Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-41584

Summary
Assigner-GitHub_M
Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa
Published At-08 May, 2026 | 15:05
Updated At-08 May, 2026 | 16:04
Rejected At-
Credits

ZEBRA: rk Identity Point Panic in Transaction Verification

ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.1 and prior to zebra-chain version 6.0.2, Orchard transactions contain a rk field which is a randomized validating key and also an elliptic curve point. The Zcash specification allows the field to be the identity (a "zero" value), however, the orchard crate which is used to verify Orchard proofs would panic when fed a rk with the identity value. Thus an attacker could send a crafted transaction that would make a Zebra node crash. This issue has been patched in zebrad version 4.3.1 and zebra-chain version 6.0.2.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:GitHub_M
Assigner Org ID:a0819718-46f1-4df5-94e2-005712e83aaa
Published At:08 May, 2026 | 15:05
Updated At:08 May, 2026 | 16:04
Rejected At:
â–¼CVE Numbering Authority (CNA)
ZEBRA: rk Identity Point Panic in Transaction Verification

ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.1 and prior to zebra-chain version 6.0.2, Orchard transactions contain a rk field which is a randomized validating key and also an elliptic curve point. The Zcash specification allows the field to be the identity (a "zero" value), however, the orchard crate which is used to verify Orchard proofs would panic when fed a rk with the identity value. Thus an attacker could send a crafted transaction that would make a Zebra node crash. This issue has been patched in zebrad version 4.3.1 and zebra-chain version 6.0.2.

Affected Products
Vendor
ZcashFoundation
Product
zebra
Versions
Affected
  • zebra-chain < 6.0.2
  • zebrad < 4.3.1
Problem Types
TypeCWE IDDescription
CWECWE-617CWE-617: Reachable Assertion
Type: CWE
CWE ID: CWE-617
Description: CWE-617: Reachable Assertion
Metrics
VersionBase scoreBase severityVector
4.09.2CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
Version: 4.0
Base score: 9.2
Base severity: CRITICAL
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/ZcashFoundation/zebra/security/advisories/GHSA-452v-w3gx-72wg
x_refsource_CONFIRM
Hyperlink: https://github.com/ZcashFoundation/zebra/security/advisories/GHSA-452v-w3gx-72wg
Resource:
x_refsource_CONFIRM
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security-advisories@github.com
Published At:08 May, 2026 | 15:16
Updated At:08 May, 2026 | 18:21

ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.1 and prior to zebra-chain version 6.0.2, Orchard transactions contain a rk field which is a randomized validating key and also an elliptic curve point. The Zcash specification allows the field to be the identity (a "zero" value), however, the orchard crate which is used to verify Orchard proofs would panic when fed a rk with the identity value. Thus an attacker could send a crafted transaction that would make a Zebra node crash. This issue has been patched in zebrad version 4.3.1 and zebra-chain version 6.0.2.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.09.2CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 4.0
Base score: 9.2
Base severity: CRITICAL
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CPE Matches
zfnd
zfnd
>>zebra-chain>>Versions before 6.0.2(exclusive)
cpe:2.3:a:zfnd:zebra-chain:*:*:*:*:*:rust:*:*
zfnd
zfnd
>>zebrad>>Versions before 4.3.1(exclusive)
cpe:2.3:a:zfnd:zebrad:*:*:*:*:*:rust:*:*
Weaknesses
CWE IDTypeSource
CWE-617Primarysecurity-advisories@github.com
CWE ID: CWE-617
Type: Primary
Source: security-advisories@github.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/ZcashFoundation/zebra/security/advisories/GHSA-452v-w3gx-72wgsecurity-advisories@github.com
Vendor Advisory
Hyperlink: https://github.com/ZcashFoundation/zebra/security/advisories/GHSA-452v-w3gx-72wg
Source: security-advisories@github.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

277Records found
CVE-2023-27783
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.76% / 82.71%
||
7 Day CHG~0.00%
Published-16 Mar, 2023 | 00:00
Updated-26 Feb, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue found in TCPreplay tcprewrite v.4.4.3 allows a remote attacker to cause a denial of service via the tcpedit_dlt_cleanup function at plugins/dlt_plugins.c.

Action-Not Available
Vendor-n/aBroadcom Inc.
Product-tcpreplayn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2022-33254
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.36% / 58.23%
||
7 Day CHG~0.00%
Published-07 Mar, 2023 | 04:43
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reachable assertion in Modem

Transient DOS due to reachable assertion in Modem while processing SIB1 Message.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830qca8337qca6431_firmwaresnapdragon_4_gen_1_firmwaresdx65sd765g_firmwareqca6595au_firmwareqca6390_firmwaresd690_5gwcd9370qca6426wcn3998wcd9385_firmwaresdxr2_5g_firmwareqcn6024_firmwaresd_8_gen1_5g_firmwarewcn7850qca6574au_firmwaresdx55_firmwareqca6595auqca8081_firmwarewcd9375_firmwarewcn3998_firmwaresm7250p_firmwareqca6436_firmwaresd778gsa515m_firmwareqcs6490wcn7851sdxr2_5gwcn3988_firmwareqca6421sd778g_firmwarewsa8810_firmwaresd765gsd765_firmwareqca6436wcn6851qca8081wcn7851_firmwarewcd9385wcd9341qca6431qca6696_firmwareqcs6490_firmwaresd750gsd870_firmwaresdx70m_firmwareqca6390ar8035sd750g_firmwareaqt1000wcd9375wsa8830_firmwaresd855_firmwaresd865_5g_firmwaresnapdragon_4_gen_1qcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewcn7850_firmwarewsa8815_firmwarewsa8835_firmwareqcx315sm8475wcn6750_firmwarewcn3991qca8337_firmwarewcd9380_firmwaresd780gsd865_5gsdx55m_firmwarewcn6856_firmwarewsa8835qcx315_firmwarewcd9380sd888_5gqca6574asd690_5g_firmwaresdx50m_firmwarewcn6855_firmwaresm7325pwcn6750sa515msd855wsa8815sm7325p_firmwarewcn6850sdx57m_firmwaresd765qca6426_firmwareqca6574a_firmwaresd695sd768g_firmwareqcn9024qca6391sdx55mqca6421_firmwareaqt1000_firmwarewcn6740_firmwaresdx65_firmwareqcm6490_firmwaresdx50msd480_firmwarewcn6851_firmwareqca6574auqcn9024_firmwaresdx57mwcd9341_firmwaresd480sd870wsa8810wcn6855wcn6856sd695_firmwaresd768gwcn6740qca6696qca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55qcn6024sdx70msm7250par8035_firmwareSnapdragonwcn3991_firmwareqca8337_firmwarewcd9380_firmwareqca6431_firmwaresdx55m_firmwarewcn6856_firmwaresnapdragon_4_gen_1_firmwareqcx315_firmwaresd765g_firmwareqca6595au_firmwareqca6390_firmwaresd690_5g_firmwaresdx50m_firmwarewcn6855_firmwarewcd9385_firmwaresdxr2_5g_firmwareqcn6024_firmwaresd_8_gen1_5g_firmwaresm7325p_firmwaresdx57m_firmwareqca6426_firmwareqca6574a_firmwareqca6574au_firmwaresd768g_firmwaresdx55_firmwarewcd9375_firmwareqca8081_firmwarewcn3998_firmwaresm7250p_firmwareqca6436_firmwareqca6421_firmwareaqt1000_firmwarewcn6740_firmwaresdx65_firmwaresa515m_firmwareqcm6490_firmwaresd480_firmwarewcn6851_firmwarewcn3988_firmwaresd778g_firmwareqcn9024_firmwarewsa8810_firmwarewcd9341_firmwaresd765_firmwarewcn7851_firmwaresd695_firmwareqca6696_firmwareqcs6490_firmwaresd870_firmwaresdx70m_firmwareqca6391_firmwaresd750g_firmwaresd780g_firmwarewcd9370_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewsa8815_firmwaresd888_5g_firmwarewsa8835_firmwarewcn6850_firmwarewcn7850_firmwarewcn6750_firmwarear8035_firmware
CWE ID-CWE-617
Reachable Assertion
CVE-2022-25691
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.36% / 58.06%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in Modem due to reachable assertion while processing SIB1 with invalid SCS and bandwidth settings in Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwareqca8081_firmwarewsa8835wcn3998qcn6024_firmwareqca8337_firmwarewsa8810_firmwarewsa8815_firmwaresd695_firmwarewcd9380wcn7850wcd9385wcn7850_firmwaresd695sdx65wcd9385_firmwaresd480_firmwaresm4375wcd9375qca8081wcd9375_firmwarear8035_firmwarewsa8810wcn6856_firmwarewsa8830wcn6856wsa8815sm8475wcn3988wsa8835_firmwaresd480sm4375_firmwarewcn7851_firmwarear8035qcn9024_firmwarewcn6855_firmwareqcn9024wcn3998_firmwarewcn6855wcn3988_firmwarewcd9370_firmwarewcn7851sdx65_firmwareqcn6024wsa8830_firmwarewcd9370qca8337sd_8_gen1_5g_firmwareSnapdragon Mobile
CWE ID-CWE-617
Reachable Assertion
CVE-2022-24777
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.33% / 56.26%
||
7 Day CHG~0.00%
Published-25 Mar, 2022 | 16:35
Updated-23 Apr, 2025 | 18:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Denial of Service via reachable assertion in grpc-swift

grpc-swift is the Swift language implementation of gRPC, a remote procedure call (RPC) framework. Prior to version 1.7.2, a grpc-swift server is vulnerable to a denial of service attack via a reachable assertion. This is due to incorrect logic when handling GOAWAY frames. The attack is low-effort: it takes very little resources to construct and send the required sequence of frames. The impact on availability is high as the server will crash, dropping all in flight connections and requests. This issue is fixed in version 1.7.2. There are currently no known workarounds.

Action-Not Available
Vendor-grpcThe Linux Foundation
Product-grpc_swiftgrpc-swift
CWE ID-CWE-617
Reachable Assertion
CVE-2022-32082
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.18% / 38.63%
||
7 Day CHG~0.00%
Published-01 Jul, 2022 | 00:00
Updated-03 Aug, 2024 | 07:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MariaDB v10.5 to v10.7 was discovered to contain an assertion failure at table->get_ref_count() == 0 in dict0dict.cc.

Action-Not Available
Vendor-n/aMariaDB FoundationFedora Project
Product-mariadbfedoran/a
CWE ID-CWE-617
Reachable Assertion
CVE-2025-46705
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-7.5||HIGH
EPSS-0.06% / 17.04%
||
7 Day CHG~0.00%
Published-05 Nov, 2025 | 14:56
Updated-07 Nov, 2025 | 20:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability exists in the g_assert_not_reached functionality of Entr&#39;ouvert Lasso 2.5.1 and 2.8.2. A specially crafted SAML assertion response can lead to a denial of service. An attacker can send a malformed SAML response to trigger this vulnerability.

Action-Not Available
Vendor-entrouvertEntr'ouvert
Product-lassoLasso
CWE ID-CWE-617
Reachable Assertion
CVE-2022-22060
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.14% / 34.04%
||
7 Day CHG~0.00%
Published-06 Jun, 2023 | 07:38
Updated-03 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reachable Assertion in Modem

Assertion occurs while processing Reconfiguration message due to improper validation

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sm7325-ae_firmware315_5g_iot_modem_firmwareqca8337wcn785x-5qca6431_firmwarewcd9360_firmwaresm7250-ac_firmwareqca6595au_firmwareqca6390_firmwaresm8350wcd9370qca6426wcn685x-1sm7350-ab_firmwaresm8450sm4375wcn3998sm8250-abwcd9385_firmwareqcn6024_firmwaresm6375_firmwaresm7325-afsm7315_firmwaresm7325-aesnapdragon_x55_5g_modem-rf_systemqca6574au_firmwaresdx55_firmwareqca6595auwcn3998_firmwareqca8081_firmwaresm7325-af_firmwaresm7250p_firmwarewcd9375_firmwarewcd9360qca6436_firmwaresm4350-acsnapdragon_auto_5g_modem-rf_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcs6490qca6698aqsm8250_firmwaresm7250-ab_firmwaresm8250-acwcn3988_firmware315_5g_iot_modemqca6421sm7250-aawsa8810_firmwaresm4375_firmwaresm8450_firmwareqca6436qca8081qca6698aq_firmwarewcn685x-1_firmwarewcd9385sm8150_firmwaresxr2130_firmwarewcd9341qca6431qca6696_firmwareqcs6490_firmwareqca6390ar8035sm4350_firmwarewcd9375sm8250-ac_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwaresm7225_firmwaresnapdragon_7c\+_gen_3_compute_firmwareqcm6490sm8150wcn3988wsa8815_firmwarewsa8835_firmwaresm7350-absm8475wcn6750_firmwarewcn785x-1sm6375wcn3991qca8337_firmwarewcd9380_firmwaresd865_5gsm8350-ac_firmwaresm8150-acsd888wsa8835snapdragon_7c\+_gen_3_computesnapdragon_auto_5g_modem-rfwcd9380sxr2130qca6574awcn685x-5_firmwaresm7325psm7325wcn6750sm7225sm7250-absd855wsa8815sm7325p_firmwaresdx57m_firmwaresnapdragon_xr2_5g_platform_firmwareqca6426_firmwareqca6574a_firmwareqcn9024wcn785x-5_firmwaresm7315sm8250-ab_firmwareqca6391snapdragon_x55_5g_modem-rf_system_firmwareqca6421_firmwaresm6350sm8475_firmwarewcn6740_firmwaresnapdragon_xr2_5g_platformsnapdragon_x65_5g_modem-rf_systemqcm6490_firmwaresm8350_firmwarewcn685x-5sm6350_firmwarewcn785x-1_firmwareqca6574auqcn9024_firmwaresdx57mwcd9341_firmwarewsa8810sm7250-aa_firmwaresm7250-acsm8150-ac_firmwaresm8350-acwcn6740qca6696qca6391_firmwaresm4350wcd9370_firmwaresm4350-ac_firmwaresdx55sd888_firmwaresm8250qcn6024sm7250par8035_firmwaresm7325_firmwareSnapdragonwcn6740_firmwaresnapdragon_auto_5g_modem-rf_firmwareqca8337_firmwaresnapdragon_x65_5g_modem-rf_system_firmwaresnapdragon_778g_5g_mobile_platform_firmwaresnapdragon_690_5g_mobile_platform_firmwarewcd9380_firmware315_5g_iot_modem_firmwareqcm6490_firmwarewsa8835_firmwareqca6431_firmwarefastconnect_6900_firmwarewcd9360_firmwarewcn3988_firmwarefastconnect_6700_firmwareqcn9024_firmwarewsa8810_firmwaresnapdragon_888_5g_mobile_platform_firmwarewcd9341_firmwarefastconnect_7800_firmwareqca6595au_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqca6698aq_firmwaresnapdragon_480_5g_mobile_platform_firmwaresxr2130_firmwareqca6696_firmwareqcs6490_firmwareqca6391_firmwarewcd9385_firmwareqcn6024_firmwaresnapdragon_855_mobile_platform_firmwarewcd9370_firmwaresd888_firmwaresm7325p_firmwarewsa8830_firmwaresdx57m_firmwaresd855_firmwaresd865_5g_firmwaresnapdragon_xr2_5g_platform_firmwareqca6426_firmwarewsa8815_firmwaresm7315_firmwareqca6574a_firmwarefastconnect_6200_firmwareqca6574au_firmwaresdx55_firmwaresnapdragon_695_5g_mobile_platform_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresnapdragon_865_5g_mobile_platform_firmwareqca8081_firmwarefastconnect_6800_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresm7250p_firmwarewcd9375_firmwareqca6436_firmwarear8035_firmwaresnapdragon_750g_5g_mobile_platform_firmwareqca6421_firmware
CWE ID-CWE-617
Reachable Assertion
CVE-2022-1183
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-7.5||HIGH
EPSS-0.39% / 60.26%
||
7 Day CHG~0.00%
Published-19 May, 2022 | 09:55
Updated-17 Sep, 2024 | 04:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Destroying a TLS session early causes assertion failure

On vulnerable configurations, the named daemon may, in some circumstances, terminate with an assertion failure. Vulnerable configurations are those that include a reference to http within the listen-on statements in their named.conf. TLS is used by both DNS over TLS (DoT) and DNS over HTTPS (DoH), but configurations using DoT alone are unaffected. Affects BIND 9.18.0 -> 9.18.2 and version 9.19.0 of the BIND 9.19 development branch.

Action-Not Available
Vendor-NetApp, Inc.Internet Systems Consortium, Inc.
Product-h500sh410s_firmwareh700s_firmwareh410c_firmwareh300s_firmwareh500s_firmwareh410sbindh410ch300sh700sBIND9
CWE ID-CWE-617
Reachable Assertion
CVE-2025-40777
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-7.5||HIGH
EPSS-0.03% / 8.08%
||
7 Day CHG~0.00%
Published-16 Jul, 2025 | 17:38
Updated-04 Nov, 2025 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
A possible assertion failure when 'stale-answer-client-timeout' is set to '0'

If a `named` caching resolver is configured with `serve-stale-enable` `yes`, and with `stale-answer-client-timeout` set to `0` (the only allowable value other than `disabled`), and if the resolver, in the process of resolving a query, encounters a CNAME chain involving a specific combination of cached or authoritative records, the daemon will abort with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.10, 9.21.0 through 9.21.9, and 9.20.9-S1 through 9.20.10-S1.

Action-Not Available
Vendor-Internet Systems Consortium, Inc.
Product-BIND 9
CWE ID-CWE-617
Reachable Assertion
CVE-2022-0635
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-7.5||HIGH
EPSS-0.78% / 73.80%
||
7 Day CHG~0.00%
Published-23 Mar, 2022 | 11:55
Updated-17 Sep, 2024 | 02:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Versions affected: BIND 9.18.0 When a vulnerable version of named receives a series of specific queries, the named process will eventually terminate due to a failed assertion check.

Action-Not Available
Vendor-NetApp, Inc.Internet Systems Consortium, Inc.
Product-h300eh500sh300s_firmwareh410c_firmwareh410sh300sh300e_firmwareh500eh410s_firmwareh700s_firmwareh500s_firmwareh500e_firmwareh700ebindh410ch700e_firmwareh700sBIND
CWE ID-CWE-617
Reachable Assertion
CVE-2024-45795
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.68% / 71.59%
||
7 Day CHG~0.00%
Published-16 Oct, 2024 | 18:34
Updated-02 Apr, 2026 | 14:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Suricata detect/datasets: reachable assertion with unimplemented rule option

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, rules using datasets with the non-functional / unimplemented "unset" option can trigger an assertion during traffic parsing, leading to denial of service. This issue is addressed in 7.0.7. As a workaround, use only trusted and well tested rulesets.

Action-Not Available
Vendor-oisfOISF
Product-suricatasuricata
CWE ID-CWE-617
Reachable Assertion
CVE-2021-45290
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.36% / 58.32%
||
7 Day CHG~0.00%
Published-21 Dec, 2021 | 17:25
Updated-04 Aug, 2024 | 04:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Denial of Service vulnerability exits in Binaryen 103 due to an assertion abort in wasm::handle_unreachable.

Action-Not Available
Vendor-webassemblyn/aFedora Project
Product-binaryenfedoran/a
CWE ID-CWE-617
Reachable Assertion
CVE-2022-29339
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.40% / 60.90%
||
7 Day CHG~0.00%
Published-05 May, 2022 | 12:44
Updated-03 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In GPAC 2.1-DEV-rev87-g053aae8-master, function BS_ReadByte() in utils/bitstream.c has a failed assertion, which causes a Denial of Service. This vulnerability was fixed in commit 9ea93a2.

Action-Not Available
Vendor-n/aGPAC
Product-gpacn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2022-27448
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.17% / 38.13%
||
7 Day CHG~0.00%
Published-14 Apr, 2022 | 12:56
Updated-03 Aug, 2024 | 05:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an Assertion failure in MariaDB Server v10.9 and below via 'node->pcur->rel_pos == BTR_PCUR_ON' at /row/row0mysql.cc.

Action-Not Available
Vendor-n/aMariaDB FoundationDebian GNU/Linux
Product-debian_linuxmariadbn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2021-38291
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.33% / 56.21%
||
7 Day CHG~0.00%
Published-12 Aug, 2021 | 00:00
Updated-04 Aug, 2024 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FFmpeg version (git commit de8e6e67e7523e48bb27ac224a0b446df05e1640) suffers from a an assertion failure at src/libavutil/mathematics.c.

Action-Not Available
Vendor-n/aDebian GNU/LinuxFFmpeg
Product-ffmpegdebian_linuxn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2022-25673
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.36% / 58.06%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in MODEM due to reachable assertion while processing configuration from network in Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-ar8035_firmwarewcd9380_firmwarewcn6856_firmwarewsa8830wcn6856sm8475qca8081_firmwarewsa8835_firmwarewsa8835wcn7851_firmwarear8035qcn9024_firmwarewcn6855_firmwareqcn9024qcn6024_firmwareqca8337_firmwarewcn6855wcn7851sdx65_firmwarewcd9380wcn7850qcn6024wcn7850_firmwarewsa8830_firmwaresdx65qca8337sd_8_gen1_5g_firmwareqca8081Snapdragon Mobile
CWE ID-CWE-617
Reachable Assertion
CVE-2021-36691
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.30% / 53.57%
||
7 Day CHG~0.00%
Published-30 Aug, 2021 | 19:53
Updated-04 Aug, 2024 | 01:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libjxl v0.5.0 is affected by a Assertion failed issue in lib/jxl/image.cc jxl::PlaneBase::PlaneBase(). When encoding a malicous GIF file using cjxl, an attacker can trigger a denial of service.

Action-Not Available
Vendor-libjxl_projectn/a
Product-libjxln/a
CWE ID-CWE-617
Reachable Assertion
CVE-2021-35073
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.37% / 58.82%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 09:50
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible assertion due to improper validation of rank restriction field in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewcn3991wsa8830qca8337_firmwarewcd9380_firmwaresd780gqca8337sd865_5gqca6431_firmwaresdx55m_firmwarewcn6856_firmwarewcd9360_firmwaresd888sdx65wsa8835wcd9380sd765g_firmwaresd888_5gqca6595au_firmwareqca6390_firmwaresd690_5gwcd9370qca6574asd690_5g_firmwarewcn6855_firmwaresm7325pqca6426wcn6750wcn3998wcd9385_firmwaresdxr2_5g_firmwaresa515msd_8_gen1_5g_firmwaresd855wsa8815sm7325p_firmwarewcn6850sd765qca6426_firmwaresm7315_firmwareqca6574a_firmwaresd695sd768g_firmwaresdx55_firmwareqca6595auqca8081_firmwarewcd9375_firmwarewcn3998_firmwaresm7250p_firmwaresm7315qca6391wcd9360qca6436_firmwaresdx55mqca6421_firmwarewcn6740_firmwaresd778gsdx65_firmwaresa515m_firmwareqcs6490qcm6490_firmwaresdxr2_5gsd480_firmwarewcn6851_firmwarewcn3988_firmwareqca6421sd778g_firmwarewsa8810_firmwaresd765gwcd9341_firmwaresd480sd765_firmwaresd870qca6436wcn6851wsa8810wcn6855qca8081wcn6856wcd9385wcd9341sd695_firmwaresd768gqca6431qca6696_firmwareqcs6490_firmwaresd750gsd870_firmwarewcn6740qca6696qca6391_firmwareqca6390ar8035sd750g_firmwarewcd9375sd780g_firmwarewcd9370_firmwaresdx55sd888_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresm7250psm8475wcn6750_firmwarear8035_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-617
Reachable Assertion
CVE-2022-25702
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.36% / 58.06%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in modem due to reachable assertion while processing reconfiguration message in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwarewcd9340_firmwarewcn3615_firmwaresd429_firmwareapq8037_firmwareapq8009sd855_firmwaresdx50mqcn6024_firmwaresdx55qca6421wcn3610_firmwarewcn7850qca6426_firmwaremsm8937wcn3660bwcn3660b_firmwaresm4375sd205_firmwarewsa8830sd768gwcn6740_firmwarewcn6856wsa8815qca6390sda429w_firmwaresdx50m_firmwarewcn3680bsd480wcn7851_firmwarewcn3620_firmwaresd855wcd9340wcn6850sdx55_firmwaremsm8608sdxr2_5g_firmwareapq8037qcn6024sd765g_firmwarewcn3680b_firmwaremsm8108_firmwaresd865_5g_firmwareqca6421_firmwareapq8017_firmwaresdm429w_firmwarewcn6750msm8917_firmwaresd695_firmwarewcd9380msm8108qca6431_firmwaremsm8208sd695sd480_firmwareqca8081wcd9375_firmwarear8035_firmwaresd888sm7315_firmwarewcn6856_firmwaresd870aqt1000qca6390_firmwarear8035qcn9024_firmwarewcn6855_firmwarewcn6855sd780g_firmwareqcx315_firmwaresdx65_firmwaresd870_firmwaresa515mqca6431sa515m_firmwarewcd9370sd888_firmwarewcn3980sd429sd439_firmwaresd690_5gsm7315qca8081_firmwaresd765_firmwaresd765gwsa8835sdx55mmsm8208_firmwaremsm8917wcn3998wcn6850_firmwarewsa8810_firmwareqca8337_firmwarewsa8815_firmwarewcn3991_firmwarewcn6740msm8608_firmwarewcd9385qca6436wcn7850_firmwaresdx65wcd9385_firmwarewcn6750_firmwarewsa8810sd210aqt1000_firmwarewsa8835_firmwaresm4375_firmwaresm7250p_firmwareapq8009_firmwareqca6391qcn9024wcn3991wcn3998_firmwarewcn6851wcd9370_firmwaresd439sda429wqcx315sd210_firmwarewsa8830_firmwareqca8337sd_8_gen1_5g_firmwarefsm10055_firmwaresdxr2_5gfsm10055wcd9341wcn3980_firmwarewcn6851_firmwaresdm429wwcd9326qca6391_firmwaresd205wcd9326_firmwaresm7250pmsm8937_firmwarewcn3610msm8209apq8017wcd9375sd750g_firmwaresd865_5gsd780gqca6426sdx55m_firmwaresd690_5g_firmwaresm8475wcn3988wcn3615sd750gwcn3620sd765sd768g_firmwarewcn3988_firmwarewcn7851msm8209_firmwareqca6436_firmwarewcd9341_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-617
Reachable Assertion
CVE-2022-25692
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.36% / 58.23%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in Modem due to reachable assertion while processing the common config procedure in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd429wcd9380_firmwareqca6595au_firmwaresd429_firmwaresd690_5gqca8081_firmwaresd765_firmwaresd765gwsa8835sdx55mwcn3998wcn6850_firmwareqcn6024_firmwareqcs6490sdx55wsa8810_firmwareqca8337_firmwarewsa8815_firmwarewcn3991_firmwareqca6696wcn6740wcn3610_firmwarewcn7850wcd9385wcn3660bwcn7850_firmwaresdx65wcd9385_firmwarewcn3660b_firmwaresm4375wcn6750_firmwarewsa8810wcd9360_firmwarewcd9341_firmwarewsa8830sd888_5gsd768gwcn6740_firmwarewcn6856wsa8815qca6390sda429w_firmwarewcn3680bwsa8835_firmwaresd480wcn7851_firmwarewcn3620_firmwaresm4375_firmwaresm7250p_firmwareqcs6490_firmwareqca6391qcn9024wcn3991wcn3998_firmwarewcn6850wcn6851sdx55_firmwaresd778g_firmwarewcd9370_firmwareqca6574a_firmwareqcm6490sda429wqcn6024sdx57mqcx315sd888_5g_firmwarewsa8830_firmwareqca8337sd765g_firmwarewcn3680b_firmwareqca6574asd_8_gen1_5g_firmwaresd865_5g_firmwarewcd9341wcn3980_firmwarewcn6851_firmwaresdm429w_firmwaresdm429wwcn6750sm7325pqca6391_firmwaresm7250psd695_firmwarewcd9380wcn3610sd695sd480_firmwarewcd9375qca8081wcd9375_firmwarear8035_firmwareqca6696_firmwaresd865_5gsm7325p_firmwaresd780gwcn6856_firmwaresd870sdx57m_firmwaresdx55m_firmwaresd690_5g_firmwaresm8475sd778gwcn3988qca6390_firmwarear8035qcn9024_firmwarewcn6855_firmwarewcn3620sd765sd768g_firmwarewcd9360wcn6855sd780g_firmwareqcx315_firmwarewcn3988_firmwarewcn7851sdx65_firmwaresd870_firmwareqcm6490_firmwaresa515msa515m_firmwareqca6595auwcd9370wcn3980Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-617
Reachable Assertion
CVE-2021-3430
Matching Score-4
Assigner-Zephyr Project
ShareView Details
Matching Score-4
Assigner-Zephyr Project
CVSS Score-6.5||MEDIUM
EPSS-0.33% / 56.26%
||
7 Day CHG~0.00%
Published-28 Jun, 2022 | 19:45
Updated-16 Sep, 2024 | 23:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BT: Assertion failure on repeated LL_CONNECTION_PARAM_REQ

Assertion reachable with repeated LL_CONNECTION_PARAM_REQ. Zephyr versions >= v1.14 contain Reachable Assertion (CWE-617). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-46h3-hjcq-2jjr

Action-Not Available
Vendor-Zephyr Project
Product-zephyrzephyr
CWE ID-CWE-617
Reachable Assertion
CVE-2022-25671
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.26% / 49.27%
||
7 Day CHG~0.00%
Published-15 Nov, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in MODEM due to reachable assertion in Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-ar8035_firmwarewcd9380_firmwarewcn6856_firmwarewsa8830wcn6856sm8475qca8081_firmwarewsa8835_firmwarewsa8835wcn7851_firmwarear8035qcn9024_firmwarewcn6855_firmwareqcn9024qcn6024_firmwareqca8337_firmwarewcn6855wcn7851sdx65_firmwarewcd9380wcn7850qcn6024wcn7850_firmwarewsa8830_firmwaresdx65qca8337sd_8_gen1_5g_firmwareqca8081Snapdragon Mobile
CWE ID-CWE-617
Reachable Assertion
CVE-2021-3454
Matching Score-4
Assigner-Zephyr Project
ShareView Details
Matching Score-4
Assigner-Zephyr Project
CVSS Score-4.3||MEDIUM
EPSS-0.33% / 56.26%
||
7 Day CHG~0.00%
Published-19 Oct, 2021 | 22:50
Updated-17 Sep, 2024 | 00:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Truncated L2CAP K-frame causes assertion failure

Truncated L2CAP K-frame causes assertion failure. Zephyr versions >= 2.4.0, >= v.2.50 contain Improper Handling of Length Parameter Inconsistency (CWE-130), Reachable Assertion (CWE-617). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-fx88-6c29-vrp3

Action-Not Available
Vendor-Zephyr Project
Product-zephyrzephyr
CWE ID-CWE-130
Improper Handling of Length Parameter Inconsistency
CWE ID-CWE-617
Reachable Assertion
CVE-2021-3431
Matching Score-4
Assigner-Zephyr Project
ShareView Details
Matching Score-4
Assigner-Zephyr Project
CVSS Score-4.3||MEDIUM
EPSS-0.39% / 60.01%
||
7 Day CHG~0.00%
Published-28 Jun, 2022 | 19:45
Updated-16 Sep, 2024 | 22:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BT: Assertion failure on repeated LL_FEATURE_REQ

Assertion reachable with repeated LL_FEATURE_REQ. Zephyr versions >= v2.5.0 contain Reachable Assertion (CWE-617). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7548-5m6f-mqv9

Action-Not Available
Vendor-Zephyr Project
Product-zephyrzephyr
CWE ID-CWE-617
Reachable Assertion
CVE-2021-3326
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.17% / 38.11%
||
7 Day CHG~0.00%
Published-27 Jan, 2021 | 00:00
Updated-09 Jun, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.

Action-Not Available
Vendor-n/aNetApp, Inc.GNUDebian GNU/LinuxFujitsu LimitedOracle Corporation
Product-m10-4scommunications_cloud_native_core_security_edge_protection_proxym12-2sm12-2_firmwarem12-2s_firmwarem10-4s_firmwarem12-2m10-1_firmwarem10-1m12-1_firmwaredebian_linuxe-series_santricity_os_controllerm12-1m10-4glibcm10-4_firmwareontap_select_deploy_administration_utilityn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2021-33600
Matching Score-4
Assigner-126858f1-1b65-4b74-81ca-7034f7f7723f
ShareView Details
Matching Score-4
Assigner-126858f1-1b65-4b74-81ca-7034f7f7723f
CVSS Score-5.4||MEDIUM
EPSS-0.37% / 58.95%
||
7 Day CHG~0.00%
Published-28 Sep, 2021 | 09:06
Updated-03 Aug, 2024 | 23:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Denial of Service Vulnerability in Web Interface of F-Secure Internet Gatekeeper

A denial-of-service (DoS) vulnerability was discovered in the web user interface of F-Secure Internet Gatekeeper. The vulnerability occurs because of an attacker can trigger assertion via malformed HTTP packet to web interface. An unauthenticated attacker could exploit this vulnerability by sending a large username parameter. A successful exploitation could lead to a denial-of-service of the product.

Action-Not Available
Vendor-F-Secure Corporation
Product-internet_gatekeeperF-Secure Internet Gatekeeper
CWE ID-CWE-617
Reachable Assertion
CVE-2021-30273
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.26% / 49.27%
||
7 Day CHG~0.00%
Published-03 Jan, 2022 | 07:25
Updated-03 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible assertion due to improper handling of IPV6 packet with invalid length in destination options header in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwaresd678mdm9640_firmwaresa6150p_firmwaresa8145p_firmwareqcs610sm6250p_firmwarecsrb31024mdm9628_firmwaremdm9650wcn3950_firmwaremdm9250sa8150p_firmwareqca6595au_firmwaresd730_firmwarewcd9370sd_675_firmwaresd675_firmwareqca6584au_firmwarewcn3990_firmwareqca9377sa415msdw2500_firmwaresd_8cx_firmwarewcn3950mdm9628sd720gmdm9206_firmwareqsw8573_firmwarewcn3660bqca6584qca6574au_firmwareqca6595auwcd9375_firmwaremsm8909wapq8009w_firmwarewcn3610_firmwaremdm9207qca6564au_firmwareqca6584ausa6155p_firmwareqca9367_firmwarewcd9306mdm8207sd429qca9367qca4004_firmwaremdm9607_firmwaresa415m_firmwarewcn3988_firmwaresa6145p_firmwaresd205sd429_firmwaresm6250wcd9306_firmwarewcd9340sa8195pwcd9335sa6155pqca6174a_firmwaremdm9250_firmwareqca6696_firmwarewcd9375sd_8cxsa8150psm6250_firmwaremdm9207_firmwareqca4004sda429wsd210wcn3620_firmwaresdx20_firmwarewcn3988wcn3620sa8195p_firmwareqca6564aar6003wcn3610mdm9640wcn3991sda429w_firmwarewcd9380_firmwarewcn3990sd_675sdm429wmsm8996au_firmwarewcd9330qca6564ausdx24qet4101_firmwaremsm8909w_firmwareqca6574msm8996ausdm429w_firmwaresd665_firmwarewcd9380sm6250pqcs410qca6574amdm9206qca6174asdx24_firmwarewcd9335_firmwarewcn3980mdm9615qsw8573mdm9205qca6574_firmwarewcd9340_firmwaresd665qca6584_firmwaremdm9650_firmwaremdm9215_firmwarewcn3660b_firmwareqca6574a_firmwarewcn3980_firmwaresd730wcd9330_firmwarear6003_firmwaresd678_firmwarecsrb31024_firmwaresdx20mdm9215qca6574ausa8155p_firmwaremdm9607sd205_firmwareqca6564a_firmwareapq8009wsd210_firmwareqcs610_firmwaresa6145papq8096ausa8145pmdm8207_firmwareqca6696mdm9205_firmwarewcd9370_firmwaresa6150psdw2500apq8096au_firmwaresa8155psd675mdm9615_firmwareqet4101sd720g_firmwareqcs410_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
CWE ID-CWE-617
Reachable Assertion
CVE-2021-30328
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.24% / 47.73%
||
7 Day CHG~0.00%
Published-01 Apr, 2022 | 04:40
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible assertion due to improper validation of invalid NR CSI-IM resource configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwaresm6375wcn3991wsa8830qca8337_firmwarewcd9380_firmwareqca8337sd865_5gsdx55m_firmwarewcn6856_firmwarewcd9360_firmwaresd888sdx65wsa8835qcx315_firmwarewcd9380sd765g_firmwareqca6595au_firmwareqca6390_firmwaresd690_5gwcd9370qca6574asd690_5g_firmwarewcn6855_firmwareqca6426wcn6750wcn3998wcd9385_firmwaresdxr2_5g_firmwaresa515msd_8_gen1_5g_firmwaresm6375_firmwarewsa8815wcn6850sd765qca6426_firmwaresm7315_firmwareqca6574a_firmwareqca6574au_firmwaresdx55_firmwaresd768g_firmwarewcd9375_firmwareqca6595auqca8081_firmwarewcn3998_firmwaresm7250p_firmwaresm7315qca6391wcd9360qca6436_firmwaresdx55msdx65_firmwaresa515m_firmwaresdxr2_5gsd480_firmwarewcn6851_firmwarewcn3988_firmwareqca6574auwsa8810_firmwaresd765gwcd9341_firmwaresd480sd765_firmwaresd870qca6436wcn6851wsa8810wcn6855qca8081wcn6856wcd9385wcd9341sd768gqca6696_firmwaresd750gsd870_firmwareqca6696qca6391_firmwareqca6390ar8035sd750g_firmwarewcd9375wcd9370_firmwaresdx55sd888_firmwarewsa8830_firmwaresd865_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresm7250pqcx315sm8475wcn6750_firmwarear8035_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-617
Reachable Assertion
CVE-2021-30307
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.26% / 49.27%
||
7 Day CHG~0.00%
Published-13 Jan, 2022 | 11:40
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible denial of service due to improper validation of DNS response when DNS client requests with PTR, NAPTR or SRV query type in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwarewsa8830sd678sa6150p_firmwaresm6250p_firmwaresa8145p_firmwareqcs610qcs2290_firmwareqca8337sd7c_firmwarecsrb31024wcd9360_firmwaresdx65qcs4290wcn3950_firmwaresa8150p_firmwaresd765g_firmwareqcs2290qca6595au_firmwareqca6390_firmwaresd690_5gsd730_firmwarewcd9370sd_675_firmwaresd675_firmwareqca6426wcn3990_firmwareqca9377sa415mwcd9385_firmwaresdxr2_5g_firmwaresd_8cx_gen2_firmwarewcn3950sd720gsd_8_gen1_5g_firmwaresm6375_firmwaresd662sd460_firmwaresm7315_firmwareqca6574au_firmwaresdx55_firmwareqca6595auqca8081_firmwarewcd9375_firmwaresm7250p_firmwarewcd9360qca6436_firmwareqca6564au_firmwaresd778gsa6155p_firmwaresm6225sd_8cx_gen2sa515m_firmwareqcs6490sdxr2_5gsd662_firmwaresa415m_firmwarewcn3988_firmwaresa6145p_firmwaresm6250sd778g_firmwarewcd9340sa8195psd765gsd765_firmwareqca6436wcn6851sa6155pqca8081qca6174a_firmwareqcs4290_firmwarewcd9385qca6696_firmwareqcs6490_firmwaresd750gsd870_firmwareqca6390ar8035sd750g_firmwarewcd9375sa8150pwcn3910_firmwaresm6250_firmwarewsa8830_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8835_firmwaresa8195p_firmwareqcx315sm8475wcn6750_firmwareqcm2290_firmwaresm6375wcn3991qca8337_firmwarewcd9380_firmwarewcn3990sd_675sd865_5gqca6564ausdx24sdx55m_firmwarewcn6856_firmwaresd888wsa8835qcx315_firmwaresd665_firmwarewcd9380sd888_5gsm6250pqcs410qca6574asd690_5g_firmwarewcn6855_firmwareqca6174asm7325psdx24_firmwarewcn3980wcn6750sa515mwcd9340_firmwaresm7325p_firmwaresd665sd7cwcn3910wcn6850sd765qca6426_firmwareqca6574a_firmwaresd768g_firmwarewcn3980_firmwaresm7315sd460qca6391sd730sdx55msdx65_firmwaresd678_firmwareqcm4290csrb31024_firmwareqcm6490_firmwaresd480_firmwarewcn6851_firmwaresm6225_firmwareqca6574ausa8155p_firmwareqcm4290_firmwaresd480sd870wcn6855qcs610_firmwarewcn6856sa6145psd768gsa8145pqca6696qca6391_firmwarewcd9370_firmwaresa6150psd888_firmwaresdx55sa8155psd675sm7250psd720g_firmwareqcs410_firmwarear8035_firmwareqcm2290Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT
CWE ID-CWE-617
Reachable Assertion
CVE-2021-30353
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.36% / 58.06%
||
7 Day CHG~0.00%
Published-13 Jan, 2022 | 11:40
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper validation of function pointer type with actual function signature can lead to assertion in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055qca9377_firmwaremdm9150_firmwarewcn3991_firmwaresd678sa6150p_firmwaresm6250p_firmwaresa8145p_firmwareqcs610wsa8830qcs2290_firmwarefsm10056qca8337wcd9360_firmwaresdx65csra6620fsm10055_firmwareqcs4290wcn3950_firmwaresa8150p_firmwaresd765g_firmwareqcs2290qca6595au_firmwareqca6390_firmwaresa6155sd690_5gsd730_firmwarewcd9370csra6620_firmwareqcs605_firmwaresd_675_firmwaresd675_firmwarecsra6640_firmwareqca6564qca6426qca6584au_firmwareqrb5165n_firmwareqca9377sa415mwcd9385_firmwaresdxr2_5g_firmwarewcn3950sd720gsd_8_gen1_5g_firmwaresm6375_firmwaresd662sd460_firmwaresa8155sm7315_firmwareqca6574au_firmwaresdx55_firmwareqca6595auqca8081_firmwaresa6155_firmwaresdx12_firmwaresm7250p_firmwarewcd9375_firmwarewcn3610_firmwarewcd9360qca6436_firmwarewcn3999_firmwareqrb5165nqca6564au_firmwareqca6584ausa6155p_firmwaresd778gsm6225wcn3999sa515m_firmwareqcs6490qrb5165_firmwaresdxr2_5gsa8155_firmwaresd662_firmwaresa415m_firmwareqcs405wcn3988_firmwaresa6145p_firmwaresd205sm6250sd778g_firmwaresa8195psd765gsd765_firmwarefsm10056_firmwareqca6436wcn6851wcd9335sa6155pqca8081qcs603_firmwareqca6174a_firmwareqcs4290_firmwarewcd9385qca6696_firmwareqcs6490_firmwaresd750gsd870_firmwarear8035qca6390sd750g_firmwarewcd9375sa8150pwcn3910_firmwaresm6250_firmwarewsa8830_firmwaresda429wsd210sd865_5g_firmwarewcn3620_firmwareqcm6490sd888_5g_firmwarewcn3988wcn3620wcn6850_firmwarewsa8835_firmwaresa8195p_firmwareqcx315sm8475qca6564awcn6750_firmwarewcn3610qcm2290_firmwaresm6375wcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwaresd_675sdm429wmsm8996au_firmwaresd780gsd865_5gqca6564ausdx55m_firmwarewcn6856_firmwaresd888wsa8835qca6574msm8996auqcx315_firmwaresdm429w_firmwaresd665_firmwarewcd9380sd888_5gsm6250pqcs410qca6574asd690_5g_firmwarewcn6855_firmwareqca6174asm7325pwcd9335_firmwarewcn6750sa515mqca6574_firmwareqcs605sm7325p_firmwaresd665wcn3910wcn6850sd765qca6426_firmwareqca6574a_firmwaresd768g_firmwaresm7315sd460qca6391sd730sdx55msdxr1_firmwarewcn6740_firmwaresdx65_firmwaresd678_firmwarear8031_firmwareqcm4290qcm6490_firmwareqrb5165sd480_firmwareqcs603wcn6851_firmwaresm6225_firmwareqca6574ausa8155p_firmwaresd205_firmwareqca6564a_firmwareqcm4290_firmwaresd480sd870wcn6855sd210_firmwareqcs610_firmwaremdm9150wcn6856qsm8250sa6145pqca6564_firmwaresdxr1sd768gar8031qcs405_firmwaresa8145pwcn6740qca6696qca6391_firmwaresd780g_firmwarewcd9370_firmwaresa6150psd888_firmwaresdx55sa8155pcsra6640sd675sm7250psd720g_firmwaresdx12qcs410_firmwarear8035_firmwareqcm2290qsm8250_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-617
Reachable Assertion
CVE-2021-30326
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.26% / 49.27%
||
7 Day CHG~0.00%
Published-11 Feb, 2022 | 10:40
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible assertion due to improper size validation while processing the DownlinkPreemption IE in an RRC Reconfiguration/RRC Setup message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwaresm6375wcn3991wsa8830qca8337_firmwarewcd9380_firmwareqca8337sd865_5gsdx55m_firmwarewcn6856_firmwarewcd9360_firmwaresd888sdx65wsa8835qcx315_firmwarewcd9380sd765g_firmwaresd888_5gqca6595au_firmwareqca6390_firmwaresd690_5gwcd9370qca6574asd690_5g_firmwarewcn6855_firmwaresm7325pqca6426wcn6750wcn3998wcd9385_firmwaresdxr2_5g_firmwaresa515msd_8_gen1_5g_firmwaresm6375_firmwarewsa8815sm7325p_firmwarewcn6850sd765qca6426_firmwaresm7315_firmwareqca6574a_firmwareqca6574au_firmwaresdx55_firmwaresd768g_firmwarewcd9375_firmwareqca6595auqca8081_firmwarewcn3998_firmwaresm7250p_firmwaresm7315qca6391wcd9360qca6436_firmwaresdx55msd778gsdx65_firmwaresa515m_firmwareqcs6490qcm6490_firmwaresdxr2_5gsd480_firmwarewcn6851_firmwarewcn3988_firmwareqca6574ausd778g_firmwarewsa8810_firmwaresd765gwcd9341_firmwaresd480sd765_firmwaresd870qca6436wcn6851wsa8810wcn6855qca8081wcn6856wcd9385wcd9341sd768gqca6696_firmwareqcs6490_firmwaresd750gsd870_firmwareqca6696qca6391_firmwareqca6390ar8035sd750g_firmwarewcd9375wcd9370_firmwaresdx55sd888_firmwarewsa8830_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresm7250pqcx315sm8475wcn6750_firmwarear8035_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-617
Reachable Assertion
CVE-2021-30293
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.26% / 49.27%
||
7 Day CHG~0.00%
Published-03 Jan, 2022 | 07:26
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible assertion due to lack of input validation in PUSCH configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055qca9377_firmwarewcn3991_firmwarewsa8830sd678mdm9640_firmwareqcs610qca8337csrb31024mdm9628_firmwaremdm9650sdx65fsm10055_firmwarewcn3950_firmwaresd765g_firmwareqca6595au_firmwareqca6390_firmwaresd690_5gsd730_firmwarewcd9370qcs605_firmwaresd_675_firmwaresd675_firmwareqca6426qca6584au_firmwareqrb5165n_firmwaresm8450qca9377sa415mwcn3998wcd9385_firmwaresdxr2_5g_firmwarewcn3950mdm9628sm6375_firmwareqca6574au_firmwaresdx55_firmwareqca6595auqca8081_firmwarewcd9375_firmwarewcn3998_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwareqrb5165nqca6564au_firmwareqca6584auqrb5165_firmwaresdxr2_5gmdm9607_firmwaresa415m_firmwarewcn3988_firmwaresd205wcd9340wsa8810_firmwaresd765gsm8450_firmwaresd765_firmwareqca6436wcn6851qca8081qcs603_firmwareqca6174a_firmwarewcd9385qca6696_firmwaresd750gsd870_firmwarear8035qca6390sd750g_firmwarewcd9375wsa8830_firmwaresd210sd865_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwareqcx315qca6564aar6003wcn3610mdm9640sm6375wcn3991qca8337_firmwarewcd9380_firmwaresd_675msm8996au_firmwaresd865_5gqca6564ausdx55m_firmwarewcn6856_firmwaresm8450p_firmwarewsa8835qcx315_firmwaremsm8996auwcd9380qcs410qca6574asd690_5g_firmwarewcn6855_firmwareqca6174amdm9615qcs605wcd9340_firmwarewsa8815wcn6850mdm9650_firmwaresd765mdm9215_firmwareqca6426_firmwareqca6574a_firmwaresd768g_firmwaresd730qca6391sdx55msdxr1_firmwarear6003_firmwaresdx65_firmwaresd678_firmwarecsrb31024_firmwareqrb5165sd480_firmwareqcs603wcn6851_firmwaremdm9215qca6574aumdm9607sd205_firmwareqca6564a_firmwaresd480sd870sm8450pwcn6855wsa8810sd210_firmwareqcs610_firmwarewcn6856qsm8250sdxr1sd768gqca6696qca6391_firmwarewcd9370_firmwaresdx55sd675mdm9615_firmwaresm7250pqcs410_firmwarear8035_firmwareqsm8250_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT
CWE ID-CWE-617
Reachable Assertion
CVE-2021-30287
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.26% / 49.27%
||
7 Day CHG~0.00%
Published-13 Jan, 2022 | 11:40
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible assertion due to improper validation of symbols configured for PDCCH monitoring in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwaresm6375wcn3991wsa8830sd678qca8337_firmwaresm6250p_firmwarewcd9380_firmwarewcn3990sd_675qca8337sd865_5gsdx55m_firmwarewcn6856_firmwarewcd9360_firmwaresd888sdx65wsa8835qcx315_firmwarewcn3950_firmwarewcd9380sd765g_firmwareqca6595au_firmwaresm6250pqca6390_firmwaresd690_5gsd730_firmwarewcd9370sd_675_firmwaresd675_firmwareqca6574asd690_5g_firmwarewcn6855_firmwareqca6426wcn3990_firmwarewcn3980wcn6750wcn3998wcd9385_firmwaresdxr2_5g_firmwarewcn3950sd720gsa515msd_8_gen1_5g_firmwaresm6375_firmwarewsa8815wcn6850sd765qca6426_firmwaresm7315_firmwareqca6574a_firmwareqca6574au_firmwaresdx55_firmwaresd768g_firmwareqca6595auqca8081_firmwarewcd9375_firmwarewcn3998_firmwaresm7250p_firmwarewcn3980_firmwaresm7315wcd9360qca6436_firmwaresd730qca6391sdx55msdx65_firmwaresd678_firmwaresa515m_firmwaresdxr2_5gsd480_firmwarewcn6851_firmwarewcn3988_firmwareqca6574ausm6250wsa8810_firmwaresd765gwcd9341_firmwaresd480sd765_firmwaresd870qca6436wcn6851wsa8810wcn6855qca8081wcn6856wcd9385wcd9341sd768gqca6696_firmwaresd750gsd870_firmwareqca6696qca6391_firmwareqca6390ar8035sd750g_firmwarewcd9375wcd9370_firmwaresm6250_firmwaresdx55sd888_firmwaresd675wsa8830_firmwaresd865_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresm7250psd720g_firmwareqcx315sm8475wcn6750_firmwarear8035_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-617
Reachable Assertion
CVE-2021-30329
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.24% / 47.73%
||
7 Day CHG~0.00%
Published-01 Apr, 2022 | 04:40
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible assertion due to improper validation of TCI configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwaresm6375wcn3991wsa8830qca8337_firmwarewcd9380_firmwareqca8337sd865_5gsdx55m_firmwarewcn6856_firmwarewcd9360_firmwaresd888sdx65wsa8835qcx315_firmwarewcd9380sd765g_firmwaresd888_5gqca6595au_firmwareqca6390_firmwaresd690_5gwcd9370qca6574asd690_5g_firmwarewcn6855_firmwaresm7325pqca6426wcn6750wcn3998wcd9385_firmwaresdxr2_5g_firmwaresa515msd_8_gen1_5g_firmwaresm6375_firmwarewsa8815sm7325p_firmwarewcn6850sd765qca6426_firmwaresm7315_firmwareqca6574a_firmwareqca6574au_firmwaresdx55_firmwaresd768g_firmwarewcd9375_firmwareqca6595auqca8081_firmwarewcn3998_firmwaresm7250p_firmwaresm7315qca6391wcd9360qca6436_firmwaresdx55msd778gsdx65_firmwaresa515m_firmwareqcs6490qcm6490_firmwaresdxr2_5gsd480_firmwarewcn6851_firmwarewcn3988_firmwareqca6574ausd778g_firmwarewsa8810_firmwaresd765gwcd9341_firmwaresd480sd765_firmwaresd870qca6436wcn6851wsa8810wcn6855qca8081wcn6856wcd9385wcd9341sd768gqca6696_firmwareqcs6490_firmwaresd750gsd870_firmwareqca6696qca6391_firmwareqca6390ar8035sd750g_firmwarewcd9375wcd9370_firmwaresdx55sd888_firmwarewsa8830_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresm7250pqcx315sm8475wcn6750_firmwarear8035_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-617
Reachable Assertion
CVE-2021-30332
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.26% / 49.27%
||
7 Day CHG~0.00%
Published-01 Apr, 2022 | 04:40
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible assertion due to improper validation of OTA configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwaresm6375wcn3991wsa8830qca8337_firmwarewcd9380_firmwaresd780gqca8337sd865_5gsdx55m_firmwarewcn6856_firmwarewcd9360_firmwaresd888sdx65wsa8835qcx315_firmwarewcd9380sd765g_firmwaresd888_5gqca6595au_firmwareqca6390_firmwaresd690_5gwcd9370qca6574asd690_5g_firmwarewcn6855_firmwaresm7325pqca6426wcn6750wcn3998wcd9385_firmwaresdxr2_5g_firmwaresa515msd_8_gen1_5g_firmwaresm6375_firmwarewsa8815sm7325p_firmwarewcn6850sd765qca6426_firmwaresm7315_firmwareqca6574a_firmwareqca6574au_firmwaresdx55_firmwaresd768g_firmwareqca6595auqca8081_firmwarewcd9375_firmwarewcn3998_firmwaresm7250p_firmwaresm7315qca6391wcd9360qca6436_firmwaresdx55mwcn6740_firmwaresd778gsdx65_firmwaresa515m_firmwareqcs6490qcm6490_firmwaresdxr2_5gsd480_firmwarewcn6851_firmwarewcn3988_firmwareqca6574ausd778g_firmwarewsa8810_firmwaresd765gwcd9341_firmwaresd480sd765_firmwaresd870qca6436wcn6851wsa8810wcn6855qca8081wcn6856wcd9385wcd9341sd768gqca6696_firmwareqcs6490_firmwaresd750gsd870_firmwarewcn6740qca6696qca6391_firmwareqca6390ar8035sd750g_firmwarewcd9375sd780g_firmwarewcd9370_firmwaresdx55sd888_firmwarewsa8830_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresm7250pqcx315sm8475wcn6750_firmwarear8035_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-617
Reachable Assertion
CVE-2021-30340
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.23% / 45.34%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 10:10
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Reachable assertion due to improper validation of coreset in PDCCH configuration in SA mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwaresm6375wcn3991wsa8830qca8337_firmwarewcd9380_firmwaresd780gqca8337sd865_5gsdx55m_firmwarewcn6856_firmwarewcd9360_firmwaresdx65wsa8835qcx315_firmwarewcd9380sd765g_firmwaresd888_5gqca6595au_firmwareqca6390_firmwaresd690_5gwcd9370qca6574asd690_5g_firmwarewcn6855_firmwaresm7325pqca6426wcn6750wcn3998wcd9385_firmwaresdxr2_5g_firmwaresa515msd_8_gen1_5g_firmwaresm6375_firmwarewsa8815sm7325p_firmwarewcn6850sd765qca6426_firmwareqca6574a_firmwareqca6574au_firmwaresdx55_firmwaresd768g_firmwarewcd9375_firmwareqca6595auqca8081_firmwarewcn3998_firmwaresm7250p_firmwareqca6391sdx55mwcd9360qca6436_firmwarewcn6740_firmwaresd778gsdx65_firmwaresa515m_firmwareqcs6490qcm6490_firmwaresdxr2_5gsd480_firmwarewcn6851_firmwarewcn3988_firmwareqca6574ausd778g_firmwarewsa8810_firmwaresd765gwcd9341_firmwaresd480sd765_firmwaresd870qca6436wcn6851wsa8810wcn6855qca8081wcn6856wcd9385wcd9341sd768gqca6696_firmwareqcs6490_firmwaresd750gsd870_firmwarewcn6740qca6696qca6391_firmwareqca6390ar8035sd750g_firmwarewcd9375sd780g_firmwarewcd9370_firmwaresdx55wsa8830_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresm7250pqcx315sm8475wcn6750_firmwarear8035_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-617
Reachable Assertion
CVE-2021-29258
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.12% / 29.80%
||
7 Day CHG~0.00%
Published-20 May, 2021 | 16:40
Updated-03 Aug, 2024 | 22:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Envoy 1.14.0. There is a remotely exploitable crash for HTTP2 Metadata, because an empty METADATA map triggers a Reachable Assertion.

Action-Not Available
Vendor-envoyproxyn/a
Product-envoyn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2021-28905
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.40% / 61.07%
||
7 Day CHG~0.00%
Published-20 May, 2021 | 18:36
Updated-03 Aug, 2024 | 21:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In function lys_node_free() in libyang <= v1.0.225, it asserts that the value of node->module can't be NULL. But in some cases, node->module can be null, which triggers a reachable assertion (CWE-617).

Action-Not Available
Vendor-cesnetn/a
Product-libyangn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2021-27498
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.5||HIGH
EPSS-0.14% / 32.99%
||
7 Day CHG~0.00%
Published-12 May, 2022 | 19:18
Updated-16 Apr, 2025 | 16:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
EIPStackGroup OpENer Ethernet/IP Reachable Assertion

A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and versions prior to Feb 10, 2021 may result in a denial-of-service condition.

Action-Not Available
Vendor-opener_projectEIPStackGroup
Product-openerOpENer EtherNet/IP
CWE ID-CWE-617
Reachable Assertion
CVE-2021-25218
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-7.5||HIGH
EPSS-0.58% / 69.14%
||
7 Day CHG~0.00%
Published-18 Aug, 2021 | 18:20
Updated-17 Sep, 2024 | 03:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
A too-strict assertion check could be triggered when responses in BIND 9.16.19 and 9.17.16 require UDP fragmentation if RRL is in use

In BIND 9.16.19, 9.17.16. Also, version 9.16.19-S1 of BIND Supported Preview Edition When a vulnerable version of named receives a query under the circumstances described above, the named process will terminate due to a failed assertion check. The vulnerability affects only BIND 9 releases 9.16.19, 9.17.16, and release 9.16.19-S1 of the BIND Supported Preview Edition.

Action-Not Available
Vendor-Fedora ProjectInternet Systems Consortium, Inc.
Product-bindfedoraBIND9
CWE ID-CWE-617
Reachable Assertion
CVE-2021-25215
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-7.5||HIGH
EPSS-1.49% / 81.18%
||
7 Day CHG~0.00%
Published-29 Apr, 2021 | 00:55
Updated-16 Sep, 2024 | 22:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself

In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query for a record triggering the flaw described above, the named process will terminate due to a failed assertion check. The vulnerability affects all currently maintained BIND 9 branches (9.11, 9.11-S, 9.16, 9.16-S, 9.17) as well as all other versions of BIND 9.

Action-Not Available
Vendor-Internet Systems Consortium, Inc.Debian GNU/LinuxNetApp, Inc.Oracle CorporationSiemens AGFedora Project
Product-h300e500f_firmwarea250_firmwareh500scloud_backuptekelec_platform_distributionh300s_firmwareactive_iq_unified_managerh410sh300sh300e_firmwaresinec_infrastructure_network_services500fdebian_linuxh500eh410s_firmwarefedorah500s_firmwareh500e_firmwareh700s_firmwarea250h700ebindh700e_firmwareh700sBIND9
CWE ID-CWE-617
Reachable Assertion
CVE-2023-49286
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.6||HIGH
EPSS-1.73% / 82.55%
||
7 Day CHG~0.00%
Published-04 Dec, 2023 | 22:53
Updated-13 Feb, 2025 | 17:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Denial of Service in Helper Process management

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Action-Not Available
Vendor-Squid Cache
Product-squidsquid
CWE ID-CWE-253
Incorrect Check of Function Return Value
CWE ID-CWE-617
Reachable Assertion
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CVE-2021-21778
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-7.5||HIGH
EPSS-0.78% / 73.76%
||
7 Day CHG~0.00%
Published-25 Aug, 2021 | 18:27
Updated-03 Aug, 2024 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability exists in the ASDU message processing functionality of MZ Automation GmbH lib60870.NET 2.2.0. A specially crafted network request can lead to loss of communications. An attacker can send an unauthenticated message to trigger this vulnerability.

Action-Not Available
Vendor-mz-automationn/a
Product-lib60870MZ Automation"
CWE ID-CWE-617
Reachable Assertion
CVE-2019-6467
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-5.9||MEDIUM
EPSS-17.22% / 95.06%
||
7 Day CHG~0.00%
Published-09 Oct, 2019 | 14:17
Updated-17 Sep, 2024 | 00:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
An error in the nxdomain redirect feature can cause BIND to exit with an INSIST assertion failure in query.c

A programming error in the nxdomain-redirect feature can cause an assertion failure in query.c if the alternate namespace used by nxdomain-redirect is a descendant of a zone that is served locally. The most likely scenario where this might occur is if the server, in addition to performing NXDOMAIN redirection for recursive clients, is also serving a local copy of the root zone or using mirroring to provide the root zone, although other configurations are also possible. Versions affected: BIND 9.12.0-> 9.12.4, 9.14.0. Also affects all releases in the 9.13 development branch.

Action-Not Available
Vendor-Internet Systems Consortium, Inc.
Product-bindBIND 9
CWE ID-CWE-617
Reachable Assertion
CVE-2019-6476
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-5.9||MEDIUM
EPSS-1.27% / 79.60%
||
7 Day CHG~0.00%
Published-17 Oct, 2019 | 19:17
Updated-16 Sep, 2024 | 16:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
An error in QNAME minimization code can cause BIND to exit with an assertion failure

A defect in code added to support QNAME minimization can cause named to exit with an assertion failure if a forwarder returns a referral rather than resolving the query. This affects BIND versions 9.14.0 up to 9.14.6, and 9.15.0 up to 9.15.4.

Action-Not Available
Vendor-Internet Systems Consortium, Inc.
Product-bindBIND 9
CWE ID-CWE-617
Reachable Assertion
CVE-2019-6469
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-5.9||MEDIUM
EPSS-1.06% / 77.73%
||
7 Day CHG~0.00%
Published-09 Oct, 2019 | 14:17
Updated-17 Sep, 2024 | 01:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BIND Supported Preview Edition can exit with an assertion failure if ECS is in use

An error in the EDNS Client Subnet (ECS) feature for recursive resolvers can cause BIND to exit with an assertion failure when processing a response that has malformed RRSIGs. Versions affected: BIND 9.10.5-S1 -> 9.11.6-S1 of BIND 9 Supported Preview Edition.

Action-Not Available
Vendor-Internet Systems Consortium, Inc.
Product-bindBIND 9 Supported Preview Edition
CWE ID-CWE-617
Reachable Assertion
CVE-2023-43529
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.15% / 35.57%
||
7 Day CHG~0.00%
Published-06 May, 2024 | 14:32
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reachable Assertion in Data Modem

Transient DOS while processing IKEv2 Informational request messages, when a malformed fragment packet is received.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm8550_firmwareqcs410_firmwaresw5100psd865_5gqcs610_firmwarewcd9335wcd9370qca8081_firmwaresnapdragon_7c_gen_2_compute_firmwareqca6696snapdragon_x70_modem-rf_firmwarewcd9340_firmwarewcd9341_firmwarewcd9395_firmwareqcn6024qcc710_firmwareqca6426snapdragon_8\+_gen_1_mobilewcn6740_firmwarefastconnect_6700snapdragon_780g_5g_mobilesnapdragon_750g_5g_mobilesnapdragon_685_4g_mobilesnapdragon_x50_5g_modem-rf_firmwaresnapdragon_782g_mobile_firmwarewsa8832_firmwareqca8337qca6426_firmwarewcd9395snapdragon_auto_4g_modemsnapdragon_665_mobile_firmwaresc8180xp-aaabqca6574au_firmwaresnapdragon_690_5g_mobile_firmwaresnapdragon_x72_5g_modem-rfwcd9341qca6574auwcd9390snapdragon_888\+_5g_mobile_firmwarewsa8810_firmwaresd730_firmwarewsa8845h_firmwarecsra6640snapdragon_778g_5g_mobile_firmwaresc8180xp-acafsd730snapdragon_690_5g_mobilefastconnect_6800_firmwareqcs5430qcn6024_firmwareqcm5430qcm5430_firmwarevideo_collaboration_vc1_platform_firmwareqcm6125_firmwaresnapdragon_678_mobile_firmwareqcc710snapdragon_xr2_5g_firmware315_5g_iot_modem_firmwarefastconnect_6900snapdragon_w5\+_gen_1_wearable_firmwarevideo_collaboration_vc1_platformqep8111qfw7114snapdragon_730_mobile_firmwarewcd9385_firmwareqca6421315_5g_iot_modemwcd9360snapdragon_x65_5g_modem-rfqcs4490snapdragon_730_mobilesnapdragon_680_4g_mobilewsa8845qca6421_firmwareqcm6125sc8180x-adqca6564au_firmwarewsa8810snapdragon_888_5g_mobile_firmwareqca6595ausnapdragon_888_5g_mobilesm7315_firmwaresnapdragon_662_mobile_firmwaresnapdragon_685_4g_mobile_firmwarewsa8840qcs8550_firmwaresnapdragon_730g_mobilesnapdragon_782g_mobilesnapdragon_x35_5g_modem-rf_firmwaresnapdragon_8_gen_2_mobile_firmwaresnapdragon_x55_5g_modem-rfqfw7124_firmwareqca6436_firmwarewcd9371_firmwaresnapdragon_695_5g_mobile_firmwareqcs4490_firmwaresnapdragon_x55_5g_modem-rf_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewcn3910_firmwaresnapdragon_460_mobilesnapdragon_8_gen_2_mobileqca6420wcn3910wcd9370_firmwarecsrb31024qca6574asnapdragon_x72_5g_modem-rf_firmwaresnapdragon_8\+_gen_2_mobileqca6174awcd9340qcm2290snapdragon_auto_5g_modem-rf_gen_2qcm6490sm8550p_firmwareqcm8550wcn3988snapdragon_765_5g_mobile_firmwaresnapdragon_662_mobileqcn9024sd675_firmwaresnapdragon_855_mobile_firmwareqca6430_firmwaresdx57msmart_audio_400qcn9024_firmwarewsa8845hqcs410qcm2290_firmwaresnapdragon_765g_5g_mobile_firmwarewsa8830sm8550psnapdragon_768g_5g_mobile_firmwaresnapdragon_7c_gen_2_computesc8180x\+sdx55_firmwarear8035snapdragon_7c_compute_firmwareqcm4325qcn6224snapdragon_865\+_5g_mobile_firmwaresc8180x\+sdx55qca6698aqwcn3950_firmwaresm6250snapdragon_480\+_5g_mobilefastconnect_6200sm7325p_firmwarewcd9360_firmwaresc8180x-acaf_firmwaresnapdragon_480_5g_mobile_firmwarefastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwarewcn3990snapdragon_x75_5g_modem-rf_firmwaresnapdragon_8_gen_3_mobilesnapdragon_855_mobileqcs6490snapdragon_695_5g_mobilesc8180xp-acaf_firmwaresnapdragon_778g_5g_mobilefastconnect_6200_firmwarewsa8830_firmwaresnapdragon_460_mobile_firmwareqcn6224_firmwareqca6431wsa8845_firmwarewsa8832snapdragon_auto_4g_modem_firmwaresnapdragon_480_5g_mobilesnapdragon_750g_5g_mobile_firmwaresdx57m_firmwaresxr2130_firmwaresnapdragon_860_mobile_firmwaresnapdragon_x35_5g_modem-rfar8035_firmwaresc8180xp-aaab_firmwaresnapdragon_778g\+_5g_mobilesd888_firmwareqca6564auqcs6125_firmwaresc8180xp-adsm6250p_firmwarewsa8815_firmwareqca8337_firmwareqcm4290sg8275p_firmwareqca9377_firmwareqcm6490_firmwaresnapdragon_665_mobilesm7250p_firmwareqcm4490_firmwarewcn3950qcs6125snapdragon_870_5g_mobile_firmwaresnapdragon_730g_mobile_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_7c\+_gen_3_computesnapdragon_732g_mobilesnapdragon_778g\+_5g_mobile_firmwaresmart_audio_400_firmwaresnapdragon_870_5g_mobilesd_675_firmwaresnapdragon_678_mobilesnapdragon_720g_mobilesm7250pcsrb31024_firmwaresc8180x-acafsm6250_firmwaresc8180x-ad_firmwaresnapdragon_7c_computeqca6584ausd888qcn6274_firmwaresnapdragon_675_mobile_firmwaresw5100_firmwarewcn6740snapdragon_768g_5g_mobilesnapdragon_780g_5g_mobile_firmwaresnapdragon_8_gen_3_mobile_firmwarefastconnect_6800qfw7114_firmwarefastconnect_7800_firmwaresnapdragon_675_mobilesnapdragon_865_5g_mobile_firmwarewcd9371fastconnect_6900_firmwarewcd9380snapdragon_xr2_5gsnapdragon_x24_lte_modemsnapdragon_auto_5g_modem-rf_firmwaresc8180x-aaabsc8180x-aaab_firmwaresw5100video_collaboration_vc3_platformaqt1000snapdragon_4_gen_1_mobile_firmwaresd855qca6431_firmwarewcn3990_firmwaresm7315qca6698aq_firmwareqcs2290wcd9385snapdragon_888\+_5g_mobileqcs2290_firmwaresnapdragon_8_gen_1_mobilesnapdragon_680_4g_mobile_firmwareqcs4290wcd9390_firmwaresnapdragon_865\+_5g_mobileqep8111_firmwareqca6430snapdragon_855\+_mobilesg8275psm6250psnapdragon_765_5g_mobilesnapdragon_860_mobilesdx55_firmwaresc8180xp-ad_firmwaresnapdragon_auto_5g_modem-rfsxr2130qcm4490snapdragon_x65_5g_modem-rf_firmwarecsra6640_firmwaresnapdragon_480\+_5g_mobile_firmwareqca6174a_firmwaresm7325psnapdragon_732g_mobile_firmwaresnapdragon_x50_5g_modem-rfqca6420_firmwareaqt1000_firmwareqcs6490_firmwaresd855_firmwarewcd9335_firmwarewcn3980_firmwareqca6436snapdragon_x70_modem-rfqca6584au_firmwaresnapdragon_x24_lte_modem_firmwarewsa8835qca6391_firmwarewsa8840_firmwareqcn6274qfw7124qca6595au_firmwareqcs610sw5100p_firmwareqca6696_firmwareqcs4290_firmwarewcd9380_firmwarecsra6620qca8081wsa8815sg4150pqca9377snapdragon_x75_5g_modem-rfqcm4325_firmwareqca6574a_firmwaresdx55snapdragon_4_gen_1_mobileqcm4290_firmwaresnapdragon_720g_mobile_firmwaresnapdragon_865_5g_mobilesnapdragon_855\+_mobile_firmwaresd675wcd9375_firmwareqca6391qcs5430_firmwaresg4150p_firmwarecsra6620_firmwareqcs8550fastconnect_7800sd865_5g_firmwaresnapdragon_8\+_gen_2_mobile_firmwarewcd9375snapdragon_765g_5g_mobilewcn3988_firmwaresd_675snapdragon_8\+_gen_1_mobile_firmwarewsa8835_firmwarewcn3980snapdragon_w5\+_gen_1_wearablesnapdragon_8_gen_1_mobile_firmwareSnapdragonqcm2290_firmwareaqt1000_firmwareqca6564au_firmwareqca9377_firmwareqca8337_firmwareqcm4490_firmwareqcm8550_firmwareqcn6274_firmwareqcs4490_firmware315_5g_iot_modem_firmwareqcs2290_firmwarecsrb31024_firmwareqcm6490_firmwareqca6431_firmwarefastconnect_6900_firmwareqcs8550_firmwareqcn6224_firmwarefastconnect_6700_firmwareqcn9024_firmwarefastconnect_7800_firmwareqca6420_firmwareqca6595au_firmwareqcm4290_firmwareqcs610_firmwarecsra6620_firmwareqca6698aq_firmwarecsra6640_firmwareqcm5430_firmwareqca6174a_firmwareqcs6125_firmwareqcs4290_firmwareqca6584au_firmwareqep8111_firmwareqca6696_firmwareqca6430_firmwareqcs6490_firmwareqfw7114_firmwareqcs5430_firmwareqca6391_firmwareqcn6024_firmwareqcm4325_firmwareqcc710_firmwareqca6426_firmwareqca6574a_firmwarefastconnect_6200_firmwareqca6574au_firmwareqca8081_firmwarefastconnect_6800_firmwareqcs410_firmwareqfw7124_firmwareqca6436_firmwarear8035_firmwareqcm6125_firmwareqca6421_firmware
CWE ID-CWE-617
Reachable Assertion
CVE-2019-25041
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.03% / 77.39%
||
7 Day CHG~0.00%
Published-27 Apr, 2021 | 05:16
Updated-05 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unbound before 1.9.5 allows an assertion failure via a compressed name in dname_pkt_copy. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited

Action-Not Available
Vendor-nlnetlabsn/aDebian GNU/Linux
Product-unbounddebian_linuxn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2023-43523
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.14% / 34.24%
||
7 Day CHG~0.00%
Published-06 Feb, 2024 | 05:47
Updated-17 Jun, 2025 | 21:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reachable Assertion in WLAN Firmware

Transient DOS while processing 11AZ RTT management action frame received through OTA.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qam8255p_firmwaresnapdragon_8_gen_1_mobile_platformqca8337qfw7124sg8275p_firmwareipq8173_firmwareqam8775pqcf8001snapdragon_870_5g_mobile_platform_firmwareqcn5124qca4024_firmwarewsa8840immersive_home_318_platform_firmwareipq8078aipq5028_firmwareqca6595au_firmwareqca6554a_firmwareipq8076aqca8386_firmwareqcn6024_firmwareimmersive_home_316_platform_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareqcn6412qca6574au_firmwareqcn5164_firmwareqcn6422_firmwareqca8081_firmwaresnapdragon_xr2\+_gen_1_platformqcn9002ipq8078a_firmwareipq5028wsa8840_firmwareqca6698aqqca0000qcf8001_firmwareipq6010sc8380xp_firmwaresdx65mwcd9340qcn6132qcn9013qca6436qcf8000qca6698aq_firmwareipq5312qca9888_firmwareqam8775p_firmwareqcn6122qca6696_firmwareipq9008_firmwareqcn5154_firmwareqca6797aqqcc710_firmwarewsa8830_firmwaresd865_5g_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwareqcn5022_firmwareimmersive_home_216_platform_firmwareqca8337_firmwarewcd9380_firmwaressg2125pipq8072aipq8076a_firmwareipq8078qca6564auqca8084ipq8173qcm8550qcn9001_firmwareipq9008qcn5164qca6574qcn6402_firmwarecsr8811_firmwarewcd9380ipq9554_firmwareqcn5054_firmwareqcn5024sxr1230psg8275pqca8072_firmwareqcn9012_firmwareqcn5052_firmwareqcn9274_firmwareqfw7114_firmwarewsa8845qcc2073_firmwareipq6018_firmwarewcd9340_firmwarewsa8815snapdragon_865\+_5g_mobile_platformqca6426_firmwaresc8380xpipq6028qcn9024ipq9574_firmwaresnapdragon_xr2\+_gen_1_platform_firmwareimmersive_home_3210_platform_firmwareipq5302wcn6740_firmwaresnapdragon_xr2_5g_platformsnapdragon_x65_5g_modem-rf_systemipq8078_firmwarefastconnect_6900qcn5054snapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwareqca6797aq_firmwareqcn9024_firmwareipq8174_firmwaresnapdragon_8\+_gen_2_mobile_platformwsa8832qcn6412_firmwareipq5332ipq5302_firmwareimmersive_home_326_platformipq6018qcc710immersive_home_214_platformqca6595_firmwarewcd9395qca6391_firmwareimmersive_home_214_platform_firmwareqca4024sm8550p_firmwareqcn6402ssg2115p_firmwareqfw7124_firmwareqam8255par8035_firmwareqcn5024_firmwarewsa8830qcn9070sxr2230p_firmwareqam8650psnapdragon_865_5g_mobile_platformqcn6224_firmwareqca8082qcn9072qca8386ipq6000ssg2115pqcn5152_firmwareqca0000_firmwareqca6426qca6584au_firmwareqcn9000_firmwaresnapdragon_8_gen_2_mobile_platformipq9554wcd9385_firmwareimmersive_home_216_platformimmersive_home_316_platformimmersive_home_318_platformipq8074aqcn5124_firmwareqca8082_firmwaresnapdragon_x55_5g_modem-rf_systemqcn5122_firmwareqca6595auqcn6023_firmwaresnapdragon_8_gen_3_mobile_platformqfw7114wsa8845h_firmwareqca6436_firmwareipq5010qca6564au_firmwareqca6584ausnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareqcn9274snapdragon_870_5g_mobile_platformipq8174qcn9001qcn5052qcs8550_firmwareqcn9074qca8085wsa8810_firmwareqcn6224wsa8845hsnapdragon_ar2_gen_1_platform_firmwaresnapdragon_x75_5g_modem-rf_systemwcd9395_firmwareqca8081ipq8071aqcn6023sdx65m_firmwareipq8071a_firmwareimmersive_home_3210_platformqca8085_firmwaresxr2130_firmwarewcd9385ipq9570ar8035csr8811wcd9390qcn9100_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwarewsa8835_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqca8072qcn9000qcf8000_firmwareqca6554asd865_5gfastconnect_6800qca6595qcn9012immersive_home_326_platform_firmwareqcn6122_firmwarewsa8835sxr1230p_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwaresd_8_gen1_5gqcn6274qcn6422qcn5154qca8075_firmwaressg2125p_firmwareqca6574asxr2130qca9889qcn6132_firmwareqcn9003_firmwareqca9888qcc2076_firmwareipq8070a_firmwareqcn9003ipq8076_firmwareqca6574_firmwaresxr2230pipq8076wsa8845_firmwaresnapdragon_xr2_5g_platform_firmwareqca6574a_firmwareqcn5152snapdragon_x55_5g_modem-rf_system_firmwareqca6391fastconnect_7800qcn9100snapdragon_865\+_5g_mobile_platform_firmwareqcn6274_firmwarewsa8832_firmwareipq9570_firmwareqcn9070_firmwareipq6028_firmwareipq8072a_firmwareqcn6432_firmwareipq5312_firmwareqca6574auqca9889_firmwareipq9574qcn5122fastconnect_7800_firmwarewsa8810ipq5332_firmwaresm8550psnapdragon_8_gen_1_mobile_platform_firmwaresnapdragon_ar2_gen_1_platformqcn5022qcn9013_firmwareqam8650p_firmwareipq6010_firmwarewcn6740qca6696qcs8550qca8075qcn9022_firmwaresnapdragon_8_gen_3_mobile_platform_firmwareqcn6024qcn9022qcc2076wcd9390_firmwareipq8070aqcn9002_firmwareqcn9072_firmwareipq6000_firmwareqcn9074_firmwareqcc2073qcn6432Snapdragon
CWE ID-CWE-617
Reachable Assertion
CVE-2024-23385
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.18% / 39.68%
||
7 Day CHG~0.00%
Published-04 Nov, 2024 | 10:04
Updated-07 Nov, 2024 | 20:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reachable Assertion in Modem

Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055snapdragon_8_gen_1_mobile_platformwsa8830qca8337fsm10056qfw7124sg8275p_firmwarewcd9360_firmwareqcn6224_firmwarefsm10055_firmwarewsa8840snapdragon_212_mobile_platformwcn3950_firmwarewcn6755_firmwareqca6595au_firmwaresnapdragon_x70_modem-rf_systemsnapdragon_480_5g_mobile_platformwcd9370snapdragon_480\+_5g_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwareqep8111_firmwareqca6584au_firmwaresnapdragon_8_gen_2_mobile_platformmsm8108wcd9385_firmwaremsm8108_firmwarewcn3950wcd9326_firmwareqcn6024_firmwarewcn3615_firmwarefastconnect_6200wcn3660bapq8037snapdragon_429_mobile_platform_firmwaresnapdragon_695_5g_mobile_platform_firmwarewcn3680b_firmwaresnapdragon_208_processor_firmwaresdx71m_firmwaresnapdragon_212_mobile_platform_firmwarewsa8845h_firmwarewcn3615wcd9375_firmwaresnapdragon_8_gen_3_mobile_platformsdx55_firmwaresnapdragon_425_mobile_platformwcn3610_firmwarewcd9360snapdragon_429_mobile_platformqfw7114qca8081_firmwareqca6584ausnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwaresnapdragon_x72_5g_modem-rf_systemsnapdragon_208_processorsnapdragon_x70_modem-rf_system_firmwarewsa8840_firmwaresnapdragon_439_mobile_platformqca6698aqqcs8550_firmwaresm8635wcn3988_firmwaresnapdragon_8\+_gen_1_mobile_platformwcd9340fastconnect_6700_firmwareapq8017_firmwarewsa8810_firmwareqcn6224wsa8845hwcn6755wcd9395_firmwarewcd9326snapdragon_x75_5g_modem-rf_systemsnapdragon_x62_5g_modem-rf_systemfsm10056_firmwareqca8081sdx71msnapdragon_x35_5g_modem-rf_systemsnapdragon_auto_5g_modem-rf_gen_2qcm4490qca6698aq_firmwaremsm8209_firmwareqca6174a_firmwarewcd9385snapdragon_auto_5g_modem-rf_gen_2_firmwareqca6696_firmwarear8035wcd9375snapdragon_210_processor_firmwaresnapdragon_430_mobile_platformwcd9390qcc710_firmwarewsa8830_firmwarewcn3620_firmwarewsa8815_firmwarewcn3988wsa8835_firmwarewcn3620apq8017snapdragon_8_gen_2_mobile_platform_firmwarewcn3610msm8608wcd9380_firmwareqca8337_firmwaresdm429wqcm8550ar8035_firmwarewsa8835sdm429w_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwarewcd9380qcn6274snapdragon_wear_4100\+_platform_firmwaresnapdragon_x72_5g_modem-rf_system_firmwarefastconnect_6700snapdragon_210_processorsnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_425_mobile_platform_firmwaresnapdragon_wear_4100\+_platformsm8635_firmwareqca6574asnapdragon_430_mobile_platform_firmwareqca6174asg8275pwcn3980sm6370_firmwareqfw7114_firmwarewsa8845wcd9340_firmwarewsa8815sdx57m_firmwarewsa8845_firmware205_mobile_platform_firmwaresnapdragon_4_gen_1_mobile_platformsnapdragon_439_mobile_platform_firmwarewcn3660b_firmwareqca6574a_firmwarefastconnect_6200_firmwaresnapdragon_x62_5g_modem-rf_system_firmwareqcn9024msm8209wcn3980_firmwarefastconnect_7800snapdragon_x35_5g_modem-rf_system_firmwaresmart_audio_200_platformqcm4490_firmwareqcn6274_firmwareqcs4490_firmwaresnapdragon_x65_5g_modem-rf_systemqca6574au_firmwarewsa8832_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900fastconnect_6900_firmwareqca6574ausmart_audio_200_platform_firmwareqcn9024_firmwaresdx57msnapdragon_8\+_gen_2_mobile_platformwsa8810fastconnect_7800_firmwarewsa8832snapdragon_8_gen_1_mobile_platform_firmwaresm8550psm6370wcn3680bsdx61qcc710qcs4490wcd9395205_mobile_platformqca6696qcs8550wcd9370_firmwaresm8550p_firmwaremsm8608_firmwaresdx55wcd9390_firmwaresnapdragon_8_gen_3_mobile_platform_firmwareqcn6024apq8037_firmwaresnapdragon_695_5g_mobile_platformsnapdragon_8\+_gen_1_mobile_platform_firmwareqca6595auqfw7124_firmwareqep8111sdx61_firmwaresnapdragon_480\+_5g_mobile_platformSnapdragonqca8337_firmwarewcd9380_firmwaresg8275p_firmwarewcd9360_firmwarear8035_firmwarefsm10055_firmwareqcn6224_firmwarefastconnect_6200_firmwaresdm429w_firmwarewcn3950_firmwarewcn6755_firmwareqca6595au_firmwaresnapdragon_x72_5g_modem-rf_system_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_425_mobile_platform_firmwaresm8635_firmwaresnapdragon_430_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwareqca6584au_firmwareqep8111_firmwaresm6370_firmwareqfw7114_firmwaremsm8108_firmwarewcd9385_firmwareqcn6024_firmwarewcd9326_firmwarewcn3615_firmwarewcd9340_firmwaresdx57m_firmwarewsa8845_firmwaresnapdragon_439_mobile_platform_firmwarewcn3660b_firmwaresnapdragon_429_mobile_platform_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca6574au_firmwaresdx55_firmwaresdx71m_firmwaresnapdragon_208_processor_firmwaresnapdragon_212_mobile_platform_firmwareqca8081_firmwarewcd9375_firmwarewcn3680b_firmwarewsa8845h_firmwaresnapdragon_x62_5g_modem-rf_system_firmwarewcn3610_firmwarewcn3980_firmwareqca6574a_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareqcm4490_firmwaresnapdragon_x35_5g_modem-rf_system_firmwareqcn6274_firmwareqcs4490_firmwaresnapdragon_x70_modem-rf_system_firmwarewsa8840_firmwarewsa8832_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwareqcs8550_firmwarewcn3988_firmwaresmart_audio_200_platform_firmwarefastconnect_6700_firmwareqcn9024_firmwareapq8017_firmwarewsa8810_firmwarefastconnect_7800_firmwarefsm10056_firmwarewcd9395_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqca6698aq_firmwaremsm8209_firmwareqca6174a_firmwarequalcomm_205_mobile_platform_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqca6696_firmwaremsm8608_firmwaresm8550p_firmwaresnapdragon_210_processor_firmwarewcd9370_firmwareqcc710_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwarewsa8830_firmwarewcn3620_firmwareapq8037_firmwarewsa8815_firmwarewsa8835_firmwaresdx61_firmwareqfw7124_firmwaresnapdragon_8_gen_2_mobile_platform_firmware
CWE ID-CWE-617
Reachable Assertion
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • Next
Details not found