8835_firmwareqca6564asmr546pmx24qet6110qln5040qca8072qcm2290_firmwareqpm8895sdr845qpm5670wcn3990qcn9000qtm527pmk8350qcn9012pm8350bqdm2307_firmwarewsa8835qpm5657_firmwaresm6250ppm855asdr660_firmwareqca6574asmb1390_firmwareqca9889ipq8074qpm4640wcn6750qet5100m_firmwareipq8076_firmwareqpm4650qtm525sa515mwtr6955sd855sm4125_firmwaresd8cxipq8076wtr6955_firmwarepm640pqcn5021qcn5152sd768g_firmwaresdr865_firmwarepm8250_firmwaresd460qca6391sd8cx_firmwaresdxr1_firmwaresmb1351ipq6005aqt1000_firmwareqcn9100qpm8895_firmwarepm660aqpa4340qcm4290sdx50mpm640asdr8150smb1395_firmwareqdm4650pmd9655ipq8074_firmwareqca6574ausa8155p_firmwareqsw6310sd8655g_firmwarewcd9341_firmwareqcm6125wsa8810qtc410s_firmwareqpm2630_firmwareqat5568_firmwareqdm2308qat3550wcn6856qdm5679ipq6010_firmwarepm3003a_firmwareqca6696qtc800s_firmwaresm4350sd845_firmwaresmb1381_firmwareqpa2625sa6150pqcn9022_firmwareqpa8688_firmwareipq8070apmm8195au_firmwareqcn9072_firmwaresm7250psd720g_firmwareipq8071_firmwareqcn9074_firmwareqpm4621_firmwaresd636_firmwarepm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-617
Reachable Assertion
CVE-2023-40462
Matching Score-4
Assigner-Sierra Wireless Inc.
ShareView Details
Matching Score-4
Assigner-Sierra Wireless Inc.
CVSS Score-7.5||HIGH
EPSS-0.01% / 1.04%
||
7 Day CHG~0.00%
Published-04 Dec, 2023 | 22:53
Updated-13 Feb, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper input leads to DoS

The ACEManager component of ALEOS 4.16 and earlier does not perform input sanitization during authentication, which could potentially result in a Denial of Service (DoS) condition for ACEManager without impairing other router functions. ACEManager recovers from the DoS condition by restarting within ten seconds of becoming unavailable.

Action-Not Available
Vendor-sierrawirelessSierraWirelessDebian GNU/Linux
Product-es450rv55lx60aleoslx40gx450debian_linuxrv50xmp70ALEOS
CWE ID-CWE-617
Reachable Assertion
CVE-2023-39534
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.07% / 21.25%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 13:12
Updated-13 Feb, 2025 | 17:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Malformed GAP submessage triggers assertion failure

eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.10.0, 2.9.2, and 2.6.5, a malformed GAP submessage can trigger assertion failure, crashing FastDDS. Version 2.10.0, 2.9.2, and 2.6.5 contain a patch for this issue.

Action-Not Available
Vendor-eprosimaeProsimaDebian GNU/Linux
Product-fast_ddsdebian_linuxFast-DDS
CWE ID-CWE-617
Reachable Assertion
CVE-2023-38976
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.57% / 87.28%
||
7 Day CHG~0.00%
Published-21 Aug, 2023 | 00:00
Updated-07 Oct, 2024 | 17:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in weaviate v.1.20.0 allows a remote attacker to cause a denial of service via the handleUnbatchedGraphQLRequest function.

Action-Not Available
Vendor-weaviaten/a
Product-weaviaten/a
CWE ID-CWE-617
Reachable Assertion
CVE-2011-3596
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-13.88% / 94.05%
||
7 Day CHG~0.00%
Published-25 Nov, 2019 | 23:53
Updated-06 Aug, 2024 | 23:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Polipo before 1.0.4.1 suffers from a DoD vulnerability via specially-crafted HTTP POST / PUT request.

Action-Not Available
Vendor-polipo_projectpolipoDebian GNU/Linux
Product-debian_linuxpolipopolipo
CWE ID-CWE-617
Reachable Assertion
CVE-2023-37024
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.13% / 33.21%
||
7 Day CHG+0.01%
Published-21 Jan, 2025 | 00:00
Updated-23 Jan, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A reachable assertion in the Mobile Management Entity (MME) of Magma versions <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows remote attackers to crash the MME with an unauthenticated cellphone by sending a NAS packet containing an `Emergency Number List` Information Element.

Action-Not Available
Vendor-n/a
Product-n/a
CWE ID-CWE-617
Reachable Assertion
CVE-2025-27073
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.05% / 14.47%
||
7 Day CHG~0.00%
Published-06 Aug, 2025 | 07:26
Updated-20 Aug, 2025 | 19:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reachable Assertion in WLAN Firmware

Transient DOS while creating NDP instance.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm8735_firmwareqca6574ssg2115p_firmwaresm8750p_firmwareqcn9002sa7255pqcn9100sa7775pqam8650p_firmwareqcn5152_firmwarewcd9395sxr2330pwsa8845h_firmwareqca8084_firmwarewcd9378qca8082_firmwareqca6595_firmwareqca6678aqqcc2073_firmwaresnapdragon_865_5g_mobile_platform_firmwareipq9008wsa8835_firmwareqca6698aq_firmwareqcn6024snapdragon_ar2_gen_1_platformsnapdragon_8_gen_3_mobile_platformsm7635qca6426qamsrv1h_firmwarewcn6450qca6574a_firmwareqca8085_firmwaresxr2230p_firmwarecsr8811immersive_home_318_platformsxr2250p_firmwareipq8072asg8275pwcd9370qfw7124snapdragon_865_5g_mobile_platformsg8275p_firmwareqca8337immersive_home_318_platform_firmwaresnapdragon_8\+_gen_2_mobile_platformqca6436_firmwarewcn7861snapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)_firmwarefastconnect_6800_firmwareqcn6132_firmwarewsa8815_firmwareipq8072a_firmwarewsa8845_firmwareqca6391_firmwareipq6000_firmwareqcc2073wcd9375sd_8_gen1_5gipq5028qcn5024ipq8078_firmwareqcn6274_firmwareqcn5124_firmwareqca6564auqcn5164snapdragon_870_5g_mobile_platform_\(sm8250-ac\)_firmwareipq8076_firmwareqcn5154_firmwareqcn5122qcc2076_firmwareqca6574ausnapdragon_x75_5g_modem-rf_systemqcn5052_firmwareqcn9074_firmwareqca6584au_firmwareqamsrv1m_firmwareipq6028ipq8070a_firmwaresnapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)sa9000pqcn9100_firmwaresm8750pqcn5024_firmwaresnapdragon_ar1_gen_1_platform_firmwaresm7675qca6688aqwcn7750qca6787aq_firmwareipq6010_firmwareqca6554a_firmwareqca6584ausc8380xpipq6018qmp1000qca8075_firmwareqam8255p_firmwareqcn9011ipq5010_firmwareqca6787aqqca6688aq_firmwareqca8085wcd9380_firmwaresd_8_gen1_5g_firmwareqca6574aqca6797aq_firmwarewsa8830_firmwareipq8174_firmwarewsa8832_firmwareqcs8550qcs8550_firmwaressg2125pimmersive_home_214_platformsnapdragon_xr2_5g_platformqcm8550qcn6023qcm8550_firmwarewsa8835qcn5054_firmwareqcn9001_firmwareqcn5022_firmwareqca8081_firmwarefastconnect_6800ipq8078qca6426_firmwareqcn6224wcn7860sa8620p_firmwaresd865_5g_firmwareqca6595au_firmwarewcd9385_firmwareqca6696_firmwarewcn6740qca8072immersive_home_216_platform_firmwarewcd9370_firmwaresm8650q_firmwareqcn5154wsa8815sm8750_firmwarewsa8845hqca6574au_firmwareqca6595ausa8255pwcn6755sa7775p_firmwarewcd9390_firmwarewsa8810snapdragon_x75_5g_modem-rf_system_firmwarewcn6650qcn5054ipq6000snapdragon_ar1_gen_1_platform_\"luna1\"ipq9008_firmwareipq9574sa8775p_firmwaresrv1h_firmwareqcn9074qca9889fastconnect_7800_firmwareimmersive_home_214_platform_firmwareqca8081wcd9340_firmwareipq9574_firmwareqcn5022qca8386sm6650p_firmwaresm8735qca9889_firmwaresm8650qqcn9024wcn7881sm8635pipq6028_firmwareqmp1000_firmwaressg2115pipq6018_firmwareqcn9000wcn6755_firmwareqcn6224_firmwareqam8255pwcn7880_firmwaresnapdragon_ar1_gen_1_platformsm8635p_firmwareqam8775p_firmwarewsa8810_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwareqca6678aq_firmwareqca6696sm8550pqcc710sm8750qcn9274_firmwareqca6391qam8775psm6650_firmwareqca6554aqcn9022_firmwaresnapdragon_ar2_gen_1_platform_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqcn6122qca6777aq_firmwaresnapdragon_xr2_5g_platform_firmwaresxr2250pqcn6122_firmwarewsa8840_firmwarewcn7861_firmwaresnapdragon_x72_5g_modem-rf_system_firmwaressg2125p_firmwareqcc710_firmwaresa8620psxr2330p_firmwaresm8550p_firmwareimmersive_home_316_platformipq8078a_firmwareipq5028_firmwarewcd9380fastconnect_6900_firmwaresnapdragon_8_gen_1_mobile_platform_firmwaresrv1m_firmwareqcn9022immersive_home_216_platformqam8650psm7675_firmwaresxr1230p_firmwareqca8082sm7675pipq9554_firmwareipq8076a_firmwareqamsrv1hsnapdragon_8_gen_1_mobile_platformqca6777aqqamsrv1mipq8076aqcn5122_firmwaresxr2230pqcn9001qca8072_firmwareqca8084qca8075sm7675p_firmwaresa9000p_firmwareipq9570sm8635_firmwareqcc2076qcn5164_firmwareqcn9000_firmwareipq9570_firmwarear8035ipq8074a_firmwarewcd9395_firmwaresnapdragon_ar1_gen_1_platform_\"luna1\"_firmwarewcn6740_firmwarewcd9375_firmwaresm6650sa8255p_firmwarear8035_firmwareimmersive_home_316_platform_firmwareqcn9072ipq8071awsa8845wsa8840sa8775pfastconnect_7800srv1hqcn9070snapdragon_8_gen_3_mobile_platform_firmwareqca8337_firmwarewsa8832wsa8830snapdragon_8_gen_2_mobile_platformipq6010srv1mipq8070asxr1230pwcd9385qcn5124snapdragon_auto_5g_modem-rf_gen_2wcn6650_firmwaresa8650p_firmwarecsr8811_firmwareqcn9002_firmwaresnapdragon_x72_5g_modem-rf_systemqcn9003qca9888qca6436sa7255p_firmwareqca8386_firmwareipq8173_firmwarewcn7860_firmwaresm8635sc8380xp_firmwareipq8173qcn9012qca6797aqsnapdragon_870_5g_mobile_platform_\(sm8250-ac\)qcn6274wcn7881_firmwareqfw7114sm6650pqfw7114_firmwarewcd9340wcd9390qca4024_firmwareqca9888_firmwaresa8770p_firmwareipq8078asnapdragon_auto_5g_modem-rf_gen_2_firmwareqca6564au_firmwaresd865_5gqca6595wcn7880wcn6450_firmwareqcn6024_firmwareipq8071a_firmwareipq8074aqca4024fastconnect_6900qcn9024_firmwareqcn5152qcn9070_firmwareqcn6023_firmwareqcn9274ipq8076qcn9003_firmwareqcn9011_firmwaresa8650pipq8174sa8770pqcn5052wcd9378_firmwareqca6574_firmwareqcn6132qca6698aqipq9554qfw7124_firmwaresm7635_firmwareqcn9012_firmwareipq5010qcn9072_firmwarewcn7750_firmwareSnapdragon
CWE ID-CWE-617
Reachable Assertion
CVE-2023-37029
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.09% / 26.40%
||
7 Day CHG+0.01%
Published-21 Jan, 2025 | 00:00
Updated-27 Jan, 2025 | 14:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Magma versions <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) are susceptible to an assertion-based crash when an oversized NAS packet is received. An attacker may leverage this behavior to repeatedly crash the MME via either a compromised base station or via an unauthenticated cellphone within range of a base station managed by the MME, causing a denial of service.

Action-Not Available
Vendor-n/aThe Linux Foundation
Product-magman/a
CWE ID-CWE-617
Reachable Assertion
CVE-2023-34867
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.09% / 26.47%
||
7 Day CHG~0.00%
Published-14 Jun, 2023 | 00:00
Updated-03 Jan, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the ecma_property_hashmap_create at jerry-core/ecma/base/ecma-property-hashmap.c.

Action-Not Available
Vendor-jerryscriptn/a
Product-jerryscriptn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2025-27066
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.05% / 15.98%
||
7 Day CHG~0.00%
Published-06 Aug, 2025 | 07:26
Updated-06 Aug, 2025 | 20:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reachable Assertion in WLAN Firmware

Transient DOS while processing an ANQP message.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-Snapdragon
CWE ID-CWE-617
Reachable Assertion
CVE-2021-38385
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.63% / 69.48%
||
7 Day CHG~0.00%
Published-30 Aug, 2021 | 00:00
Updated-04 Aug, 2024 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tor before 0.3.5.16, 0.4.5.10, and 0.4.6.7 mishandles the relationship between batch-signature verification and single-signature verification, leading to a remote assertion failure, aka TROVE-2021-007.

Action-Not Available
Vendor-torprojectn/a
Product-torn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2021-38291
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.14% / 34.04%
||
7 Day CHG~0.00%
Published-12 Aug, 2021 | 00:00
Updated-04 Aug, 2024 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FFmpeg version (git commit de8e6e67e7523e48bb27ac224a0b446df05e1640) suffers from a an assertion failure at src/libavutil/mathematics.c.

Action-Not Available
Vendor-n/aDebian GNU/LinuxFFmpeg
Product-ffmpegdebian_linuxn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2023-34194
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.63% / 69.40%
||
7 Day CHG~0.00%
Published-13 Dec, 2023 | 00:00
Updated-02 Aug, 2024 | 16:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

StringEqual in TiXmlDeclaration::Parse in tinyxmlparser.cpp in TinyXML through 2.6.2 has a reachable assertion (and application exit) via a crafted XML document with a '\0' located after whitespace.

Action-Not Available
Vendor-tinyxml_projectn/a
Product-tinyxmln/a
CWE ID-CWE-617
Reachable Assertion
CVE-2023-33199
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.11% / 30.11%
||
7 Day CHG~0.00%
Published-26 May, 2023 | 22:52
Updated-14 Jan, 2025 | 19:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
malformed proposed intoto v0.0.2 entries can cause a panic in Rekor

Rekor's goals are to provide an immutable tamper resistant ledger of metadata generated within a software projects supply chain. A malformed proposed entry of the `intoto/v0.0.2` type can cause a panic on a thread within the Rekor process. The thread is recovered so the client receives a 500 error message and service still continues, so the availability impact of this is minimal. This has been fixed in v1.2.0 of Rekor. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Action-Not Available
Vendor-sigstoreThe Linux Foundation
Product-rekorrekor
CWE ID-CWE-617
Reachable Assertion
CVE-2023-32841
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-7.5||HIGH
EPSS-1.55% / 80.68%
||
7 Day CHG~0.00%
Published-04 Dec, 2023 | 03:45
Updated-02 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01128524 (MSV-846).

Action-Not Available
Vendor-MediaTek Inc.
Product-mt6896mt6855mt6990nr17mt6873mt6893mt2735mt6886mt6983mt6891mt6298nr16mt6883mt6980dmt6297mt6813mt6835mt6880mt6875mt6889mt2737mt6985mt6890mt6833mt6885mt6989mt6877nr15mt6853mt6980mt6875tmt6895mt6897mt6815mt6895tmt6879MT2735, MT2737, MT6297, MT6298, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6989, MT6990
CWE ID-CWE-617
Reachable Assertion
CVE-2023-33044
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.19% / 40.69%
||
7 Day CHG~0.00%
Published-05 Dec, 2023 | 03:04
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reachable Assertion in Data Modem

Transient DOS in Data modem while handling TLB control messages from the Network.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6431qcm8550_firmwarewsa8845_firmwaresd865_5gwsa8832sdx57m_firmwaresm6350sxr2130_firmwarewcd9370qca8081_firmwarear8035_firmwareqca6696sm7250-absm8475wcd9341_firmwaresm8250-ab_firmwarewcd9395_firmwareqcn6024sd888_firmwareqca6390qca6426wcn6740_firmwaresm7325-af_firmwarewsa8815_firmwaresm7325-ae_firmwaresm8250-abwsa8832_firmwareqca8337_firmwareqca8337sm7325qca6426_firmwarewcd9395qcm6490_firmwareqca6574au_firmwarewcn785x-5sm7250p_firmwaresm8350-ac_firmwarewcd9341qcm4490_firmwareqca6574auwcd9390wcn785x-5_firmwarewcn3950wsa8810_firmwaresnapdragon_xr2_5g_platformwsa8845h_firmwaresnapdragon_x65_5g_modem-rf_system_firmwaresnapdragon_7c\+_gen_3_computesm4350_firmwaresm7350-ab_firmwarewcn3991sm8150-acsm6375_firmwareqcn6024_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaresm7250psm8350sd888snapdragon_4_gen_2_mobile_platformsm6375wcn685x-5wcn6740sm7250-aa_firmware315_5g_iot_modem_firmwaresm8250-acsm8450_firmwaresm8250_firmwarewcd9385_firmware315_5g_iot_modemqca6421sm7225snapdragon_x55_5g_modem-rf_systemwcd9380wcd9360snapdragon_xr2_5g_platform_firmwareqcs4490snapdragon_8\+_gen_2_mobile_platform_firmwarewsa8845qca6421_firmwaresm7350-absnapdragon_auto_5g_modem-rf_firmwaresm8350_firmwarewsa8810snapdragon_8\+_gen_2_mobile_platformsm4350-acsm8350-acvideo_collaboration_vc3_platformqca6595ausm7315_firmwaresm7325_firmwarewsa8840wcn3991_firmwaresd855qcs8550_firmwareqca6390_firmwareqca6431_firmwaresm7225_firmwaresm7315qca6698aq_firmwareqca6436_firmwarewcd9385qcs4490_firmwaresnapdragon_8_gen_2_mobile_platformsnapdragon_7c\+_gen_3_compute_firmwarewcd9390_firmwaresm8250-ac_firmwarewcn6750wcn6750_firmwarewcd9370_firmwaresnapdragon_x70_modem-rf_system_firmwaresdx55_firmwaresnapdragon_auto_5g_modem-rfsnapdragon_x55_5g_modem-rf_system_firmwaresm7250-ab_firmwareqca6574asm7325-aesxr2130qcm4490sm4350sm7325pqcm6490wcn3998sm8150-ac_firmwaresm8550p_firmwarewcn3998_firmwareqcm8550wcn3988qcs6490_firmwaresm8450snapdragon_x65_5g_modem-rf_systemqcn9024sd855_firmwareqca6436sm7325-afwsa8835qca6595au_firmwareqca6391_firmwarewsa8840_firmwaresm8250qca6696_firmwareqcn9024_firmwaresdx57mwsa8845hwcd9380_firmwaresm7250-aaqca8081wsa8815sm4375wsa8830sm8550psm4375_firmwarewcn785x-1_firmwarear8035qca6574a_firmwaresdx55sm6350_firmwarewcd9375_firmwareqca6391snapdragon_x70_modem-rf_systemwcn785x-1sm8475_firmwareqca6698aqwcn3950_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqcs8550sm7250-acwcn685x-1sm7325p_firmwaresd865_5g_firmwarewcd9360_firmwarewcd9375wcn685x-5_firmwarewcn3988_firmwarevideo_collaboration_vc3_platform_firmwaresm4350-ac_firmwarewsa8835_firmwareqcs6490sm7250-ac_firmwarewsa8830_firmwarewcn685x-1_firmwareSnapdragon
CWE ID-CWE-617
Reachable Assertion
CVE-2023-33096
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.19% / 40.89%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 10:48
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reachable Assertion in Multi-Mode Call Processor

Transient DOS while processing DL NAS Transport message, as specified in 3GPP 24.501 v16.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6431qcm8550_firmwarewsa8845_firmwaresd865_5gwsa8832snapdragon_480_5g_mobilesnapdragon_750g_5g_mobile_firmwaresdx57m_firmwaresxr2130_firmwarewcd9370qca8081_firmwaresnapdragon_860_mobile_firmwaresnapdragon_x35_5g_modem-rfar8035_firmwareqca6696snapdragon_778g\+_5g_mobilesnapdragon_x70_modem-rf_firmwarewcd9340_firmwarewcd9341_firmwarewcd9395_firmwareqcn6024sd888_firmwareqcc710_firmwareqca6426snapdragon_8\+_gen_1_mobilewcn6740_firmwarefastconnect_6700snapdragon_780g_5g_mobilesnapdragon_750g_5g_mobilesnapdragon_782g_mobile_firmwarewsa8815_firmwarewsa8832_firmwareqca8337_firmwareqca8337qca6426_firmwarewcd9395sg8275p_firmwareqcm6490_firmwaresnapdragon_690_5g_mobile_firmwaresm7250p_firmwarewcd9341qcm4490_firmwarewcd9390snapdragon_888\+_5g_mobile_firmwarewcn3950wsa8810_firmwarewsa8845h_firmwaresnapdragon_870_5g_mobile_firmwaresnapdragon_778g_5g_mobile_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_7c\+_gen_3_computesnapdragon_690_5g_mobilefastconnect_6800_firmwaresnapdragon_778g\+_5g_mobile_firmwaresnapdragon_870_5g_mobileqcn6024_firmwaresm7250pqca6584auqcn6274_firmwaresd888qcc710snapdragon_xr2_5g_firmwarewcn6740snapdragon_768g_5g_mobilesnapdragon_780g_5g_mobile_firmwaresnapdragon_8_gen_3_mobile_firmwarefastconnect_6800qfw7114_firmware315_5g_iot_modem_firmwarefastconnect_7800_firmwarefastconnect_6900snapdragon_865_5g_mobile_firmwareqep8111qfw7114wcd9385_firmware315_5g_iot_modemqca6421fastconnect_6900_firmwarewcd9380wcd9360snapdragon_xr2_5gsnapdragon_x65_5g_modem-rfqcs4490wsa8845qca6421_firmwaresnapdragon_auto_5g_modem-rf_firmwarewsa8810snapdragon_888_5g_mobile_firmwarevideo_collaboration_vc3_platformqca6595ausnapdragon_888_5g_mobilesnapdragon_4_gen_1_mobile_firmwaresm7315_firmwarewsa8840sd855qcs8550_firmwaresnapdragon_782g_mobilesnapdragon_x35_5g_modem-rf_firmwareqca6431_firmwaresm7315snapdragon_8_gen_2_mobile_firmwaresnapdragon_x55_5g_modem-rfqfw7124_firmwareqca6698aq_firmwareqca6436_firmwaresnapdragon_4_gen_2_mobile_firmwaresnapdragon_888\+_5g_mobilewcd9385snapdragon_8_gen_1_mobilesnapdragon_695_5g_mobile_firmwareqcs4490_firmwaresnapdragon_x55_5g_modem-rf_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewcd9390_firmwaresnapdragon_8_gen_2_mobilesnapdragon_865\+_5g_mobileqep8111_firmwaresg8275psnapdragon_855\+_mobilewcd9370_firmwaresdx55_firmwaresnapdragon_765_5g_mobilesnapdragon_860_mobilesnapdragon_auto_5g_modem-rfqca6574asnapdragon_8\+_gen_2_mobilesxr2130qcm4490qca6174asnapdragon_x65_5g_modem-rf_firmwarewcd9340snapdragon_480\+_5g_mobile_firmwaresnapdragon_auto_5g_modem-rf_gen_2qca6174a_firmwareqcm6490sm7325psm8550p_firmwareqcm8550wcn3988qcs6490_firmwaresnapdragon_765_5g_mobile_firmwareqcn9024qca6584au_firmwaresd855_firmwareqcn6274qca6436qfw7124snapdragon_x70_modem-rfwsa8835qca6595au_firmwareqca6391_firmwarewsa8840_firmwaresnapdragon_855_mobile_firmwareqca6696_firmwareqcn9024_firmwaresdx57mwsa8845hwcd9380_firmwareqca8081wsa8815snapdragon_765g_5g_mobile_firmwarewsa8830sm8550psnapdragon_x75_5g_modem-rfsnapdragon_768g_5g_mobile_firmwarear8035qca6574a_firmwaresdx55snapdragon_4_gen_1_mobilesnapdragon_4_gen_2_mobilesnapdragon_865_5g_mobilesnapdragon_855\+_mobile_firmwarewcd9375_firmwareqca6391qcn6224snapdragon_865\+_5g_mobile_firmwareqca6698aqwcn3950_firmwareqcs8550snapdragon_480\+_5g_mobilefastconnect_6200fastconnect_7800sm7325p_firmwaresd865_5g_firmwarewcd9360_firmwaresnapdragon_480_5g_mobile_firmwaresnapdragon_8\+_gen_2_mobile_firmwarewcd9375snapdragon_765g_5g_mobilewcn3988_firmwarefastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwaresnapdragon_8\+_gen_1_mobile_firmwaresnapdragon_x75_5g_modem-rf_firmwarewsa8835_firmwareqcs6490snapdragon_695_5g_mobilesnapdragon_8_gen_3_mobilesnapdragon_855_mobilesnapdragon_778g_5g_mobilefastconnect_6200_firmwarewsa8830_firmwareqcn6224_firmwaresnapdragon_8_gen_1_mobile_firmwareSnapdragonqca6574a_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_xr2_5g_platform_firmwarewsa8832_firmwareqcs4490_firmwareqep8111_firmwareqca6431_firmwaresnapdragon_x35_5g_modem-rf_system_firmwaresdx57m_firmwareqca6696_firmwaresd888_firmwareqcn9024_firmwarewsa8835_firmwaresd855_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresnapdragon_8_gen_3_mobile_platform_firmwareqca8337_firmwaresm7325p_firmwarewcn3988_firmwarefastconnect_6700_firmwareqca6595au_firmwaresnapdragon_855_mobile_platform_firmwarewcd9390_firmwareqcm6490_firmwaresm8550p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqcs6490_firmwarefastconnect_6200_firmwarewcd9395_firmwareqcn6224_firmwaresnapdragon_888_5g_mobile_platform_firmwarewcd9375_firmwareqca6174a_firmwaresm7250p_firmwareqfw7124_firmwareqca6391_firmwaresm7315_firmwareqca6698aq_firmwaresnapdragon_x70_modem-rf_system_firmwareqca8081_firmwarefastconnect_6900_firmwarewcd9385_firmwarewcd9370_firmwarewsa8840_firmwaresxr2130_firmwarewcd9380_firmwareqca6584au_firmwaresnapdragon_8_gen_1_mobile_platform_firmwarewsa8810_firmwarefastconnect_7800_firmwarewcd9341_firmwarewsa8845h_firmwareqfw7114_firmwaresnapdragon_865_5g_mobile_platform_firmwareqcm8550_firmwarewsa8830_firmwarewcd9360_firmwaresg8275p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcn6024_firmwareqca6436_firmwareqcn6274_firmwareqcm4490_firmwarequalcomm_video_collaboration_vc3_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwarewcn3950_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaresnapdragon_778g_5g_mobile_platform_firmwaresnapdragon_x55_5g_modem-rf_system_firmwarewsa8815_firmwaresnapdragon_8_gen_2_mobile_platform_firmwaresnapdragon_690_5g_mobile_platform_firmwarewcd9340_firmwarear8035_firmwaresnapdragon_695_5g_mobile_platform_firmware315_5g_iot_modem_firmwarefastconnect_6800_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewsa8845_firmwaresd865_5g_firmwaresnapdragon_750g_5g_mobile_platform_firmwareqca6426_firmwareqcc710_firmwaresdx55_firmwaresnapdragon_auto_5g_modem-rf_firmwareqca6421_firmwarewcn6740_firmwareqcs8550_firmware
CWE ID-CWE-617
Reachable Assertion
CVE-2023-32843
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-7.5||HIGH
EPSS-1.19% / 77.98%
||
7 Day CHG~0.00%
Published-04 Dec, 2023 | 03:46
Updated-29 May, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130204; Issue ID: MOLY01130204 (MSV-849).

Action-Not Available
Vendor-MediaTek Inc.
Product-mt6813mt6895tmt6893mt2737mt6980dmt6815mt6897mt6875tnr15mt6879mt6880mt6886mt2735mt6890mt6853mt6889mt6895mt6989mt6297mt6990nr16mt6855mt6873mt6298mt6980mt6833mt6985mt6885mt6835mt6875mt6896mt6983nr17mt6877mt6883mt6891MT2735, MT2737, MT6297, MT6298, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6989, MT6990
CWE ID-CWE-617
Reachable Assertion
CVE-2023-32846
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-7.5||HIGH
EPSS-4.20% / 88.28%
||
7 Day CHG~0.00%
Published-04 Dec, 2023 | 03:46
Updated-02 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01138453 (MSV-861).

Action-Not Available
Vendor-MediaTek Inc.
Product-mt6896mt6855mt6990nr17mt6873mt6893mt2735mt6886mt6983mt6891mt6298nr16mt6883mt6980dmt6297mt6813mt6835mt6880mt6875mt6889mt2737mt6985mt6890mt6833mt6885mt6989mt6877nr15mt6853mt6980mt6875tmt6895mt6897mt6815mt6895tmt6879MT2735, MT2737, MT6297, MT6298, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6989, MT6990
CWE ID-CWE-617
Reachable Assertion
CVE-2023-32845
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-7.5||HIGH
EPSS-2.17% / 83.64%
||
7 Day CHG~0.00%
Published-04 Dec, 2023 | 03:46
Updated-28 Aug, 2024 | 19:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01139296 (MSV-860).

Action-Not Available
Vendor-MediaTek Inc.
Product-mt6896mt6855mt6990nr17mt6873mt6893mt2735mt6886mt6983mt6891mt6298nr16mt6883mt6980dmt6297mt6813mt6835mt6880mt6875mt6889mt2737mt6985mt6890mt6833mt6885mt6989mt6877nr15mt6853mt6980mt6875tmt6895mt6897mt6815mt6895tmt6879MT2735, MT2737, MT6297, MT6298, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6989, MT6990mt6896mt6855mt6990mt6873mt6893mt2735mt6886mt6983mt6891mt6883mt6298mt6980dmt6297mt6813mt6835mt6880mt6875mt6889mt2737mt6985mt6890mt6833mt6885mt6989mt6877mt6853mt6980mt6875tmt6895mt6897mt6815mt6895tmt6879
CWE ID-CWE-617
Reachable Assertion
CVE-2023-32844
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-7.5||HIGH
EPSS-4.20% / 88.28%
||
7 Day CHG~0.00%
Published-04 Dec, 2023 | 03:46
Updated-02 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01130183 (MSV-850).

Action-Not Available
Vendor-MediaTek Inc.
Product-mt6896mt6855mt6990nr17mt6873mt6893mt2735mt6886mt6983mt6891mt6298nr16mt6883mt6980dmt6297mt6813mt6835mt6880mt6875mt6889mt2737mt6985mt6890mt6833mt6885mt6989mt6877nr15mt6853mt6980mt6875tmt6895mt6897mt6815mt6895tmt6879MT2735, MT2737, MT6297, MT6298, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6989, MT6990
CWE ID-CWE-617
Reachable Assertion
CVE-2023-33043
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.19% / 40.69%
||
7 Day CHG~0.00%
Published-05 Dec, 2023 | 03:04
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reachable Assertion in Modem

Transient DOS in Modem when a Beam switch request is made with a non-configured BWP.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm8550_firmwarewsa8845_firmwaresm7315_firmwarewsa8832wsa8840wcn3991_firmwaresdx57m_firmwareqcs8550_firmwarewcd9370qca8081_firmwaresm7315ar8035_firmwaresm8475wsa8830_firmwarewcd9385wcd9395_firmwareqcn6024qcs4490_firmwaresd888_firmwaresnapdragon_8_gen_2_mobile_platformsnapdragon_7c\+_gen_3_compute_firmwarewcn6740_firmwarewcd9390_firmwarewcn6750sm7325-af_firmwarewsa8815_firmwaresm7325-ae_firmwarewsa8832_firmwarewcn6750_firmwareqca8337_firmwarewcd9370_firmwareqca8337snapdragon_x70_modem-rf_system_firmwarewcd9395qcm6490_firmwaresm7325-aeqcm4490wcn785x-5sm8350-ac_firmwaresm4350qcm4490_firmwarewcd9390sm7325pwcn785x-5_firmwarewcn3950qcm6490wsa8810_firmwarewsa8845h_firmwarewcn3998sm8550p_firmwarewcn3998_firmwareqcm8550wcn3988qcs6490_firmwaresm8450snapdragon_x65_5g_modem-rf_systemqcn9024snapdragon_x65_5g_modem-rf_system_firmwaresm7325-afsnapdragon_7c\+_gen_3_computewsa8835wsa8840_firmwaresm4350_firmwaresm7350-ab_firmwareqca6391_firmwarewcn3991sm6375_firmwaresdx57mqcn9024_firmwareqcn6024_firmwarewsa8845hwcd9380_firmwaresnapdragon_4_gen_2_mobile_platform_firmwarewcn685x-1_firmwareqca8081wsa8815sm4375sm8350wsa8830sm8550psm4375_firmwaresd888snapdragon_4_gen_2_mobile_platformwcn785x-1_firmwaresm6375ar8035wcn685x-5wcn6740wcd9375_firmwaresm8450_firmwareqca6391snapdragon_x70_modem-rf_systemwcn785x-1sm8475_firmwarewcn3950_firmwarewcd9385_firmwaresnapdragon_8_gen_2_mobile_platform_firmwarewcd9380qcs8550wcn685x-1sm7325p_firmwareqcs4490wcd9375wcn685x-5_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwarewsa8845wcn3988_firmwaresm7350-abvideo_collaboration_vc3_platform_firmwaresm4350-ac_firmwarewsa8835_firmwaresm8350_firmwarewsa8810qcs6490snapdragon_8\+_gen_2_mobile_platformsm4350-acsm8350-acvideo_collaboration_vc3_platformSnapdragon
CWE ID-CWE-617
Reachable Assertion
CVE-2023-32842
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-7.5||HIGH
EPSS-4.20% / 88.28%
||
7 Day CHG~0.00%
Published-04 Dec, 2023 | 03:46
Updated-02 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130256; Issue ID: MOLY01130256 (MSV-848).

Action-Not Available
Vendor-MediaTek Inc.
Product-mt6896mt6855mt6990nr17mt6873mt6893mt2735mt6886mt6983mt6891mt6298nr16mt6883mt6980dmt6297mt6813mt6835mt6880mt6875mt6889mt2737mt6985mt6890mt6833mt6885mt6989mt6877nr15mt6853mt6980mt6875tmt6895mt6897mt6815mt6895tmt6879MT2735, MT2737, MT6297, MT6298, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6989, MT6990
CWE ID-CWE-617
Reachable Assertion
CVE-2023-33095
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.19% / 40.89%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 10:48
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reachable Assertion in Multi-Mode Call Processor

Transient DOS while processing multiple payload container type with incorrect container length received in DL NAS transport OTA in NR.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6431qcm8550_firmwarewsa8845_firmwaresd865_5gwsa8832snapdragon_480_5g_mobilesnapdragon_750g_5g_mobile_firmwaresdx57m_firmwaresxr2130_firmwarewcd9370qca8081_firmwaresnapdragon_860_mobile_firmwaresnapdragon_x35_5g_modem-rfar8035_firmwareqca6696snapdragon_778g\+_5g_mobilesnapdragon_x70_modem-rf_firmwarewcd9340_firmwarewcd9341_firmwarewcd9395_firmwareqcn6024sd888_firmwareqcc710_firmwareqca6426snapdragon_8\+_gen_1_mobilewcn6740_firmwarefastconnect_6700snapdragon_780g_5g_mobilesnapdragon_750g_5g_mobilesnapdragon_782g_mobile_firmwarewsa8815_firmwarewsa8832_firmwareqca8337_firmwareqca8337qca6426_firmwarewcd9395sg8275p_firmwareqcm6490_firmwaresnapdragon_690_5g_mobile_firmwaresm7250p_firmwarewcd9341qcm4490_firmwarewcd9390snapdragon_888\+_5g_mobile_firmwarewcn3950wsa8810_firmwarewsa8845h_firmwaresnapdragon_870_5g_mobile_firmwaresnapdragon_778g_5g_mobile_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_7c\+_gen_3_computesnapdragon_690_5g_mobilefastconnect_6800_firmwaresnapdragon_778g\+_5g_mobile_firmwaresnapdragon_870_5g_mobileqcn6024_firmwaresm7250pqca6584auqcn6274_firmwaresd888qcc710snapdragon_xr2_5g_firmwarewcn6740snapdragon_768g_5g_mobilesnapdragon_780g_5g_mobile_firmwaresnapdragon_8_gen_3_mobile_firmwarefastconnect_6800qfw7114_firmware315_5g_iot_modem_firmwarefastconnect_7800_firmwarefastconnect_6900snapdragon_865_5g_mobile_firmwareqep8111qfw7114wcd9385_firmware315_5g_iot_modemqca6421fastconnect_6900_firmwarewcd9380wcd9360snapdragon_xr2_5gsnapdragon_x65_5g_modem-rfqcs4490wsa8845qca6421_firmwaresnapdragon_auto_5g_modem-rf_firmwarewsa8810snapdragon_888_5g_mobile_firmwarevideo_collaboration_vc3_platformqca6595ausnapdragon_888_5g_mobilesnapdragon_4_gen_1_mobile_firmwaresm7315_firmwarewsa8840sd855qcs8550_firmwaresnapdragon_782g_mobilesnapdragon_x35_5g_modem-rf_firmwareqca6431_firmwaresm7315snapdragon_8_gen_2_mobile_firmwaresnapdragon_x55_5g_modem-rfqfw7124_firmwareqca6698aq_firmwareqca6436_firmwaresnapdragon_4_gen_2_mobile_firmwaresnapdragon_888\+_5g_mobilewcd9385snapdragon_8_gen_1_mobilesnapdragon_695_5g_mobile_firmwareqcs4490_firmwaresnapdragon_x55_5g_modem-rf_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewcd9390_firmwaresnapdragon_8_gen_2_mobilesnapdragon_865\+_5g_mobileqep8111_firmwaresg8275psnapdragon_855\+_mobilewcd9370_firmwaresdx55_firmwaresnapdragon_765_5g_mobilesnapdragon_860_mobilesnapdragon_auto_5g_modem-rfqca6574asnapdragon_8\+_gen_2_mobilesxr2130qcm4490qca6174asnapdragon_x65_5g_modem-rf_firmwarewcd9340snapdragon_480\+_5g_mobile_firmwaresnapdragon_auto_5g_modem-rf_gen_2qca6174a_firmwareqcm6490sm7325psm8550p_firmwareqcm8550wcn3988qcs6490_firmwaresnapdragon_765_5g_mobile_firmwareqcn9024qca6584au_firmwaresd855_firmwareqcn6274qca6436qfw7124snapdragon_x70_modem-rfwsa8835qca6595au_firmwareqca6391_firmwarewsa8840_firmwaresnapdragon_855_mobile_firmwareqca6696_firmwareqcn9024_firmwaresdx57mwsa8845hwcd9380_firmwareqca8081wsa8815snapdragon_765g_5g_mobile_firmwarewsa8830sm8550psnapdragon_x75_5g_modem-rfsnapdragon_768g_5g_mobile_firmwarear8035qca6574a_firmwaresdx55snapdragon_4_gen_1_mobilesnapdragon_4_gen_2_mobilesnapdragon_865_5g_mobilesnapdragon_855\+_mobile_firmwarewcd9375_firmwareqca6391qcn6224snapdragon_865\+_5g_mobile_firmwareqca6698aqwcn3950_firmwareqcs8550snapdragon_480\+_5g_mobilefastconnect_6200fastconnect_7800sm7325p_firmwaresd865_5g_firmwarewcd9360_firmwaresnapdragon_480_5g_mobile_firmwaresnapdragon_8\+_gen_2_mobile_firmwarewcd9375snapdragon_765g_5g_mobilewcn3988_firmwarefastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwaresnapdragon_8\+_gen_1_mobile_firmwaresnapdragon_x75_5g_modem-rf_firmwarewsa8835_firmwareqcs6490snapdragon_695_5g_mobilesnapdragon_8_gen_3_mobilesnapdragon_855_mobilesnapdragon_778g_5g_mobilefastconnect_6200_firmwarewsa8830_firmwareqcn6224_firmwaresnapdragon_8_gen_1_mobile_firmwareSnapdragonqca6574a_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_xr2_5g_platform_firmwarewsa8832_firmwareqcs4490_firmwareqep8111_firmwareqca6431_firmwaresnapdragon_x35_5g_modem-rf_system_firmwaresdx57m_firmwareqca6696_firmwaresd888_firmwareqcn9024_firmwarewsa8835_firmwaresd855_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresnapdragon_8_gen_3_mobile_platform_firmwareqca8337_firmwaresm7325p_firmwarewcn3988_firmwarefastconnect_6700_firmwareqca6595au_firmwaresnapdragon_855_mobile_platform_firmwarewcd9390_firmwareqcm6490_firmwaresm8550p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqcs6490_firmwarefastconnect_6200_firmwarewcd9395_firmwareqcn6224_firmwaresnapdragon_888_5g_mobile_platform_firmwarewcd9375_firmwareqca6174a_firmwaresm7250p_firmwareqfw7124_firmwareqca6391_firmwaresm7315_firmwareqca6698aq_firmwaresnapdragon_x70_modem-rf_system_firmwareqca8081_firmwarefastconnect_6900_firmwarewcd9385_firmwarewcd9370_firmwarewsa8840_firmwaresxr2130_firmwarewcd9380_firmwareqca6584au_firmwaresnapdragon_8_gen_1_mobile_platform_firmwarewsa8810_firmwarefastconnect_7800_firmwarewcd9341_firmwarewsa8845h_firmwareqfw7114_firmwaresnapdragon_865_5g_mobile_platform_firmwareqcm8550_firmwarewsa8830_firmwarewcd9360_firmwaresg8275p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcn6024_firmwareqca6436_firmwareqcn6274_firmwareqcm4490_firmwarequalcomm_video_collaboration_vc3_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwarewcn3950_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaresnapdragon_778g_5g_mobile_platform_firmwaresnapdragon_x55_5g_modem-rf_system_firmwarewsa8815_firmwaresnapdragon_8_gen_2_mobile_platform_firmwaresnapdragon_690_5g_mobile_platform_firmwarewcd9340_firmwarear8035_firmwaresnapdragon_695_5g_mobile_platform_firmware315_5g_iot_modem_firmwarefastconnect_6800_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewsa8845_firmwaresd865_5g_firmwaresnapdragon_750g_5g_mobile_platform_firmwareqca6426_firmwareqcc710_firmwaresdx55_firmwaresnapdragon_auto_5g_modem-rf_firmwareqca6421_firmwarewcn6740_firmwareqcs8550_firmware
CWE ID-CWE-617
Reachable Assertion
CVE-2023-33041
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.15% / 35.93%
||
7 Day CHG~0.00%
Published-05 Dec, 2023 | 03:04
Updated-02 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reachable assertion in WLAN Firmware

Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn5024_firmwareqam8255p_firmwarewsa8830qcn9070sxr2230p_firmwareqca8337qam8650pqfw7124ipq8173_firmwarewcn785x-5qam8775pqcf8001flight_rb5_5g_platformflight_rb5_5g_platform_firmwareqcn6224_firmwareqcn5124qca4024_firmwareqca8082qcn9072qca8386wsa8840immersive_home_318_platform_firmwareipq8078aipq5028_firmwareqca6595au_firmwareipq6000ssg2115pqcn5152_firmwareqca0000_firmwareqca6584au_firmwarewcn685x-1qrb5165n_firmwareqcn9000_firmwaresnapdragon_8_gen_2_mobile_platformipq9554qca6554a_firmwarewcd9385_firmwareimmersive_home_216_platformipq8076aimmersive_home_316_platformimmersive_home_316_platform_firmwareqca8386_firmwareqcn6024_firmwareqca8084_firmwareimmersive_home_318_platformipq8074aqcn5124_firmwareqcn9011_firmwareqca8082_firmwareqca6574au_firmwareqcn5122_firmwareqcn5164_firmwaresdx55_firmwareqca6595auqca8081_firmwareqcn6023_firmwareqfw7114wsa8832_firmwarewsa8845h_firmwareqrb5165nipq5010qca6564au_firmwareqca6584auipq8070_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareipq8078a_firmwareqcn9274ipq8174qrb5165m_firmwareipq5028qrb5165_firmwareqca6698aqqcn5052wsa8840_firmwareqca0000qcf8001_firmwareipq6010sc8380xp_firmwareqcn6112_firmwareqcn9074qca8085sdx65mwcd9340qcn6132qcn6224qcn9013wsa8845hsnapdragon_ar2_gen_1_platform_firmwaresnapdragon_x75_5g_modem-rf_systemwcd9395_firmwareqca8081qcf8000qca6698aq_firmwareipq8071aqcn6023sdx65m_firmwareipq8071a_firmwarewcn685x-1_firmwareimmersive_home_3210_platformqca8085_firmwareqam8775p_firmwareqca9888_firmwareqcn6122wcd9385qca6696_firmwareipq9008_firmwareipq9570qcn5154_firmwareqca6797aqar8035csr8811wcd9390qcc710_firmwareqcn9100_firmwarewsa8830_firmwareipq5010_firmwareipq8074a_firmwarewsa8835_firmwareqcn5022_firmwareimmersive_home_216_platform_firmwaresnapdragon_8_gen_2_mobile_platform_firmwarewcn785x-1qca8072qca8337_firmwarewcd9380_firmwaressg2125pqcn9000ipq8072aqcf8000_firmwareqca6554aipq8076a_firmwareqca6595ipq8078qca6564auqca8084ipq8173qcm8550ipq9008qcn9012qcn5164immersive_home_326_platform_firmwareqcn6122_firmwareqca6574sxr1230p_firmwarewsa8835snapdragon_8\+_gen_2_mobile_platform_firmwarecsr8811_firmwareqcn6274wcd9380ipq9554_firmwareqcn5054_firmwareqcn5154qca8075_firmwaressg2125p_firmwareqca6574aqcn5024wcn685x-5_firmwareqca9889qcn6132_firmwaresxr1230pqca9888qca8072_firmwareqcn9012_firmwareqcn5052_firmwareqcn9274_firmwareqcc2076_firmwareipq8070a_firmwareqfw7114_firmwarewcn3980wsa8845qcc2073_firmwareipq6018_firmwareipq8076_firmwareqca6574_firmwarewcd9340_firmwarepmp8074_firmwareqcn6112ipq8076sxr2230pwsa8845_firmwareqca6574a_firmwareqcn5021ipq6028qcn5152qcn9024pmp8074qrb5165mipq9574_firmwarewcn785x-5_firmwaresc8380xpwcn3980_firmwareimmersive_home_3210_platform_firmwareqca6391qcn9100qcn6274_firmwaresnapdragon_x65_5g_modem-rf_systemipq8078_firmwareipq9570_firmwareqcn5054qcn9070_firmwareqrb5165snapdragon_x75_5g_modem-rf_system_firmwarewcn685x-5ipq8070ipq6028_firmwareipq8072a_firmwareqcn9011qca6797aq_firmwarewcn785x-1_firmwareqca6574auqca9889_firmwareipq9574qcn5122qcn9024_firmwareipq8174_firmwaresnapdragon_8\+_gen_2_mobile_platformwsa8832ipq5332_firmwareipq5332sm8550pimmersive_home_326_platformsnapdragon_ar2_gen_1_platformipq6018qcn5022qcn9013_firmwareqam8650p_firmwareqcc710ipq6010_firmwareimmersive_home_214_platformqca6595_firmwarewcd9395qca6696qca6391_firmwareimmersive_home_214_platform_firmwareqca4024sm8550p_firmwaresdx55qca8075qcn5021_firmwareqcn9022_firmwareqcn6024qcn9022qcc2076wcd9390_firmwareipq8070aqcn9072_firmwareipq6000_firmwaressg2115p_firmwareqcn9074_firmwareqfw7124_firmwareqam8255pqcc2073ar8035_firmwareSnapdragon
CWE ID-CWE-617
Reachable Assertion
CVE-2020-11280
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.24% / 47.69%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 06:26
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service while processing fine timing measurement request (FTMR) frame with reserved bits set in the FTM parameter IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qpm5679_firmwaresm6250p_firmwareipq4028_firmwareqca8337ar9380ipq8173_firmwareqfs2608_firmwareqfs2530qpm8870_firmwareqln1030qpa8688pm6125qcn5124qat5522_firmwarewcn3950_firmwarepm8150aqdm5670qca6595au_firmwareqpm5541_firmwareqpa5581_firmwaresa6155pm7150lqpa8821pm8998_firmwarewtr5975_firmwareqcs6125_firmwarepm456_firmwareqpa5580_firmwaresa415mwcn3998wcd9371_firmwarewcn3950qcn6024_firmwaresd720gsm4125qsw8573_firmwareqsm8350_firmwareqsw8574_firmwareqsm8350sd460_firmwaresmb2351_firmwaresd6905gqpa4360_firmwareqca8081_firmwarewcn3998_firmwarepm855pqca6420pm6150aqca9986qpm6670_firmwareipq8070_firmwareipq8065ipq8078a_firmwarepm660_firmwarepm8150bipq8072_firmwaresa8155_firmwareipq8068qca6430qat3522pmr735awcd9340sdm830_firmwaresd765gsdr660qfs2630_firmwaresdr865qdm5620_firmwareqca9888_firmwaresmr545qca6696_firmwareqln5020wcd9371qca1062qcn5154_firmwarepmm855au_firmwaresm4350_firmwareqcn5501_firmwaresa8150ppm6350qdm5621ar7420_firmwareqtc800sqat3514_firmwareqca9992_firmwaresd660sd712pm640p_firmwaresd660_firmwareqcn5121qcn5022_firmwareqcn7606_firmwareqat5516_firmwarepm6150lwcn6750_firmwaresd8885gpm855l_firmwareqca6428_firmwareqca9985_firmwareqtc410sipq4018_firmwarewcn3991qca9980_firmwareqpa8801ipq8078pm8150l_firmwareipq8173qat5533_firmwaresdx55m_firmwaresdxr25gqpa8673_firmwarepm6150smb1354_firmwaresd670_firmwareqca6574qfs2630qpa8842csr8811_firmwaresdr052_firmwarewcd9380qln4640qcs410qpm5579_firmwaresmb1380_firmwarepmk8350_firmwareqcn5024pm855p_firmwaresmb1381pm7250qpa8803qca9985qcn9012_firmwaresdxr25g_firmwareqdm2301ipq6018_firmwarewcd9340_firmwarewsa8815wcn6850pmp8074_firmwareqdm5621_firmwareqdm2301_firmwareqpm6375ipq6028ipq8064pmp8074wcn3980_firmwaresd730pm660l_firmwarepm6250_firmwarepm8008pm8350b_firmwareqtm525_firmwarepme605_firmwareqcn5064_firmwarepme605ipq8078_firmwareqpm5621_firmwareqcn5054qln1021aq_firmwareqcs603qca9896rsw8577qpa6560_firmwareqca9994qpa8802_firmwareqln4640_firmwareqca9980qpm5621qcn9024_firmwareipq8174_firmwarepm8009_firmwareqpm6582qfs2580_firmwaresd670qcm4290_firmwarewcn6855qcn7605_firmwarepm8150lpmi8998_firmwareqcs610_firmwaresa6145ppm660a_firmwarepm4250qca9886_firmwarear8031qpm5577wtr2965qca6391_firmwarepm8150qca4024wcd9370_firmwareqat3516_firmwaresdx55qcn5021_firmwarecsra6640qat3555_firmwareqpa8803_firmwarepm855bsmb2351qln1031qcn7606qpm5870qcn5500wsa8830pm660qca9561qet6110_firmwareqca1062_firmwareqpm6325pm6125_firmwareqbt1500qpa5581csrb31024qca9563_firmwarepmx24_firmwareqbt1500_firmwareqpm5870_firmwareqca9992qcs4290pmm855auqet6100qca6420_firmwaresmb1396pm7150asd675_firmwareipq8072pm8350qpa5461_firmwareqpa4361_firmwarepm8350c_firmwareqca6426wcn3990_firmwareqca9984_firmwareqpm5641wcd9385_firmwareqdm5650_firmwareqpa4340_firmwarewcd9326_firmwarewhs9410pm7250_firmwaresdr845_firmwareqdm5620qln1021aqipq8074asmb1380qca9982pmk8002_firmwareqsw6310_firmwaresa8155qln1031_firmwareqdm4650_firmwareqcn5122_firmwarepmm6155au_firmwareqat5533sdx55_firmwareqcn6023_firmwaresm7250p_firmwareqsm7250_firmwareqpm6670pm7150l_firmwareqca6584auqpm4641qat5515_firmwareipq8174pm855qpm8830_firmwarepm8250qcn5052qdm4643qfs2530_firmwaresa415m_firmwarepmx55qpm4641_firmwareqcn9074wcn3988_firmwarepm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresa8195psdr735_firmwareqpm5677qat5515qca6694qca7550qat3514wcd9326wcd9335qca9982_firmwarepm6350_firmwareqcn6023pm8004_firmwaresdr8150_firmwareqcs4290_firmwareqtc800h_firmwareqpm5620qpm4630qca6390qca9898_firmwaresd750g_firmwareaqt1000wcd9375sm6250_firmwarepmm8195auqln4642qpm5677_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwaresmr525_firmwarepm8998wtr3925_firmwareqpm8820_firmwareqln1020_firmwareqpm6621_firmwarepm670a_firmwareqcm6125_firmwareqca9882pmx55_firmwareqca6595pm8150_firmwaresmb1398_firmwareqpm8830qat5522qca9896_firmwareipq8065_firmwarepm8150cpmr735bsd665_firmwareqpa4360pmk8003_firmwareqcn5154qca8075_firmwareqpa4361ipq6005_firmwareqpm4640_firmwareqpm5577_firmwarewcn6855_firmwareqdm5679_firmwarepm8350csmr525qca9888qca6310_firmwareipq8070a_firmwarepm6150l_firmwarepmr525pm8150a_firmwareqca6574_firmwareqca9886qcn5502_firmwareqln1036aq_firmwaresd665pm6150a_firmwarepm6150_firmwareqca6175asd765qca6574a_firmwareqpm4630_firmwareqat3555sd850_firmwareqpa5461sd8c_firmwarewtr2965_firmwarepm670_firmwarecsrb31024_firmwareqfs2608qcn9070_firmwareqln1036aqqtc801sipq6028_firmwareipq8072a_firmwareqca9531qpm5641_firmwareqca9889_firmwaresd710qcn5122pm8008_firmwareqpm6621pmr735a_firmwarepmx50qcn5022sdr8250sd768gqca1064_firmwareqln1030_firmwarepm8004pm640lpmk8002qca8075qcn6024qcn9022sd845sdm830ipq6000_firmwareqcs410_firmwareqca6175a_firmwareqpa5580qpm5579sa6150p_firmwareqcs610qcn5550qpm5620_firmwareqdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqca9561_firmwareqat3519qbt2000_firmwareqca4024_firmwarepm855a_firmwareipq8078aqtc800hsa8150p_firmwareqcs2290sdr8250_firmwareqca6335qcn5064csra6620_firmwareqcs605_firmwareqln1020smr546_firmwareqdm5671csra6640_firmwarepmc1000hqpm4650_firmwareqat3518qca9987_firmwaresd8csdr425_firmwaresmr526_firmwareipq8076aqpa5460pm640a_firmwarewgr7640_firmwareqdm2305_firmwareqpm5670_firmwaresd710_firmwareqca6428qdm5652qca6574au_firmwareqcn5164_firmwareipq8071qpm8870wcd9375_firmwareqpm5679qbt2000sa6155_firmwarewcd9360qca6438_firmwarepmx50_firmwareqpa8675_firmwarewhs9410_firmwaresdr735gqpa5460_firmwarewcn3999qdm3301_firmwareqca7500qsm7250ipq4029_firmwareqcs6125ipq6010sd662_firmwareqcs405rsw8577_firmwareqdm2308_firmwareqca6436wcn6851qcn3018_firmwaresa6155pqcs603_firmwareqpa6560sdr675_firmwarewcd9341ipq8068_firmwareqdm4643_firmwareqca6431qet4100_firmwaresd750gqca9988_firmwarewcn3910_firmwareqpm5657qpm5875_firmwarewsa8830_firmwaresd855_firmwareqdm5650wcn3988qca6438wtr3925sdr052sa8195p_firmwaresmb1390qca9898ipq4028qet4100qpa8686_firmwareipq5018_firmwareqpm6585qca8337_firmwarewcd9380_firmwaresmb1355ipq8072aqca7500_firmwareqln4650sdr735g_firmwarewgr7640ipq8076a_firmwareqat5568qca7550_firmwareqdm5671_firmwareqca6564auqet5100qpa8801_firmwareqtm527_firmwarewcn6856_firmwarepm8005_firmwareqcn5164qca9558qet4101_firmwarepm7250bqln4642_firmwareqca7520_firmwaresmb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwareqcn5054_firmwareqet4200aq_firmwareipq4019_firmwaresdx50m_firmwaresdr735smb1395pm660lsmr526qca8072_firmwarewtr5975qca6430_firmwarepmk8003qcn5052_firmwareqtc801s_firmwareqat3522_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqsw8573qcs605sd7cwcn3910qca6320qca9986_firmwareqca6426_firmwarepm8350_firmwareqca9984qcn9024pm8009qpa8675qcn5550_firmwaresdr051_firmwaresdx55mipq8064_firmwarepm670aqca6421_firmwareqat3518_firmwareqsw8574pmi8998sd6905g_firmwarear8031_firmwarepm855lwcn6851_firmwareqdm5670_firmwareipq8070sd8655gqcn5502pm7150a_firmwarepm8150b_firmwareqca9887_firmwaresmr545_firmwarepmc1000h_firmwareqca6564a_firmwareqdm2310_firmwarepm4250_firmwareqca9880qcn5121_firmwaresd8885g_firmwarepm670qdm5677pm8005ipq6018pm855_firmwareqcn3018qdm2302pmm6155ausdxr1pm855b_firmwareqca6595_firmwareqcs405_firmwareqpm6582_firmwareqpm6375_firmwarepm640l_firmwareqln4650_firmwareqpm5875qet5100msa8155psd675qet4101qca9531_firmwareqat3516pm670lqpm5658ar8035_firmwareqcm2290qpm5658_firmwareqcn5024_firmwarewcn3991_firmwareqdm5652_firmwarepmm8155au_firmwaresdr051qcn9070qln5030qca7520pm4125qcs2290_firmwarepmi632qpa2625_firmwarepm456sd7c_firmwarepm8350bh_firmwarecsra6620pmr735b_firmwareqet5100_firmwareqca9987qpm4621qcn9072qca9880_firmwareqet6100_firmwarepm670l_firmwaresdr660gsd765g_firmwareqpa8686ipq8069_firmwareqca6390_firmwareipq6000sd730_firmwarewcd9370qcn5152_firmwaresdr425pmr525_firmwareqca6584au_firmwareqcn9000_firmwareipq5018pmi632_firmwareqcn7605qpm5541qat5516qca9563sd662qpa8821_firmwareqcn5124_firmwaresdr660g_firmwarepm8350bhqca1064pm3003aqca6320_firmwareqca6595auwcn3999_firmwareqca6436_firmwaresmb1354ipq5010qca6564au_firmwareqdm2305sa6155p_firmwareqca6310qpm8820qpm2630qln5020_firmwaresa515m_firmwareqca9990smb1398qcn5501sa6145p_firmwaresdr675sm6250sd712_firmwarewsa8810_firmwaresd765_firmwareqdm5677_firmwareqca8081qet4200aqipq8071aqca6174a_firmwareipq8071a_firmwarewcd9385qpm6325_firmwareqdm2302_firmwareqat3550_firmwarepmm8155auqln5040_firmwarepm4125_firmwarear8035csr8811qpa8673ipq4019qca6694_firmwareqdm2310qln5030_firmwareqcn9100_firmwaresmb1396_firmwarewcn6850_firmwarewsa8835_firmwareqca6564asmr546pmx24qca9988qet6110qln5040qca8072qcm2290_firmwareqpm8895sdr845qpm5670wcn3990qcn9000qtm527ar9380_firmwarepmk8350qcn9012qca9558_firmwarepm8350bqdm2307_firmwarewsa8835qpm5657_firmwaresm6250ppm855asdr660_firmwareipq4018qca6574asmb1390_firmwareqca9889qca6174aipq8074qca9994_firmwareqpm4640wcn6750qet5100m_firmwareipq8076_firmwareqpm4650qtm525sa515mar7420wtr6955sd855sm4125_firmwaresd8cxipq8076wtr6955_firmwareqca9887pm640pqcn5021ipq8069qcn5152sd768g_firmwaresdr865_firmwarepm8250_firmwaresd460qca6391sd8cx_firmwaresdxr1_firmwaresmb1351ipq6005aqt1000_firmwareqcn9100qpm8895_firmwarepm660aqpa4340qcm4290sdx50mpm640aqca9882_firmwaresdr8150smb1395_firmwareqdm4650pmd9655ipq8074_firmwareqca6574ausa8155p_firmwareqsw6310sd8655g_firmwarewcd9341_firmwareqcm6125wsa8810qtc410s_firmwareqpm2630_firmwareqcn5500_firmwareqat5568_firmwareqdm2308qat3550wcn6856qdm5679ipq6010_firmwarepm3003a_firmwareqca6696qtc800s_firmwaresm4350sd845_firmwaresmb1381_firmwareqpa2625sa6150pqcn9022_firmwareqpa8688_firmwareqca9990_firmwareipq8070apmm8195au_firmwareqcn9072_firmwaresm7250psd720g_firmwareipq8071_firmwareqcn9074_firmwareqpm4621_firmwareipq4029sd850pm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-617
Reachable Assertion
CVE-2021-36691
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.30% / 53.06%
||
7 Day CHG~0.00%
Published-30 Aug, 2021 | 19:53
Updated-04 Aug, 2024 | 01:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libjxl v0.5.0 is affected by a Assertion failed issue in lib/jxl/image.cc jxl::PlaneBase::PlaneBase(). When encoding a malicous GIF file using cjxl, an attacker can trigger a denial of service.

Action-Not Available
Vendor-libjxl_projectn/a
Product-libjxln/a
CWE ID-CWE-617
Reachable Assertion
CVE-2023-32820
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-7.5||HIGH
EPSS-0.44% / 62.25%
||
7 Day CHG~0.00%
Published-02 Oct, 2023 | 02:05
Updated-23 Sep, 2024 | 16:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan firmware, there is a possible firmware assertion due to improper input handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07932637; Issue ID: ALPS07932637.

Action-Not Available
Vendor-Linux Kernel Organization, IncGoogle LLCMediaTek Inc.The Linux Foundation
Product-mt6855mt6873mt6893mt8675mt6886mt6983mt7902mt8666mt7663mt6891mt6883mt5221mt6853tmt7921mt8768mt8789mt6875mt8797mt6889mt8781mt8766mt8786mt6985mt8695mt6833mt6885mt8673yoctomt6877mt6781mt8365mt6853mt8518smt6895linux_kernelmt8168mt8798androidiot_yoctomt8791mt7668mt8532mt6879MT5221, MT6781, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT7663, MT7668, MT7902, MT7921, MT8168, MT8365, MT8518S, MT8532, MT8666, MT8673, MT8675, MT8695, MT8766, MT8768, MT8781, MT8786, MT8789, MT8791, MT8797, MT8798mt6855mt6873mt6893mt8675mt6886mt6983mt7902mt8666mt7663mt6891mt6883mt5221mt6853tmt7921mt8768mt8789mt6875mt8797mt6889mt8781mt8766mt8786mt6985mt8695mt6833mt6885mt8673mt6877mt6781mt8365mt6853mt8518smt6895mt8168mt8798androidmt8791mt7668mt8532mt6879
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-617
Reachable Assertion
CVE-2017-13750
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.64% / 81.17%
||
7 Day CHG~0.00%
Published-29 Aug, 2017 | 06:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1296 in JasPer 2.0.12 that will lead to a remote denial of service attack.

Action-Not Available
Vendor-n/aFedora ProjectJasPer
Product-fedorajaspern/a
CWE ID-CWE-617
Reachable Assertion
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • Next
Details not found