Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-12413

Summary
Assigner-libreswan
Assigner Org ID-d42dc95b-23f1-4e06-9076-20753a0fb0df
Published At-02 Jul, 2026 | 21:19
Updated At-02 Jul, 2026 | 21:19
Rejected At-
Credits

IKEv2 Denial of Service via malformed fragmentation

An invalidly formatted IKEv2 fragment causes the Libreswan pluto daemon to crash and restart. Continued exploitation would cause a denial of service. The function reassemble_v2_incoming_fragments() would ignore unknown outer payloads but still store these in a fixed size array msg_digest.digest[PAYLIMIT]. An off-by-one error in the assertion PASSERT(logger, md->digest_roof < elemsof(md->digest)) causes the daemon to abort. No remote code execution is possible. Any configuration that allows IKEv2 connections that do not set fragmentation=no are vulnerable. IKEv1 is not affected.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:libreswan
Assigner Org ID:d42dc95b-23f1-4e06-9076-20753a0fb0df
Published At:02 Jul, 2026 | 21:19
Updated At:02 Jul, 2026 | 21:19
Rejected At:
â–¼CVE Numbering Authority (CNA)
IKEv2 Denial of Service via malformed fragmentation

An invalidly formatted IKEv2 fragment causes the Libreswan pluto daemon to crash and restart. Continued exploitation would cause a denial of service. The function reassemble_v2_incoming_fragments() would ignore unknown outer payloads but still store these in a fixed size array msg_digest.digest[PAYLIMIT]. An off-by-one error in the assertion PASSERT(logger, md->digest_roof < elemsof(md->digest)) causes the daemon to abort. No remote code execution is possible. Any configuration that allows IKEv2 connections that do not set fragmentation=no are vulnerable. IKEv1 is not affected.

Affected Products
Vendor
The Libreswan Project
Product
libreswan
Default Status
unaffected
Versions
Affected
  • From 4.6 through 5.3 (semver)
Unaffected
  • 5.3.1 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-193Off-by-one Error
CWECWE-617Reachable Assertion
Type: CWE
CWE ID: CWE-193
Description: Off-by-one Error
Type: CWE
CWE ID: CWE-617
Description: Reachable Assertion
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
vendorSeverity
value:
MEDIUM
description:
Vendor-assessed severity. The daemon automatically restarts after the crash, requiring continued exploitation for sustained denial of service.
Impacts
CAPEC IDDescription
Solutions

Upgrade to libreswan 5.3.1 or later. Patches for libreswan 4.15 and 5.3 are available at https://libreswan.org

Configurations

Workarounds

If fragmentation is not needed, fragmentation=no can be added to all IKEv2 configurations. If fragmentation is needed, no workaround is possible and the fix needs to be applied.

Exploits

Credits

finder
Hu Xinyao
Timeline
EventDate
Libreswan notified of the issue via security@libreswan.org2026-06-16 00:00:00
Advanced notice given to supported customers and distributions2026-06-16 00:00:00
Public announcement and release of libreswan 5.3.12026-06-24 00:00:00
Event: Libreswan notified of the issue via security@libreswan.org
Date: 2026-06-16 00:00:00
Event: Advanced notice given to supported customers and distributions
Date: 2026-06-16 00:00:00
Event: Public announcement and release of libreswan 5.3.1
Date: 2026-06-24 00:00:00
Replaced By

Rejected Reason

References
HyperlinkResource
https://libreswan.org/security/CVE-2026-12413/CVE-2026-12413.txt
N/A
https://libreswan.org/security/CVE-2026-12413/
N/A
Hyperlink: https://libreswan.org/security/CVE-2026-12413/CVE-2026-12413.txt
Resource: N/A
Hyperlink: https://libreswan.org/security/CVE-2026-12413/
Resource: N/A
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:d42dc95b-23f1-4e06-9076-20753a0fb0df
Published At:02 Jul, 2026 | 22:16
Updated At:02 Jul, 2026 | 22:16

An invalidly formatted IKEv2 fragment causes the Libreswan pluto daemon to crash and restart. Continued exploitation would cause a denial of service. The function reassemble_v2_incoming_fragments() would ignore unknown outer payloads but still store these in a fixed size array msg_digest.digest[PAYLIMIT]. An off-by-one error in the assertion PASSERT(logger, md->digest_roof < elemsof(md->digest)) causes the daemon to abort. No remote code execution is possible. Any configuration that allows IKEv2 connections that do not set fragmentation=no are vulnerable. IKEv1 is not affected.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CPE Matches

Weaknesses
CWE IDTypeSource
CWE-193Secondaryd42dc95b-23f1-4e06-9076-20753a0fb0df
CWE-617Secondaryd42dc95b-23f1-4e06-9076-20753a0fb0df
CWE ID: CWE-193
Type: Secondary
Source: d42dc95b-23f1-4e06-9076-20753a0fb0df
CWE ID: CWE-617
Type: Secondary
Source: d42dc95b-23f1-4e06-9076-20753a0fb0df
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://libreswan.org/security/CVE-2026-12413/d42dc95b-23f1-4e06-9076-20753a0fb0df
N/A
https://libreswan.org/security/CVE-2026-12413/CVE-2026-12413.txtd42dc95b-23f1-4e06-9076-20753a0fb0df
N/A
Hyperlink: https://libreswan.org/security/CVE-2026-12413/
Source: d42dc95b-23f1-4e06-9076-20753a0fb0df
Resource: N/A
Hyperlink: https://libreswan.org/security/CVE-2026-12413/CVE-2026-12413.txt
Source: d42dc95b-23f1-4e06-9076-20753a0fb0df
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

314Records found

CVE-2020-23310
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.15% / 62.98%
||
7 Day CHG~0.00%
Published-10 Jun, 2021 | 22:13
Updated-04 Aug, 2024 | 14:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an Assertion 'context_p->next_scanner_info_p->type == SCANNER_TYPE_FUNCTION' failed at js-parser-statm.c:733 in parser_parse_function_statement in JerryScript 2.2.0.

Action-Not Available
Vendor-jerryscriptn/a
Product-jerryscriptn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2020-11653
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.11% / 79.49%
||
7 Day CHG~0.00%
Published-08 Apr, 2020 | 00:00
Updated-04 Aug, 2024 | 11:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Varnish Cache before 6.0.6 LTS, 6.1.x and 6.2.x before 6.2.3, and 6.3.x before 6.3.2. It occurs when communication with a TLS termination proxy uses PROXY version 2. There can be an assertion failure and daemon restart, which causes a performance loss.

Action-Not Available
Vendor-varnish-softwarevarnish-cachen/aDebian GNU/LinuxopenSUSE
Product-varnish_cachedebian_linuxbackports_sleleapn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2020-11296
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.60% / 44.10%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 06:26
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Arithmetic overflow can happen while processing NOA IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100qfe2080fc_firmwareqca9377_firmwareqpm5679_firmwarepmd9607_firmwareqca1023qfs2530qpm8870_firmwareqln1030pm6125mdm9645msm8992_firmwarewcn3950_firmwarepm8150aqdm5670qpm5541_firmwareqpa5581_firmwareqpa8821mdm8215qcs6125_firmwarepm456_firmwaresa415mwcn3998wcd9371_firmwarewcn3950mdm9206_firmwareqsw8573_firmwarewcn3660bqsm8350_firmwareqsm8350smb2351_firmwarepm855pwtr4605_firmwarepm6150aqca9367_firmwareipq8072_firmwaresa8155_firmwareipq8068qat3522qfe4455fcpmr735asdm830_firmwaresd765gsdr660qfe1045_firmwareqfe3345qfs2630_firmwaresdr865mdm9250_firmwareqdm5620_firmwaresmr545qca6696_firmwareqln5020qca1062mdm8215_firmwarepmm855au_firmwaresd_8cxpmm8920ausa8150pqfe3340sd660sd712pm640p_firmwareqcn5121pm6150lpm855l_firmwareqca6428_firmwareqtc410sipq4018_firmwareqca4531_firmwareqfe3335_firmwareqpa8801ipq8078qat5533_firmwareipq8173sdx55m_firmwareqpa8673_firmwaresd670_firmwareqfs2630pmm8996auqpm5579_firmwaresmb1380_firmwarepmk8350_firmwareqcn5024pm855p_firmwaresd690_5g_firmwaresmb1381pm7250wtr4905sdx24_firmwareqcn9012_firmwareqdm2301qca9890_firmwareqfe2101_firmwareqca6584_firmwareqdm5621_firmwareqpm6375sd_8c_firmwareipq6028ipq8064pmp8074qca1990wcn3980_firmwaresd730qfe3320_firmwarepm8008pm8350b_firmwaremdm9225pme605_firmwarepme605apq8064au_firmwaremdm9225mipq8078_firmwareqcn5054qln1021aq_firmwareqcs603qca6164_firmwareqln4640_firmwareqca9980qpm6582qcn9024_firmwareqcs610_firmwareapq8084_firmwareqca9886_firmwarear8031wtr2965qca6164qca6391_firmwarepmx20_firmwareqca4024qat3516_firmwareapq8053qcn5021_firmwareqca9379pm855bsmb2351qpa5581qfe1040_firmwarecsrb31024qca9563_firmwaremdm9628_firmwaremdm9650qbt1500_firmwareqpm5870_firmwarepmk8001qcs4290qet6100pmd9635_firmwareapq8009_firmwaresd690_5gmdm9310_firmwaresd675_firmwareipq8072qca6426qca9984_firmwareqca9377qpm5641sdxr2_5g_firmwarewtr2955rgr7640au_firmwarepm7250_firmwareqdm5620ipq8074aqca9982qcn5122_firmwareqat5533qcn6023_firmwaresm7250p_firmwarewcn3610_firmwareqsm7250_firmwareqpm6670pm7150l_firmwareqca6584aupm855pm8250qcn5052mdm9235m_firmwaremdm9607_firmwaremdm9655_firmwareqfs2530_firmwaresa415m_firmwareqat3519_firmwareqpm5677qat5515qca9982_firmwareqcs4290_firmwareqtc800h_firmwareqpm5620mdm9625sd750g_firmwareaqt1000sm6250_firmwarepmm8195auqln4642msm8994ipq5010_firmwareipq8074a_firmwaremdm9625msd888_5g_firmwaresmr525_firmwarewsa8815_firmwareqpm8820_firmwareapq8017qpm6621_firmwaremdm9630_firmwarewtr2955_firmwareqbt1000_firmwarepm8019qca6595smb1398_firmwareqca9896_firmwareipq8065_firmwarepm8150cpmr735bsd665_firmwareqcn5154qpm5577_firmwareqdm5679_firmwareqca6310_firmwareapq8094_firmwarepm6150l_firmwaremdm9615qca6574_firmwaresd665pm6150a_firmwarepmd9607mdm9310wtr2965_firmwarecsrb31024_firmwareqfs2608qcn9070_firmwareqln1036aqipq6028_firmwareipq8072a_firmwareqca9889_firmwaresd710mdm9607mdm9645_firmwareqln1035bd_firmwaresdx20m_firmwareqca6564_firmwareqca1064_firmwaresmb1350_firmwarepmk8002apq8096au_firmwareqcn9022sdm830smb1357qpa5580pm8018_firmwareqpm5579qfe2550qcn5550qdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqat3519qbt2000_firmwareipq8078asa8150p_firmwaresdr8250_firmwareqcn5064csra6620_firmwareqln1020csra6640_firmwarepmc1000hqat3518smr526_firmwareipq8076apm640a_firmwarewgr7640_firmwareqca4020qca6428qdm5652qcn5164_firmwareipq8071sa6155_firmwarewcd9360sdx20mqca6438_firmwareqpa8675_firmwarewtr1625lqpa5460_firmwarewcn3999qsm7250pm8996ipq4029_firmwareipq6010sd662_firmwareqdm2308_firmwareqca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwareipq8068_firmwarepmi8952mdm9655qca6431wcn3910_firmwareqfe1922sd855_firmwareqdm5650qfe2080fcsdr052sa8195p_firmwaresmb1390qca9898ipq4028qpa8686_firmwarewcd9380_firmwareqca7500_firmwarewgr7640csr6030qat5568qdm5671_firmwareqpa8801_firmwareqtm527_firmwarepm8005_firmwareqca9558pm7250b_firmwarepmd9655_firmwaresmb1351_firmwaremdm9230pm8996_firmwareipq4019_firmwaresmb358sar8151smr526qca8072_firmwareqca6174pmk8003qca6430_firmwareqtc801s_firmwareqat3522_firmwarewcn3980qsw8573qcs605qbt1000mdm9225_firmwaresd7cwcn3910qca6426_firmwarepm8350_firmwarepm8009ipq8064_firmwareqat3518_firmwaresd821_firmwarepmi8998qfe2520ar8031_firmwarepm855lpmd9635pm8150b_firmwaresd_636_firmwaresmr545_firmwareqca9880pm670sd210_firmwarepm8005qdm2302sdxr1apq8096auqcs405_firmwarepmi8996_firmwareqln4650_firmwareqet5100mqca9378a_firmwarepm8952qca9531_firmwareqat3516qpm5658ar8035_firmwareqcm2290qpm5658_firmwareqcn5024_firmwarewcn3991_firmwareqdm5652_firmwareqfe4465fcqcn9070pmi632qca9378pm8350bh_firmwarepmr735b_firmwaresmb1360_firmwareqca9880_firmwarepm670l_firmwaresdr660gqfe2340ipq8069_firmwaresd730_firmwarewcd9370sdr425qcn9000_firmwareipq5018qca9369ar8151_firmwaresd_8cx_firmwareqpm5541qat5516qcn5124_firmwarepm8350bhqca6320_firmwarewcn3680b_firmwareqca6595auipq5010qdm2305sa6155p_firmwareqca6310pm8937qpm2630qca9990sdxr2_5gsmb1398msm8994_firmwaresa6145p_firmwaresdr675ipq8071aipq8071a_firmwarewcd9385qat3550_firmwareqln5040_firmwarepm4125_firmwarear8035pm8019_firmwareapq8064auqca6694_firmwareqdm2310qfe2550_firmwareqcn9100_firmwareqln5030_firmwarepm8952_firmwaresd820smb1396_firmwarecsr6030_firmwaresmr546pmx24qfe1055qca8072qln5040qpm8895sdr845qtm527qfe3440fc_firmwarepmk8350qca9558_firmwaremsm8996aupm8994_firmwareqfe1035qpm5657_firmwaresd888_5gsm6250pqln1035bdpm855asdr660_firmwarepm8909_firmwareipq4018qca6574aqpm4640mdm9635mqet5100m_firmwareipq8076_firmwareqpm4650sa515mipq8076qfe1922_firmwareqca9887qca9378_firmwaresdr865_firmwareqfe4465fc_firmwarepm8250_firmwaresd460qca6391sdxr1_firmwaremdm9626pm660asdx50mpm640apm8916qdm4650ipq8074_firmwareqca6574ausa8155p_firmwareqsw6310qcm6125qpm2630_firmwaresmb231_firmwareqdm2308qat3550wcn6856sd835_firmwareqtc800s_firmwaresa6150pqcn9022_firmwareqpa8688_firmwareipq8070apmm8195au_firmwareqcn9072_firmwaresm7250psd720g_firmwareqpm4621_firmwareqca9896ipq4029sd850qln4640qfs2580mdm9640_firmwaresm6250p_firmwareipq4028_firmwareqfe4455fc_firmwareqca8337ar9380ipq8173_firmwareqfs2608_firmwareqpa8688qcn5124qat5522_firmwaresc8180x\+sdx55qca6595au_firmwaresa6155pm7150lpm8998_firmwaresd_455_firmwareapq8076wtr5975_firmwareqpa5580_firmwareqcn6024_firmwaresd720gsm4125wtr1605pmm8920au_firmwareqsw8574_firmwaresd460_firmwaremdm9230_firmwarepm8953_firmwareqpa4360_firmwareqca8081_firmwareqfe2520_firmwarewcn3998_firmwareqca6420apq8053_firmwareqpm6670_firmwareipq8070_firmwareipq8065ipq8078a_firmwarepm660_firmwarepm8150bqca0000qfe2101qca6430wcd9340mdm9625_firmwaresmb1358qca9888_firmwarewcd9371smb1350qfe1055_firmwareqcn5154_firmwaresm4350_firmwarewtr3950pm6350qdm5621qtc800sqat3514_firmwaremdm9330_firmwareqca9992_firmwaresd865_5g_firmwaresd660_firmwareqcn5022_firmwareqcn7606_firmwareqat5516_firmwarewcn3991qca9980_firmwarepm8150l_firmwarepm6150smb1354_firmwaremsm8976_firmwareqca6574qpa8842csr8811_firmwaresdr052_firmwarewcd9380qcs410qfe3100_firmwareqca9379_firmwareqpa8803pmd9645ipq6018_firmwarewcd9340_firmwarewsa8815wcn6850pmp8074_firmwareqdm2301_firmwaremdm9215_firmwaresd835pm660l_firmwarepm6250_firmwareqtm525_firmwareqcn5064_firmwareqca9890qpm5621_firmwareqca6234rsw8577qpa6560_firmwareqca9994qpa8802_firmwareqpm5621sd670ipq8174_firmwarepm8009_firmwareqfs2580_firmwareqcm4290_firmwarewcn6855qcn7605_firmwarepm8150lpmi8998_firmwaresa6145ppm660a_firmwarepm4250qca1023_firmwareqpm5577sdm630_firmwaresd820_firmwarepm8150wcd9370_firmwaresdx55csra6640qat3555_firmwarepmi8994qpa8803_firmwareqca6234_firmwareqln1031qcn7606qpm5870pm8909qfe1040wsa8830pm660qca9561qet6110_firmwareqca1062_firmwareqpm6325pm6125_firmwareqbt1500qfe2340_firmwaresd_636pmx24_firmwareqca9378aqca9992pmm855aumdm9250qca6420_firmwaresmb1396pm7150apm8350qca6564qpa4361_firmwarepm8350c_firmwareqpa5461_firmwarewcn3990_firmwareqca4531wcd9385_firmwareqdm5650_firmwareqpa4340_firmwarewcd9326_firmwarewhs9410wcn3615_firmwaresdr845_firmwareqln1021aqsmb1380pmk8002_firmwareapq8094qsw6310_firmwaresa8155qca6584qdm4650_firmwareqln1031_firmwarepmm6155au_firmwaresdx55_firmwarewcn3615qfe1952qpm4641qat5515_firmwareipq8174qpm8830_firmwareqca9367qfe2082fc_firmwareapq8092sdm630qdm4643wcn3988_firmwarepmx55qpm4641_firmwareqcn9074pm8150c_firmwareqca6421qdm3301qpa8842_firmwaresa8195psdr735_firmwarepm8953qca6694qat3514wcd9326wcd9335pm6350_firmwareqcn6023pm8004_firmwaresdr8150_firmwareqpm4630qca6390qca9898_firmwarewcd9375msm8976sc8180x\+sdx55_firmwareqpm5677_firmwareapq8092_firmwaresdx20_firmwarewtr3925_firmwarepm8998qln1020_firmwaremdm9235mpm670a_firmwareqcm6125_firmwareqca9882wtr1625l_firmwarepmx55_firmwaresd865_5gpm8150_firmwareqpm8830pmm8996au_firmwareqat5522qca9369_firmwareqpa4360pmk8003_firmwareqca8075_firmwareqpa4361ipq6005_firmwaremdm9206qpm4640_firmwarewcn6855_firmwarepm8350csmr525qca9888ipq8070a_firmwarepmr525pm8150a_firmwarewtr3950_firmwareqca9886qln1036aq_firmwarepm6150_firmwareqca6175asd765wtr3925lpmx20qca6574a_firmwareqpm4630_firmwareqat3555sd850_firmwareapq8009qpa5461qfe2082fcpm670_firmwareqtc801smdm9626_firmwareqca9531qpm5641_firmwareqfe3320qcn5122pm8008_firmwareqpm6621pmr735a_firmwarepmx50pm8018qfe3345_firmwareqcn5022sdr8250sd768gqln1030_firmwarepm8004pm640lqca8075qcn6024sd845mdm9615_firmwareipq6000_firmwareqcs410_firmwaremdm9330qca6175a_firmwaresa6150p_firmwareqcs610pmi8996qpm5620_firmwareqfe1045qca9561_firmwareqca4024_firmwarepm855a_firmwareqtc800hqcs2290qca6335qcs605_firmwaresd_675_firmwaresmr546_firmwarewtr3905qdm5671qfe2330qpm4650_firmwaresdr425_firmwaremdm9628qpa5460qdm2305_firmwareqpm5670_firmwaresd710_firmwareqca6574au_firmwaremdm9630qpm8870wcd9375_firmwareqpm5679qbt2000pmx50_firmwarewhs9410_firmwaresdr735gqdm3301_firmwareqca7500qcs6125smb1360qcs405qca1990_firmwareqfe3440fcrsw8577_firmwareqpa6560sdr675_firmwarewcd9341qdm4643_firmwarepm8937_firmwareqet4100_firmwaresd750gqpm5657wtr1605_firmwareqpm5875_firmwarewsa8830_firmwarewcn3988qca6438wtr3925qet4100wcn3610mdm9640ipq5018_firmwareqpm6585qca8337_firmwaresmb1355ipq8072aqln4650qtc800t_firmwaremsm8996au_firmwaresdr735g_firmwarewcd9330ipq8076a_firmwareqet5100mdm9225m_firmwareqca6564auwcn6856_firmwareqcn5164pm8994qet4101_firmwarepm7250bqln4642_firmwarepmk8001_firmwaresmb1355_firmwareqcn5054_firmwareqet4200aq_firmwaresdx50m_firmwaresdr735smb1395pm660lsmb358s_firmwarewtr5975wcd9335_firmwareqcn5052_firmwareqca6335_firmwareqca6320mdm9650_firmwarewcn3660b_firmwareqca9984qcn9024qpa8675qcn5550_firmwaresdr051_firmwaresdx55mwcd9330_firmwarepm670aqca6421_firmwarewtr3905_firmwareqsw8574wcn6851_firmwareqdm5670_firmwareipq8070pm7150a_firmwareqca9887_firmwarewtr3925l_firmwarepmc1000h_firmwareqca6564a_firmwareqdm2310_firmwarepm4250_firmwarepmd9645_firmwareqcn5121_firmwareqdm5677ipq6018pm855_firmwarepmm6155aupm855b_firmwareqca6595_firmwareqpm6582_firmwareqpm6375_firmwarepm640l_firmwareqpm5875sa8155psd675wtr4605qet4101pm670lqfe2330_firmwarepmm8155au_firmwaresdr051qln5030qcs2290_firmwarepm4125qpa2625_firmwarepm456sd7c_firmwareqfe2081fc_firmwarecsra6620qet5100_firmwareqfe1100_firmwareqpm4621qcn9072qet6100_firmwaresd765g_firmwareqpa8686smb1358_firmwareqca6390_firmwareipq6000qca6174_firmwareqcn5152_firmwareqca0000_firmwarepmr525_firmwareqca6584au_firmwareapq8076_firmwareqfe3340_firmwarepmi632_firmwareqcn7605qca9563sd662qpa8821_firmwareqfe1952_firmwaresdr660g_firmwareqca1064pm3003awcn3999_firmwareqca6436_firmwareqtc800tsmb1354qca6564au_firmwareqpm8820qfe2081fcqln5020_firmwaresa515m_firmwareapq8084sd821msm8992sm6250sd712_firmwareapq8017_firmwarewsa8810_firmwaresmb231qfe1100sd765_firmwareqdm5677_firmwareqca8081qet4200aqqca6174a_firmwareqpm6325_firmwareqdm2302_firmwarepmm8155aucsr8811qpa8673ipq4019sd210wcn6850_firmwarewsa8835_firmwareqca6564aqet6110pmi8952_firmwareqcm2290_firmwaremdm9635m_firmwareqpm5670wcn3990qcn9000sd_675mdm9625m_firmwarear9380_firmwaresdx24qcn9012pmi8994_firmwarepm8350bqdm2307_firmwarewsa8835rgr7640aupm8916_firmwareqca9889qca6174asmb1390_firmwareipq8074qca9994_firmwarepm8956_firmwareqtm525wtr6955qfe3335sd855sm4125_firmwarewtr6955_firmwarepm640pqcn5021ipq8069qcn5152sd768g_firmwaresmb1351smb1357_firmwareipq6005aqt1000_firmwareqcn9100qpm8895_firmwareqpa4340qfe1035_firmwareqcm4290qca9882_firmwaresdr8150sdx20smb1395_firmwaremdm9215sd_455pmd9655wcd9341_firmwarewsa8810qtc410s_firmwareqat5568_firmwarewtr4905_firmwareqdm5679sd_8cwcn3680bipq6010_firmwarepm3003a_firmwareqca6696sm4350sd845_firmwaresmb1381_firmwareqpa2625qca9990_firmwareipq8071_firmwareqcn9074_firmwarepm8956pm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-617
Reachable Assertion
CVE-2020-11218
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.81% / 52.48%
||
7 Day CHG~0.00%
Published-17 Mar, 2021 | 06:00
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in baseband when NW configures LTE betaOffset-RI-Index due to lack of data validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qca9377_firmwareqpm5679_firmwaresm6250p_firmwareqca8337qfs2530qpm8870_firmwarepm6125qat5522_firmwarewcn3950_firmwarepm8150aqdm5670qca6595au_firmwareqpm5541_firmwarepm7150lqpa8821pm8998_firmwareqcs6125_firmwarepm456_firmwareqpa5580_firmwaresa415mwcn3998wcd9371_firmwarewcn3950sm4125sd720gqsw8573_firmwarewcn3660bsd450_firmwareqfe4320qsw8574_firmwaresd460_firmwaresmb2351_firmwarepm8953_firmwareqpa4360_firmwarewcn3998_firmwareqfe2520_firmwarepm855pqca6420apq8053_firmwarepm6150apm660_firmwarepm8150bsa8155_firmwareqfe2101qca6430qat3522pmr735awcd9340sd765gsdr660sdr865qdm5620_firmwaresmb1358qca6696_firmwareqln5020wcd9371sd870_firmwarepmm855au_firmwaresd_8cxqfe3340qdm5621qtc800ssd865_5g_firmwaresd712pm640p_firmwarewcn6750_firmwareqat5516_firmwarepm6150lsd450pm855l_firmwareqtc410swcn3991qpa8801pm8150l_firmwareqat5533_firmwaresdx55m_firmwareqpa8673_firmwarepm6150smb1354_firmwaresd670_firmwaresd632_firmwareqpa8842sdr052_firmwarewcd9380qcs410qpm5579_firmwaresmb1380_firmwareqfe4309_firmwaresmb1381pm855p_firmwarepm7250qpa8803sdx24_firmwareqdm2301wcd9340_firmwarewsa8815wcn6850qfe2101_firmwareqdm5621_firmwareqdm2301_firmwareqpm6375sd_8c_firmwarewcn3980_firmwaresd730pm660l_firmwarepm6250_firmwarepm8008qtm525_firmwarepme605_firmwarepme605sd678_firmwareqpm5621_firmwareqln1021aq_firmwareqcs603qpa6560_firmwareqpa8802_firmwareqln4640_firmwareqfe4308_firmwareqpm5621qpm6582sd670pm8009_firmwareqfe4303qfs2580_firmwareqcm4290_firmwarepm8150lpmi8998_firmwareqcs610_firmwarepm4250qpm5577wtr2965sa2150pqca6391_firmwarepm8150pmi8937_firmwarewcd9370_firmwareqat3516_firmwaresdx55apq8053qat3555_firmwareqpa8803_firmwarewcn3660pm855bsmb2351qln1031pm660qet6110_firmwareqpm6325pm6125_firmwareqbt1500csrb31024pmx24_firmwarefsm10055_firmwareqbt1500_firmwareqcs4290pmm855auqca6420_firmwarepm7150asd675_firmwareqpa4361_firmwareqca6426wcn3990_firmwareqca9377qpa5373_firmwarewcd9385_firmwareqdm5650_firmwaresdxr2_5g_firmwarewcd9326_firmwarewhs9410wcn3615_firmwarewtr2955pm7250_firmwaresdr845_firmwareqdm5620qln1021aqsmb1380pmk8002_firmwareqsw6310_firmwaresa8155qln1031_firmwaresdx55_firmwareqat5533wcn3615sm7250p_firmwarepm8940qsm7250_firmwarepm7150l_firmwareqca6584auqat5515_firmwarepm855qpm8830_firmwarepm8250qfs2530_firmwaresa415m_firmwarepmx55wcn3988_firmwarepm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwarepm8953qat5515qpm5677wcd9326wcd9335pm8004_firmwaresdr8150_firmwareqcs4290_firmwareqtc800h_firmwareqca6390wcd9375aqt1000sm6250_firmwareqln4642msm8917_firmwareqpm5677_firmwarewsa8815_firmwarewtr3925_firmwarepmi8937pm8998smr525_firmwareqpm8820_firmwareqfe4301_firmwareapq8017qcm6125_firmwarepmx55_firmwarewtr2955_firmwareqfe4373fc_firmwaresd865_5gpm8150_firmwareqpm8830qat5522pm8150csd665_firmwareqpa4360sc8180xqpa4361qpm5577_firmwareqdm5679_firmwaresmr525qfe4305_firmwarepm6150l_firmwarepmr525pm8150a_firmwareqln1036aq_firmwaresd665pm6150a_firmwarepm6150_firmwaresd765qca6574a_firmwareqat3555wtr2965_firmwarepm670_firmwarecsrb31024_firmwareqln1036aqqtc801ssc8180x_firmwaresd710pm8008_firmwarepmr735a_firmwarepmx50sdr8250sd768gpm8004pm640lmsm8940pmk8002sd845qcs410_firmwareqpa5580qpm5579fsm10055qfe2550qcs610qdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqat3519qbt2000_firmwarepm855a_firmwareqtc800hsdr8250_firmwareqcs2290msm8917qcs605_firmwaresd_675_firmwareqdm5671pmc1000hqpm4650_firmwareqat3518sd632sdr425_firmwaresmr526_firmwarepm640a_firmwarewgr7640_firmwareqdm2305_firmwareqpm5670_firmwaresd710_firmwareqdm5652qca6574au_firmwareqpm8870wcd9375_firmwareqpm5679qbt2000wcd9360pmx50_firmwareqpa8675_firmwarewhs9410_firmwarepm8940_firmwareqdm3301_firmwareqsm7250qcs6125sd662_firmwareqdm2308_firmwareqca6436qcs603_firmwareqpa6560sdr675_firmwarewcn3660_firmwarewcd9341pmi8952pm8937_firmwareqca6431qet4100_firmwareqfe4320_firmwarewcn3910_firmwaresd855_firmwareqdm5650wcn3988wtr3925sdr052smb1390qet4100qpa8686_firmwareqpm6585qca8337_firmwarewcd9380_firmwaresmb1355qln4650wgr7640qet5100qdm5671_firmwareqpa8801_firmwareqca6564auqtm527_firmwarepm8005_firmwaremsm8940_firmwareqet4101_firmwarepm7250bqln4642_firmwaresmb1355_firmwarepm7250b_firmwaresmb1351_firmwaresdx50m_firmwaresmb1395pm660lsmr526qca6430_firmwarewcd9335_firmwareqtc801s_firmwarewcn3980qat3522_firmwareqsw8573qcs605wcn3910qca6426_firmwarewcn3660b_firmwareqfe4309pm8009qpa8675sdr051_firmwaresdx55mqca6421_firmwareqfe4373fcmsm8953qat3518_firmwarepmi8998qfe2520qsw8574pm855lqdm5670_firmwarepm7150a_firmwarepm8150b_firmwareqfe4302pmc1000h_firmwareqdm2310_firmwarepm4250_firmwaresd870pm670qdm5677pm8005pm855_firmwareqdm2302sdxr1pm855b_firmwareqpm6582_firmwareqpm6375_firmwarepm640l_firmwareqln4650_firmwareqet5100msa8155psd675qet4101qat3516pm670lqpm5658ar8035_firmwareqcm2290qpm5658_firmwarewcn3991_firmwareqdm5652_firmwaresd678sdr051qln5030qcs2290_firmwarepm4125pmi632qpa2625_firmwarepm456qet5100_firmwareqpa5373pm670l_firmwaresdr660gsd765g_firmwareqpa8686smb1358_firmwareqca6390_firmwaresd730_firmwarewcd9370sdr425pmr525_firmwareqca6584au_firmwareqfe3340_firmwarepmi632_firmwaresd_8cx_firmwareqpm5541qat5516sd662qpa8821_firmwareqfe4308sdr660g_firmwarepm3003awcn3680b_firmwareqca6595auqca6436_firmwaresmb1354qca6564au_firmwareqdm2305qpm8820pm8937qln5020_firmwaresa515m_firmwaresdxr2_5gsdr675sm6250sd712_firmwareapq8017_firmwarewsa8810_firmwaresd765_firmwareqdm5677_firmwareqca6174a_firmwarewcd9385qpm6325_firmwareqdm2302_firmwareqat3550_firmwareqln5040_firmwarepm4125_firmwarear8035qpa8673qdm2310qfe2550_firmwaremsm8953_firmwareqln5030_firmwareqfe4302_firmwarewcn6850_firmwarepmx24qet6110pmi8952_firmwareqcm2290_firmwareqln5040qpm8895sdr845qpm5670wcn3990sd_675qtm527sdx24qdm2307_firmwaresm6250ppm855asdr660_firmwareqca6574asmb1390_firmwareqca6174aqfe4303_firmwarewcn6750qet5100m_firmwareqpm4650qtm525sa515msa2150p_firmwaresd855sm4125_firmwareqfe4305pm640psd768g_firmwaresdr865_firmwarepm8250_firmwarepm6250sd460qca6391sdxr1_firmwaresmb1351aqt1000_firmwaremsm8920qpm8895_firmwareqcm4290sdx50mpm640asdr8150msm8920_firmwaresmb1395_firmwareqca6574ausa8155p_firmwareqsw6310wcd9341_firmwareqcm6125wsa8810qtc410s_firmwareqdm2308qat3550qdm5679sd_8cwcn3680bpm3003a_firmwareqca6696qfe4301qtc800s_firmwaresmb1381_firmwaresd845_firmwareqpa2625sm7250psd720g_firmwareqln4640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-617
Reachable Assertion
CVE-2020-11135
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.69% / 48.19%
||
7 Day CHG~0.00%
Published-09 Sep, 2020 | 06:25
Updated-04 Aug, 2024 | 11:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Reachable assertion when wrong data size is returned by parser for ape clips' in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8098, Kamorta, MSM8917, MSM8953, Nicobar, QCM2150, QCS605, QM215, Rennell, SA6155P, SA8155P, Saipan, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-kamorta_firmwaresa6155p_firmwareqcm2150_firmwaremsm8953sdm450sdm636_firmwaresdm632_firmwareapq8098_firmwaresdm450_firmwaresdm632qcm2150sdm660sdm439sdm630sm8250_firmwaresdm429sm7150_firmwaresa8155p_firmwareqm215sdm710sm6150sdm710_firmwaresm7150msm8917sa6155psdm670sxr2130qcs605_firmwaresdm670_firmwaresm8150_firmwaresxr2130_firmwaresdm439_firmwaresdm636rennellsdm630_firmwareapq8098rennell_firmwareqm215_firmwareqcs605msm8953_firmwaresa8155psaipan_firmwaresm6150_firmwaremsm8917_firmwaresdm429_firmwaresm8250sm8150sxr1130_firmwarekamortanicobar_firmwaresaipansxr1130sdm660_firmwarenicobarSnapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-617
Reachable Assertion
CVE-2020-11278
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.60% / 44.63%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 06:26
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible denial of service while handling host WMI command due to improper validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qpm5679_firmwaresm6250p_firmwareqca8337ipq8173_firmwareqfs2608_firmwareqfs2530qpm8870_firmwareqln1030qpa8688pm6125qcn5124qat5522_firmwarewcn3950_firmwarepm8150aqdm5670qca6595au_firmwareqpm5541_firmwareqpa5581_firmwaresa6155pm7150lqpa8821pm8998_firmwarewtr5975_firmwareqcs6125_firmwarepm456_firmwareqpa5580_firmwaresa415mwcn3998wcd9371_firmwarewcn3950qcn6024_firmwaresd720gsm4125qsw8573_firmwareqsm8350_firmwareqsw8574_firmwareqsm8350sd460_firmwaresmb2351_firmwaresd6905gqpa4360_firmwareqca8081_firmwarewcn3998_firmwarepm855pqca6420pm6150aqpm6670_firmwareipq8070_firmwareipq8078a_firmwarepm660_firmwarepm8150bipq8072_firmwaresa8155_firmwareqca6430qat3522pmr735awcd9340sdm830_firmwaresd765gsdr660qfs2630_firmwaresdr865qdm5620_firmwareqca9888_firmwaresmr545qca6696_firmwareqln5020wcd9371qca1062qcn5154_firmwarepmm855au_firmwaresm4350_firmwaresa8150ppm6350qdm5621qtc800sqat3514_firmwaresd660sd712pm640p_firmwaresd660_firmwareqcn5121qcn5022_firmwareqcn7606_firmwareqat5516_firmwarepm6150lwcn6750_firmwaresd8885gpm855l_firmwareqca6428_firmwareqtc410swcn3991qpa8801ipq8078pm8150l_firmwareipq8173qat5533_firmwaresdx55m_firmwaresdxr25gqpa8673_firmwarepm6150smb1354_firmwaresd670_firmwareqca6574qfs2630qpa8842csr8811_firmwaresdr052_firmwarewcd9380qln4640qcs410qpm5579_firmwaresmb1380_firmwarepmk8350_firmwareqcn5024pm855p_firmwaresmb1381pm7250qpa8803qcn9012_firmwaresdxr25g_firmwareqdm2301ipq6018_firmwarewcd9340_firmwarewsa8815wcn6850pmp8074_firmwareqdm5621_firmwareqdm2301_firmwareqpm6375ipq6028pmp8074wcn3980_firmwaresd730pm660l_firmwarepm6250_firmwarepm8008pm8350b_firmwareqtm525_firmwarepme605_firmwareqcn5064_firmwarepme605ipq8078_firmwareqpm5621_firmwareqcn5054qln1021aq_firmwareqcs603rsw8577qpa6560_firmwareqpa8802_firmwareqln4640_firmwareqpm5621qpm6582qcn9024_firmwareipq8174_firmwarepm8009_firmwaresd670qfs2580_firmwareqcm4290_firmwarewcn6855qcn7605_firmwarepm8150lpmi8998_firmwareqcs610_firmwaresa6145ppm660a_firmwarepm4250ar8031qpm5577wtr2965sdm630_firmwareqca6391_firmwarepm8150qca4024wcd9370_firmwareqat3516_firmwaresdx55qcn5021_firmwarecsra6640qat3555_firmwareqpa8803_firmwarepm855bsmb2351qln1031qcn7606qpm5870wsa8830pm660qet6110_firmwareqca1062_firmwareqpm6325pm6125_firmwareqbt1500qpa5581csrb31024pmx24_firmwareqbt1500_firmwareqpm5870_firmwareqcs4290qet6100pmm855auqca6420_firmwaresmb1396pm7150asd675_firmwareipq8072pm8350qpa5461_firmwareqpa4361_firmwarepm8350c_firmwareqca6426wcn3990_firmwareqca9984_firmwareqpm5641wcd9385_firmwareqdm5650_firmwareqpa4340_firmwarewcd9326_firmwarewhs9410pm7250_firmwaresdr845_firmwareqdm5620qln1021aqipq8074asmb1380pmk8002_firmwareqsw6310_firmwaresa8155qln1031_firmwareqdm4650_firmwareqcn5122_firmwarepmm6155au_firmwareqat5533sdx55_firmwareqcn6023_firmwaresm7250p_firmwareqsm7250_firmwareqpm6670pm7150l_firmwareqca6584auqpm4641qat5515_firmwareipq8174pm855qpm8830_firmwarepm8250qcn5052sdm630qdm4643qfs2530_firmwaresa415m_firmwarepmx55qpm4641_firmwareqcn9074wcn3988_firmwarepm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresa8195psdr735_firmwareqpm5677qat5515qca6694qat3514wcd9326wcd9335pm6350_firmwareqcn6023pm8004_firmwaresdr8150_firmwareqcs4290_firmwareqtc800h_firmwareqpm5620qpm4630qca6390wcd9375sd750g_firmwareaqt1000sm6250_firmwarepmm8195auqln4642qpm5677_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwaresmr525_firmwarepm8998wtr3925_firmwareqpm8820_firmwareqln1020_firmwareqpm6621_firmwarepm670a_firmwareqcm6125_firmwarepmx55_firmwareqca6595pm8150_firmwaresmb1398_firmwareqpm8830qat5522pm8150cpmr735bsd665_firmwareqpa4360pmk8003_firmwareqcn5154qca8075_firmwaresc8180xqpa4361ipq6005_firmwareqpm4640_firmwareqpm5577_firmwarewcn6855_firmwareqdm5679_firmwarepm8350csmr525qca9888qca6310_firmwareipq8070a_firmwarepm6150l_firmwarepmr525pm8150a_firmwareqca6574_firmwareqln1036aq_firmwaresd665pm6150a_firmwarepm6150_firmwareqca6175asd765qca6574a_firmwareqpm4630_firmwareqat3555qpa5461sd8c_firmwarewtr2965_firmwarepm670_firmwarecsrb31024_firmwareqfs2608qcn9070_firmwareqln1036aqqtc801sipq6028_firmwareipq8072a_firmwaresc8180x_firmwareqpm5641_firmwareqca9889_firmwaresd710qcn5122pm8008_firmwareqpm6621pmr735a_firmwarepmx50qcn5022sdr8250sd768gqca1064_firmwareqln1030_firmwarepm8004pm640lpmk8002qca8075qcn6024qcn9022sd845sd455_firmwaresdm830ipq6000_firmwareqcs410_firmwareqca6175a_firmwareqpa5580qpm5579sa6150p_firmwareqcs610qcn5550qpm5620_firmwareqdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqat3519qbt2000_firmwareqca4024_firmwarepm855a_firmwareipq8078aqtc800hsa8150p_firmwareqcs2290sdr8250_firmwareqca6335qcn5064csra6620_firmwareqcs605_firmwareqln1020smr546_firmwareqdm5671csra6640_firmwarepmc1000hqpm4650_firmwareqat3518sd8csdr425_firmwaresmr526_firmwareipq8076aqpa5460pm640a_firmwarewgr7640_firmwareqdm2305_firmwareqpm5670_firmwaresd710_firmwareqca6428qdm5652qca6574au_firmwareqcn5164_firmwareipq8071qpm8870wcd9375_firmwareqpm5679qbt2000sa6155_firmwarewcd9360qca6438_firmwarepmx50_firmwareqpa8675_firmwarewhs9410_firmwaresdr735gqpa5460_firmwarewcn3999qdm3301_firmwareqsm7250qcs6125ipq6010sd662_firmwareqcs405rsw8577_firmwareqdm2308_firmwareqca6436wcn6851sa6155pqcs603_firmwareqpa6560sdr675_firmwarewcd9341qdm4643_firmwareqca6431qet4100_firmwaresd750gwcn3910_firmwareqpm5657qpm5875_firmwarewsa8830_firmwaresd855_firmwareqdm5650wcn3988qca6438wtr3925sdr052sa8195p_firmwaresmb1390qet4100qpa8686_firmwareipq5018_firmwareqpm6585qca8337_firmwarewcd9380_firmwaresmb1355ipq8072aqln4650sdr735g_firmwarewgr7640ipq8076a_firmwareqat5568qdm5671_firmwareqet5100qca6564auqpa8801_firmwareqtm527_firmwaresd636wcn6856_firmwarepm8005_firmwareqcn5164qet4101_firmwarepm7250bqln4642_firmwaresmb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwareqcn5054_firmwareqet4200aq_firmwaresdx50m_firmwaresdr735smb1395pm660lsmr526qca8072_firmwarewtr5975qca6430_firmwarepmk8003qcn5052_firmwareqtc801s_firmwareqat3522_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqsw8573qcs605sd7cwcn3910qca6426_firmwarepm8350_firmwareqca9984qcn9024pm8009qpa8675qcn5550_firmwaresdr051_firmwaresdx55mpm670aqca6421_firmwareqat3518_firmwareqsw8574pmi8998sd6905g_firmwarear8031_firmwarepm855lwcn6851_firmwareqdm5670_firmwareipq8070sd8655gpm7150a_firmwarepm8150b_firmwaresmr545_firmwarepmc1000h_firmwareqca6564a_firmwareqdm2310_firmwarepm4250_firmwareqcn5121_firmwaresd8885g_firmwarepm670qdm5677pm8005ipq6018pm855_firmwareqdm2302pmm6155ausdxr1pm855b_firmwareqca6595_firmwareqcs405_firmwareqpm6582_firmwareqpm6375_firmwarepm640l_firmwareqln4650_firmwareqpm5875qet5100msa8155psd675qet4101qat3516pm670lqpm5658ar8035_firmwareqcm2290qpm5658_firmwareqcn5024_firmwarewcn3991_firmwareqdm5652_firmwarepmm8155au_firmwaresdr051qcn9070qln5030qcs2290_firmwarepm4125pmi632qpa2625_firmwarepm456sd7c_firmwarepm8350bh_firmwarecsra6620pmr735b_firmwareqet5100_firmwareqpm4621qcn9072qet6100_firmwarepm670l_firmwaresdr660gsd455sd765g_firmwareqpa8686qca6390_firmwareipq6000sd730_firmwarewcd9370qcn5152_firmwaresdr425pmr525_firmwareqca6584au_firmwareqcn9000_firmwareipq5018pmi632_firmwareqcn7605qpm5541qat5516sd662qpa8821_firmwareqcn5124_firmwaresdr660g_firmwarepm8350bhqca1064pm3003aqca6595auwcn3999_firmwareqca6436_firmwaresmb1354ipq5010qca6564au_firmwareqdm2305sa6155p_firmwareqca6310qpm8820qpm2630qln5020_firmwaresa515m_firmwaresmb1398sa6145p_firmwaresdr675sm6250sd712_firmwarewsa8810_firmwaresd765_firmwareqdm5677_firmwareqca8081qet4200aqipq8071aipq8071a_firmwarewcd9385qpm6325_firmwareqdm2302_firmwareqat3550_firmwarepmm8155auqln5040_firmwarepm4125_firmwarear8035csr8811qpa8673qca6694_firmwareqdm2310qln5030_firmwareqcn9100_firmwaresmb1396_firmwarewcn6850_firmwarewsa8835_firmwareqca6564asmr546pmx24qet6110qln5040qca8072qcm2290_firmwareqpm8895sdr845qpm5670wcn3990qcn9000qtm527pmk8350qcn9012pm8350bqdm2307_firmwarewsa8835qpm5657_firmwaresm6250ppm855asdr660_firmwareqca6574asmb1390_firmwareqca9889ipq8074qpm4640wcn6750qet5100m_firmwareipq8076_firmwareqpm4650qtm525sa515mwtr6955sd855sm4125_firmwaresd8cxipq8076wtr6955_firmwarepm640pqcn5021qcn5152sd768g_firmwaresdr865_firmwarepm8250_firmwaresd460qca6391sd8cx_firmwaresdxr1_firmwaresmb1351ipq6005aqt1000_firmwareqcn9100qpm8895_firmwarepm660aqpa4340qcm4290sdx50mpm640asdr8150smb1395_firmwareqdm4650pmd9655ipq8074_firmwareqca6574ausa8155p_firmwareqsw6310sd8655g_firmwarewcd9341_firmwareqcm6125wsa8810qtc410s_firmwareqpm2630_firmwareqat5568_firmwareqdm2308qat3550wcn6856qdm5679ipq6010_firmwarepm3003a_firmwareqca6696qtc800s_firmwaresm4350sd845_firmwaresmb1381_firmwareqpa2625sa6150pqcn9022_firmwareqpa8688_firmwareipq8070apmm8195au_firmwareqcn9072_firmwaresm7250psd720g_firmwareipq8071_firmwareqcn9074_firmwareqpm4621_firmwaresd636_firmwarepm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-617
Reachable Assertion
CVE-2020-11274
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.69% / 48.12%
||
7 Day CHG~0.00%
Published-07 May, 2021 | 09:10
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in MODEM due to assert to the invalid configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qca9377_firmwarefsm10055qpm5679_firmwaresm6250p_firmwareqcs610qpm5620_firmwareqca8337qdm2307qca6431_firmwareqfs2608_firmwareqfs2530qpm8870_firmwareqpa8802wcd9360_firmwareqpm6585_firmwarepm6125qat3519qbt2000_firmwareqat5522_firmwarepm855a_firmwarewcn3950_firmwarepm8150asc8180x\+sdx55qtc800hqdm5670sdr8250_firmwareqca6595au_firmwareqpa5581_firmwarepm7150lqpa8821pm8998_firmwareqdm5671pmc1000hqpm4650_firmwareqcs6125_firmwareqat3518sd8cpm456_firmwareqpa5580_firmwaresa415mwcn3998wcd9371_firmwaresmr526_firmwarewcn3950sd720gpm640a_firmwareqsw8573_firmwareqdm2305_firmwareqpm5670_firmwareqsw8574_firmwaresmb2351_firmwareqdm5652sd6905gqpa4360_firmwareqca6574au_firmwareqpm8870wcd9375_firmwarewcn3998_firmwareqpm5679qbt2000pm855pqca6420wcd9360pm6150aqpm6670_firmwarepmx50_firmwareqpa8675_firmwarewhs9410_firmwaresdr735gpm8150bqdm3301_firmwareqsm7250qcs6125sa8155_firmwareqca6430qat3522pmr735awcd9340sd765gqdm2308_firmwarefsm10056_firmwaresdr660qca6436wcn6851qpa6560qfs2630_firmwaresdr675_firmwaresdr865qdm5620_firmwarewcd9341qdm4643_firmwareqca6431qca6696_firmwareqln5020wcd9371sd870_firmwareqet4100_firmwaresd750gpmm855au_firmwarewcn3910_firmwareqpm5657pm6350qdm5621qpm5875_firmwarewsa8830_firmwaresd855_firmwareqdm5650wcn3988pm640p_firmwaresdr052smb1390qat5516_firmwarepm6150lsd8885gpm855l_firmwareqet4100qpa8686_firmwareqpm6585qtc410swcn3991qca8337_firmwarewcd9380_firmwaresmb1355qln4650qpa8801sdr735g_firmwareqat5568qet5100qdm5671_firmwareqpa8801_firmwareqca6564aupm8150l_firmwareqat5533_firmwaresdx55m_firmwareqtm527_firmwarewcn6856_firmwarepm8005_firmwaresdxr25gqpa8673_firmwarepm6150qet4101_firmwarepm7250bqln4642_firmwareqfs2630qpa8842sdr052_firmwarewcd9380smb1355_firmwarepm7250b_firmwaresmb1351_firmwareqln4640qcs410smb1380_firmwarepmk8350_firmwaresmb1381pm855p_firmwaresdx50m_firmwaresdr735pm7250smb1395qpa8803sdx24_firmwaresmr526qca6430_firmwarepmk8003qtc801s_firmwarewcn3980qat3522_firmwaresdxr25g_firmwareqdm2301qsw8573wcd9340_firmwarewsa8815wcn6850wcn3910qdm5621_firmwareqdm2301_firmwareqca6426_firmwarepm8350_firmwarepm8009wcn3980_firmwareqpa8675sd730sdr051_firmwaresdx55mpm6250_firmwareqca6421_firmwarepm8008pm8350b_firmwareqtm525_firmwareqat3518_firmwareqsw8574pmi8998sd6905g_firmwaresd678_firmwareqpm5621_firmwarepm855lqln1021aq_firmwarewcn6851_firmwareqdm5670_firmwareqpa6560_firmwaresd8655gqpa8802_firmwareqln4640_firmwarepm7150a_firmwarepm8150b_firmwareqpm5621qpm6582pmc1000h_firmwarepm8009_firmwareqdm2310_firmwareqfs2580_firmwaresd480sd870wcn6855sd8885g_firmwarepm8150lpmi8998_firmwareqcs610_firmwareqdm5677pm8005pm855_firmwareqdm2302pmx60_firmwarepm855b_firmwareqpm6582_firmwareqca6391_firmwarepm640l_firmwarepm8150wcd9370_firmwareqln4650_firmwareqat3516_firmwareqpm5875sdx55qet5100msa8155psd675qet4101qat3555_firmwareqat3516qpa8803_firmwareqpm5658pm855bsmb2351qln1031qpm5658_firmwareqpm5870wcn3991_firmwareqdm5652_firmwarewsa8830sd678sdr051qet6110_firmwareqln5030pm6125_firmwareqbt1500fsm10056qpa5581pmi632qpa2625_firmwarepm456csrb31024pm8350bh_firmwarepmr735b_firmwarepmx24_firmwarefsm10055_firmwareqbt1500_firmwareqpm5870_firmwareqet5100_firmwareqpm4621qet6100_firmwareqet6100pmm855ausd765g_firmwareqpa8686qca6420_firmwareqca6390_firmwaresmb1396sd730_firmwarepm7150awcd9370sd675_firmwarepm8350qpa5461_firmwareqpa4361_firmwarepm8350c_firmwarepmr525_firmwareqca6426qca6584au_firmwarewcn3990_firmwareqca9377qpm5641pmi632_firmwarewcd9385_firmwareqdm5650_firmwarewhs9410qat5516pm7250_firmwaresdr845_firmwareqdm5620qln1021aqsmb1380qpa8821_firmwarepm8350bhpmk8002_firmwareqsw6310_firmwarepm3003asa8155qln1031_firmwareqdm4650_firmwaresdx55_firmwareqat5533qca6595ausm7250p_firmwareqca6436_firmwareqsm7250_firmwareqpm6670pm7150l_firmwareqca6564au_firmwareqca6584auqdm2305qpm8820qpm4641qat5515_firmwareqln5020_firmwaresa515m_firmwarepm855qpm8830_firmwarepm8250smb1398qdm4643qfs2530_firmwaresa415m_firmwarepmx55qpm4641_firmwarewcn3988_firmwaresdr675pm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresdr735_firmwaresm6250wsa8810_firmwareqpm5677qat5515sd765_firmwareqdm5677_firmwarepm6350_firmwarepm8004_firmwareqca6174a_firmwaresdr8150_firmwarewcd9385qtc800h_firmwareqdm2302_firmwareqpm5620qat3550_firmwareqln5040_firmwareqpm4630qca6390wcd9375sd750g_firmwareaqt1000qpa8673sc8180x\+sdx55_firmwaresm6250_firmwareqdm2310qln5030_firmwareqln4642qpm5677_firmwarewsa8815_firmwaresmb1396_firmwaresmr525_firmwarepm8998wcn6850_firmwarewsa8835_firmwareqpm8820_firmwareqpm6621_firmwarepmx24qcm6125_firmwareqet6110qln5040qpm8895sdr845qpm5670wcn3990pmx55_firmwareqtm527pmk8350pm8150_firmwaresdx24smb1398_firmwareqpm8830pm8350bqat5522qdm2307_firmwarewsa8835pm8150cpmr735bsd665_firmwareqpm5657_firmwaresm6250pqpa4360pm855apmk8003_firmwaresdr660_firmwareqpa4361qca6574aqpm4640_firmwarewcn6855_firmwaresmb1390_firmwareqdm5679_firmwareqca6174apm8350csmr525qpm4640pm6150l_firmwarepmr525pm8150a_firmwareqet5100m_firmwareqpm4650qtm525sa515mqln1036aq_firmwaresd855sd8cxsd665pm6150a_firmwarepm6150_firmwaresd765pm640pqca6574a_firmwareqpm4630_firmwaresd768g_firmwaresdr865_firmwareqat3555pm8250_firmwarepmx60qca6391sd8cx_firmwaresmb1351qpa5461aqt1000_firmwaresd8c_firmwareqpm8895_firmwarecsrb31024_firmwaresdx50mpm640aqfs2608sdr8150sd480_firmwareqln1036aqqtc801ssmb1395_firmwareqdm4650qca6574auqpm5641_firmwaresa8155p_firmwareqsw6310pm8008_firmwaresd8655g_firmwarewcd9341_firmwareqcm6125qpm6621wsa8810qtc410s_firmwarepmr735a_firmwareqat5568_firmwareqdm2308pmx50qat3550wcn6856qdm5679sdr8250sd768gpm3003a_firmwareqca6696smb1381_firmwaresd845_firmwarepm8004pm640lpmk8002qpa2625sd845sm7250psd720g_firmwareqpm4621_firmwareqcs410_firmwarepm6250qpa5580Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-617
Reachable Assertion
CVE-2006-4095
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-12.55% / 95.75%
||
7 Day CHG~0.00%
Published-06 Sep, 2006 | 00:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned.

Action-Not Available
Vendor-n/aCanonical Ltd.Apple Inc.Internet Systems Consortium, Inc.
Product-bindmac_os_xubuntu_linuxmac_os_x_servern/a
CWE ID-CWE-617
Reachable Assertion
CVE-2019-6476
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-5.9||MEDIUM
EPSS-2.88% / 85.16%
||
7 Day CHG~0.00%
Published-17 Oct, 2019 | 19:17
Updated-16 Sep, 2024 | 16:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
An error in QNAME minimization code can cause BIND to exit with an assertion failure

A defect in code added to support QNAME minimization can cause named to exit with an assertion failure if a forwarder returns a referral rather than resolving the query. This affects BIND versions 9.14.0 up to 9.14.6, and 9.15.0 up to 9.15.4.

Action-Not Available
Vendor-Internet Systems Consortium, Inc.
Product-bindBIND 9
CWE ID-CWE-617
Reachable Assertion
CVE-2019-6469
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-5.9||MEDIUM
EPSS-1.95% / 77.73%
||
7 Day CHG~0.00%
Published-09 Oct, 2019 | 14:17
Updated-17 Sep, 2024 | 01:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BIND Supported Preview Edition can exit with an assertion failure if ECS is in use

An error in the EDNS Client Subnet (ECS) feature for recursive resolvers can cause BIND to exit with an assertion failure when processing a response that has malformed RRSIGs. Versions affected: BIND 9.10.5-S1 -> 9.11.6-S1 of BIND 9 Supported Preview Edition.

Action-Not Available
Vendor-Internet Systems Consortium, Inc.
Product-bindBIND 9 Supported Preview Edition
CWE ID-CWE-617
Reachable Assertion
CVE-2019-6467
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-5.9||MEDIUM
EPSS-5.42% / 91.72%
||
7 Day CHG~0.00%
Published-09 Oct, 2019 | 14:17
Updated-17 Sep, 2024 | 00:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
An error in the nxdomain redirect feature can cause BIND to exit with an INSIST assertion failure in query.c

A programming error in the nxdomain-redirect feature can cause an assertion failure in query.c if the alternate namespace used by nxdomain-redirect is a descendant of a zone that is served locally. The most likely scenario where this might occur is if the server, in addition to performing NXDOMAIN redirection for recursive clients, is also serving a local copy of the root zone or using mirroring to provide the root zone, although other configurations are also possible. Versions affected: BIND 9.12.0-> 9.12.4, 9.14.0. Also affects all releases in the 9.13 development branch.

Action-Not Available
Vendor-Internet Systems Consortium, Inc.
Product-bindBIND 9
CWE ID-CWE-617
Reachable Assertion
CVE-2019-6468
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-5.3||MEDIUM
EPSS-2.54% / 83.05%
||
7 Day CHG~0.00%
Published-09 Oct, 2019 | 14:17
Updated-16 Sep, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BIND Supported Preview Edition can exit with an assertion failure if nxdomain-redirect is used

In BIND Supported Preview Edition, an error in the nxdomain-redirect feature can occur in versions which support EDNS Client Subnet (ECS) features. In those versions which have ECS support, enabling nxdomain-redirect is likely to lead to BIND exiting due to assertion failure. Versions affected: BIND Supported Preview Edition version 9.10.5-S1 -> 9.11.5-S5. ONLY BIND Supported Preview Edition releases are affected.

Action-Not Available
Vendor-Internet Systems Consortium, Inc.
Product-bindBIND 9 Supported Preview Edition
CWE ID-CWE-617
Reachable Assertion
CVE-2019-25037
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.13% / 79.69%
||
7 Day CHG~0.00%
Published-27 Apr, 2021 | 05:17
Updated-19 Nov, 2024 | 14:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unbound before 1.9.5 allows an assertion failure and denial of service in dname_pkt_copy via an invalid packet. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited

Action-Not Available
Vendor-nlnetlabsn/aDebian GNU/Linux
Product-unbounddebian_linuxn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2019-25036
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.99% / 78.21%
||
7 Day CHG~0.00%
Published-27 Apr, 2021 | 05:17
Updated-05 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unbound before 1.9.5 allows an assertion failure and denial of service in synth_cname. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited

Action-Not Available
Vendor-nlnetlabsn/aDebian GNU/Linux
Product-unbounddebian_linuxn/a
CWE ID-CWE-617
Reachable Assertion
  • Previous
  • 1
  • 2
  • ...
  • 5
  • 6
  • 7
  • Next
Details not found