Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-50721

Summary
Assigner-libreswan
Assigner Org ID-d42dc95b-23f1-4e06-9076-20753a0fb0df
Published At-02 Jul, 2026 | 21:44
Updated At-02 Jul, 2026 | 21:44
Rejected At-
Credits

IKEv1 Denial of Service via RSA-SHA1 (PKCS#1 Version 1.5 Encrypted) authentication payload

Libreswan, via the function RSA_authenticate_hash_signature_raw_rsa(), did not correctly verify the length of the authentication hash when the SIG payload of an IKEv1 packet was encoded using PKCS #1 RSA Encryption as per RFC 2313. A remote attacker can use a variation on the Bleichenbacher attack to forge the SIG payload when small public exponents are being used (e.g., e=3), which could lead to impersonation. Additionally, a remote attacker, by encoding a shorter than expected hash in the SIG payload, could trigger an assertion leading to denial-of-service. The daemon aborts and restarts; continued exploitation causes sustained denial of service. Remote code execution is not possible. X.509 certificate verifications of remote IKE peers are not affected.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:libreswan
Assigner Org ID:d42dc95b-23f1-4e06-9076-20753a0fb0df
Published At:02 Jul, 2026 | 21:44
Updated At:02 Jul, 2026 | 21:44
Rejected At:
â–¼CVE Numbering Authority (CNA)
IKEv1 Denial of Service via RSA-SHA1 (PKCS#1 Version 1.5 Encrypted) authentication payload

Libreswan, via the function RSA_authenticate_hash_signature_raw_rsa(), did not correctly verify the length of the authentication hash when the SIG payload of an IKEv1 packet was encoded using PKCS #1 RSA Encryption as per RFC 2313. A remote attacker can use a variation on the Bleichenbacher attack to forge the SIG payload when small public exponents are being used (e.g., e=3), which could lead to impersonation. Additionally, a remote attacker, by encoding a shorter than expected hash in the SIG payload, could trigger an assertion leading to denial-of-service. The daemon aborts and restarts; continued exploitation causes sustained denial of service. Remote code execution is not possible. X.509 certificate verifications of remote IKE peers are not affected.

Affected Products
Vendor
The Libreswan Project
Product
libreswan
Collection URL
https://github.com/libreswan/libreswan
Package Name
libreswan
Repo
https://github.com/libreswan/libreswan
Program Routines
  • RSA_authenticate_hash_signature_raw_rsa
Default Status
unaffected
Versions
Affected
  • From 0 through 5.3 (semver)
Unaffected
  • 5.3.1 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-347CWE-347: Improper Verification of Cryptographic Signature
CWECWE-617CWE-617: Reachable Assertion
Type: CWE
CWE ID: CWE-347
Description: CWE-347: Improper Verification of Cryptographic Signature
Type: CWE
CWE ID: CWE-617
Description: CWE-617: Reachable Assertion
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.18.1HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 8.1
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
vendorSeverity
value:
MEDIUM
description:
Vendor-assessed severity: Medium. Authentication bypass requires weak RSA exponents (e=3) which have been disallowed by most cryptographic libraries for over a decade. DoS is mitigated by automatic daemon restart.
Impacts
CAPEC IDDescription
CAPEC-463Denial of Service via assertion failure in pluto daemon when processing malformed RSA PKCS#1 v1.5 SIG payloads in IKEv1
CAPEC-473Authentication bypass via Bleichenbacher-style signature forgery when weak RSA exponents (e.g., e=3) are in use
CAPEC ID: CAPEC-463
Description: Denial of Service via assertion failure in pluto daemon when processing malformed RSA PKCS#1 v1.5 SIG payloads in IKEv1
CAPEC ID: CAPEC-473
Description: Authentication bypass via Bleichenbacher-style signature forgery when weak RSA exponents (e.g., e=3) are in use
Solutions

Upgrade to libreswan 5.3.1 or later. Patches for libreswan 4.15 and 5.3 are available at https://libreswan.org/security/CVE-2026-50721/

Configurations

Any server or client that accepts RSA-based IKEv1 connections via the default authby=rsasig option is vulnerable to denial of service. Authentication bypass additionally requires the use of RSA keys with weak exponents (e=3). IKEv1 only supports RSA-SHA1 (PKCS#1 Version 1.5) for public key authentication, so the vulnerable code path cannot be disabled without migrating to IKEv2 or switching to PSK.

Workarounds

IKEv1 only supports RSA-SHA1 (PKCS#1 Version 1.5) with public key authentication, so there is no way to disable the vulnerable code path within IKEv1. Migrate IKEv1 connections to IKEv2 where authby=ecdsa or authby=rsa-sha2 can be configured. For static tunnel configurations (not Remote Access VPN Client groups), authentication can be changed to use PSK via authby=secret after coordination with the remote peer.

Exploits

No known exploitation in the wild. The authentication bypass requires the target to use RSA keys with weak exponents (e=3), which have been disallowed by most cryptographic libraries for at least a decade. The denial-of-service attack is exploitable against any IKEv1 configuration using the default authby=rsasig option.

Credits

finder
Yeonghyeon Choi
finder
Duyeong Kim
analyst
Andrew Cagney (The Libreswan Team)
Timeline
EventDate
Libreswan notified of the issue via security@libreswan.org2026-03-24 00:00:00
Advanced notice given to supported customers and distributions2026-06-16 00:00:00
Public announcement and release of libreswan 5.3.12026-06-24 00:00:00
Event: Libreswan notified of the issue via security@libreswan.org
Date: 2026-03-24 00:00:00
Event: Advanced notice given to supported customers and distributions
Date: 2026-06-16 00:00:00
Event: Public announcement and release of libreswan 5.3.1
Date: 2026-06-24 00:00:00
Replaced By

Rejected Reason

References
HyperlinkResource
https://libreswan.org/security/CVE-2026-50721/CVE-2026-50721.txt
vendor-advisory
https://libreswan.org/security/CVE-2026-50721/
patch
https://libreswan.org/security/CVE-2026-50722/CVE-2026-50722.txt
related
https://www.rfc-editor.org/rfc/rfc2313
technical-description
Hyperlink: https://libreswan.org/security/CVE-2026-50721/CVE-2026-50721.txt
Resource:
vendor-advisory
Hyperlink: https://libreswan.org/security/CVE-2026-50721/
Resource:
patch
Hyperlink: https://libreswan.org/security/CVE-2026-50722/CVE-2026-50722.txt
Resource:
related
Hyperlink: https://www.rfc-editor.org/rfc/rfc2313
Resource:
technical-description
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:d42dc95b-23f1-4e06-9076-20753a0fb0df
Published At:02 Jul, 2026 | 22:16
Updated At:02 Jul, 2026 | 22:16

Libreswan, via the function RSA_authenticate_hash_signature_raw_rsa(), did not correctly verify the length of the authentication hash when the SIG payload of an IKEv1 packet was encoded using PKCS #1 RSA Encryption as per RFC 2313. A remote attacker can use a variation on the Bleichenbacher attack to forge the SIG payload when small public exponents are being used (e.g., e=3), which could lead to impersonation. Additionally, a remote attacker, by encoding a shorter than expected hash in the SIG payload, could trigger an assertion leading to denial-of-service. The daemon aborts and restarts; continued exploitation causes sustained denial of service. Remote code execution is not possible. X.509 certificate verifications of remote IKE peers are not affected.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.18.1HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 8.1
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CPE Matches

Weaknesses
CWE IDTypeSource
CWE-347Secondaryd42dc95b-23f1-4e06-9076-20753a0fb0df
CWE-617Secondaryd42dc95b-23f1-4e06-9076-20753a0fb0df
CWE ID: CWE-347
Type: Secondary
Source: d42dc95b-23f1-4e06-9076-20753a0fb0df
CWE ID: CWE-617
Type: Secondary
Source: d42dc95b-23f1-4e06-9076-20753a0fb0df
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://libreswan.org/security/CVE-2026-50721/d42dc95b-23f1-4e06-9076-20753a0fb0df
N/A
https://libreswan.org/security/CVE-2026-50721/CVE-2026-50721.txtd42dc95b-23f1-4e06-9076-20753a0fb0df
N/A
https://libreswan.org/security/CVE-2026-50722/CVE-2026-50722.txtd42dc95b-23f1-4e06-9076-20753a0fb0df
N/A
https://www.rfc-editor.org/rfc/rfc2313d42dc95b-23f1-4e06-9076-20753a0fb0df
N/A
Hyperlink: https://libreswan.org/security/CVE-2026-50721/
Source: d42dc95b-23f1-4e06-9076-20753a0fb0df
Resource: N/A
Hyperlink: https://libreswan.org/security/CVE-2026-50721/CVE-2026-50721.txt
Source: d42dc95b-23f1-4e06-9076-20753a0fb0df
Resource: N/A
Hyperlink: https://libreswan.org/security/CVE-2026-50722/CVE-2026-50722.txt
Source: d42dc95b-23f1-4e06-9076-20753a0fb0df
Resource: N/A
Hyperlink: https://www.rfc-editor.org/rfc/rfc2313
Source: d42dc95b-23f1-4e06-9076-20753a0fb0df
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

310Records found

CVE-2022-35934
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.40% / 31.63%
||
7 Day CHG+0.02%
Published-16 Sep, 2022 | 19:30
Updated-23 Apr, 2025 | 17:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
`CHECK` failure in tf.reshape in Tensorflow

TensorFlow is an open source platform for machine learning. The implementation of tf.reshape op in TensorFlow is vulnerable to a denial of service via CHECK-failure (assertion failure) caused by overflowing the number of elements in a tensor. This issue has been patched in GitHub commit 61f0f9b94df8c0411f0ad0ecc2fec2d3f3c33555. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-617
Reachable Assertion
CVE-2022-33251
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.38% / 30.25%
||
7 Day CHG~0.00%
Published-06 Jun, 2023 | 07:38
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reachable assertion in Modem

Transient DOS due to reachable assertion in Modem because of invalid network configuration.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sm7325-ae_firmware315_5g_iot_modem_firmwareqca8337wcn785x-5qca6431_firmwarewcd9360_firmwaresm7250-ac_firmwareqca6595au_firmwareqca6390_firmwaresnapdragon_x70_modem-rf_systemsm8350wcd9370qca6426wcn685x-1sm7350-ab_firmwaresm8450sm4375wcn3998sm8250-abwcd9385_firmwareqcn6024_firmwaresm6375_firmwaresm7325-afsm7325-aesnapdragon_x55_5g_modem-rf_systemqca6574au_firmwaresdx55_firmwareqca6595auwcn3998_firmwareqca8081_firmwaresm7325-af_firmwaresm7250p_firmwarewcd9375_firmwarewcd9360qca6436_firmwaresm4350-acsnapdragon_auto_5g_modem-rf_firmwaresnapdragon_x65_5g_modem-rf_system_firmwaresnapdragon_x70_modem-rf_system_firmwareqcs6490qca6698aqqcs8550_firmwaresm8250_firmwaresm7250-ab_firmwaresm8250-acwcn3988_firmware315_5g_iot_modemqca6421sm7250-aawsa8810_firmwaresm4375_firmwaresm8450_firmwareqca6436qca8081qca6698aq_firmwarewcn685x-1_firmwarewcd9385sm8150_firmwaresxr2130_firmwarewcd9341qca6431qca6696_firmwareqcs6490_firmwareqca6390ar8035sm4350_firmwarewcd9375sm8250-ac_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwaresm7225_firmwaresnapdragon_7c\+_gen_3_compute_firmwareqcm6490sm8150wcn3988wsa8815_firmwarewsa8835_firmwaresm7350-absm8475wcn6750_firmwarewcn785x-1sm6375wcn3991qca8337_firmwarewcd9380_firmwaresd865_5gsm8350-ac_firmwaresm8150-acwsa8835snapdragon_7c\+_gen_3_computesnapdragon_auto_5g_modem-rfwcd9380sxr2130qca6574awcn685x-5_firmwaresm7325psm7325wcn6750sm7225sm7250-absd855wsa8815sm7325p_firmwaresdx57m_firmwaresnapdragon_xr2_5g_platform_firmwareqca6426_firmwareqca6574a_firmwareqcn9024wcn785x-5_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresm8250-ab_firmwareqca6391qca6421_firmwaresm6350sm8475_firmwarewcn6740_firmwaresnapdragon_xr2_5g_platformsnapdragon_x65_5g_modem-rf_systemqcm6490_firmwaresm8350_firmwarewcn685x-5sm6350_firmwarewcn785x-1_firmwareqca6574auqcn9024_firmwaresdx57mwcd9341_firmwarewsa8810sm7250-aa_firmwaresm7250-acsm8150-ac_firmwaresm8350-acwcn6740qca6696qca6391_firmwareqcs8550sm4350wcd9370_firmwaresm4350-ac_firmwaresdx55sm8250qcn6024sm7250par8035_firmwaresm7325_firmwareSnapdragon
CWE ID-CWE-617
Reachable Assertion
CVE-2022-33244
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.41% / 32.57%
||
7 Day CHG~0.00%
Published-07 Mar, 2023 | 04:43
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reachable assertion in Modem

Transient DOS due to reachable assertion in modem during MIB reception and SIB timeout

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewcn3991wsa8830qca8337_firmwarewcd9380_firmwaresd780gqca8337wcn6856_firmwaresnapdragon_4_gen_1_firmwaresdx65wsa8835wcd9380sd888_5gwcd9370wcn6855_firmwaresm7325pwcn6750wcn3998wcd9385_firmwareqcn6024_firmwaresa515msd_8_gen1_5g_firmwarewsa8815sm7325p_firmwarewcn6850sdx57m_firmwarewcn7850sd695qcn9024wcd9375_firmwareqca8081_firmwarewcn3998_firmwareqca6391wcn6740_firmwaresd778gsdx65_firmwaresa515m_firmwareqcs6490wcn7851qcm6490_firmwaresd480_firmwarewcn6851_firmwarewcn3988_firmwaresd778g_firmwareqcn9024_firmwarewsa8810_firmwaresdx57msd480wsa8810wcn6855wcn6851qca8081wcn7851_firmwarewcn6856wcd9385sd695_firmwareqcs6490_firmwarewcn6740sdx70m_firmwareqca6391_firmwarear8035wcd9375sd780g_firmwarewcd9370_firmwarewsa8830_firmwareqcn6024sdx70msnapdragon_4_gen_1qcm6490sd888_5g_firmwarewsa8835_firmwarewcn3988wcn6850_firmwarewcn7850_firmwarewsa8815_firmwaresm8475wcn6750_firmwarear8035_firmwareSnapdragonwcn6740_firmwarewcn3991_firmwareqca8337_firmwarewcd9380_firmwaresdx65_firmwaresa515m_firmwareqcm6490_firmwaresd480_firmwarewcn6851_firmwarewcn6856_firmwaresnapdragon_4_gen_1_firmwarewcn3988_firmwaresd778g_firmwareqcn9024_firmwarewsa8810_firmwarewcn7851_firmwarewcn6855_firmwaresd695_firmwareqcs6490_firmwaresdx70m_firmwareqca6391_firmwarewcd9385_firmwareqcn6024_firmwaresd780g_firmwarewcd9370_firmwaresd_8_gen1_5g_firmwaresm7325p_firmwarewsa8830_firmwaresdx57m_firmwarewsa8815_firmwaresd888_5g_firmwarewcn6850_firmwarewcn7850_firmwarewsa8835_firmwarewcd9375_firmwareqca8081_firmwarewcn3998_firmwarewcn6750_firmwarear8035_firmware
CWE ID-CWE-617
Reachable Assertion
CVE-2022-33254
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.41% / 32.57%
||
7 Day CHG~0.00%
Published-07 Mar, 2023 | 04:43
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reachable assertion in Modem

Transient DOS due to reachable assertion in Modem while processing SIB1 Message.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830qca8337qca6431_firmwaresnapdragon_4_gen_1_firmwaresdx65sd765g_firmwareqca6595au_firmwareqca6390_firmwaresd690_5gwcd9370qca6426wcn3998wcd9385_firmwaresdxr2_5g_firmwareqcn6024_firmwaresd_8_gen1_5g_firmwarewcn7850qca6574au_firmwaresdx55_firmwareqca6595auqca8081_firmwarewcd9375_firmwarewcn3998_firmwaresm7250p_firmwareqca6436_firmwaresd778gsa515m_firmwareqcs6490wcn7851sdxr2_5gwcn3988_firmwareqca6421sd778g_firmwarewsa8810_firmwaresd765gsd765_firmwareqca6436wcn6851qca8081wcn7851_firmwarewcd9385wcd9341qca6431qca6696_firmwareqcs6490_firmwaresd750gsd870_firmwaresdx70m_firmwareqca6390ar8035sd750g_firmwareaqt1000wcd9375wsa8830_firmwaresd855_firmwaresd865_5g_firmwaresnapdragon_4_gen_1qcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewcn7850_firmwarewsa8815_firmwarewsa8835_firmwareqcx315sm8475wcn6750_firmwarewcn3991qca8337_firmwarewcd9380_firmwaresd780gsd865_5gsdx55m_firmwarewcn6856_firmwarewsa8835qcx315_firmwarewcd9380sd888_5gqca6574asd690_5g_firmwaresdx50m_firmwarewcn6855_firmwaresm7325pwcn6750sa515msd855wsa8815sm7325p_firmwarewcn6850sdx57m_firmwaresd765qca6426_firmwareqca6574a_firmwaresd695sd768g_firmwareqcn9024qca6391sdx55mqca6421_firmwareaqt1000_firmwarewcn6740_firmwaresdx65_firmwareqcm6490_firmwaresdx50msd480_firmwarewcn6851_firmwareqca6574auqcn9024_firmwaresdx57mwcd9341_firmwaresd480sd870wsa8810wcn6855wcn6856sd695_firmwaresd768gwcn6740qca6696qca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55qcn6024sdx70msm7250par8035_firmwareSnapdragonwcn3991_firmwareqca8337_firmwarewcd9380_firmwareqca6431_firmwaresdx55m_firmwarewcn6856_firmwaresnapdragon_4_gen_1_firmwareqcx315_firmwaresd765g_firmwareqca6595au_firmwareqca6390_firmwaresd690_5g_firmwaresdx50m_firmwarewcn6855_firmwarewcd9385_firmwaresdxr2_5g_firmwareqcn6024_firmwaresd_8_gen1_5g_firmwaresm7325p_firmwaresdx57m_firmwareqca6426_firmwareqca6574a_firmwareqca6574au_firmwaresd768g_firmwaresdx55_firmwarewcd9375_firmwareqca8081_firmwarewcn3998_firmwaresm7250p_firmwareqca6436_firmwareqca6421_firmwareaqt1000_firmwarewcn6740_firmwaresdx65_firmwaresa515m_firmwareqcm6490_firmwaresd480_firmwarewcn6851_firmwarewcn3988_firmwaresd778g_firmwareqcn9024_firmwarewsa8810_firmwarewcd9341_firmwaresd765_firmwarewcn7851_firmwaresd695_firmwareqca6696_firmwareqcs6490_firmwaresd870_firmwaresdx70m_firmwareqca6391_firmwaresd750g_firmwaresd780g_firmwarewcd9370_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewsa8815_firmwaresd888_5g_firmwarewsa8835_firmwarewcn6850_firmwarewcn7850_firmwarewcn6750_firmwarear8035_firmware
CWE ID-CWE-617
Reachable Assertion
CVE-2022-32082
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.84% / 76.39%
||
7 Day CHG+0.35%
Published-01 Jul, 2022 | 00:00
Updated-03 Aug, 2024 | 07:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MariaDB v10.5 to v10.7 was discovered to contain an assertion failure at table->get_ref_count() == 0 in dict0dict.cc.

Action-Not Available
Vendor-n/aMariaDB FoundationFedora Project
Product-mariadbfedoran/a
CWE ID-CWE-617
Reachable Assertion
CVE-2022-33250
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.41% / 32.57%
||
7 Day CHG~0.00%
Published-07 Mar, 2023 | 04:43
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reachable assertion in Modem

Transient DOS due to reachable assertion in modem when network repeatedly sent invalid message container for NR to LTE handover.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830qca8337qca6431_firmwaresnapdragon_4_gen_1_firmwarewcd9360_firmwaresdx65sd765g_firmwareqca6595au_firmwareqca6390_firmwaresd690_5gwcd9370qca6426wcn3998wcd9385_firmwaresdxr2_5g_firmwareqcn6024_firmwaresd_8_gen1_5g_firmwaresm7315_firmwarewcn7850qca6574au_firmwaresdx55_firmwareqca6595auqca8081_firmwarewcd9375_firmwarewcn3998_firmwaresm7250p_firmwarewcd9360qca6436_firmwaresd778gsa515m_firmwareqcs6490wcn7851sdxr2_5gwcn3988_firmwareqca6421sd778g_firmwarewsa8810_firmwaresd765gsd765_firmwareqca6436wcn6851qca8081wcn7851_firmwarewcd9385wcd9341qca6431qca6696_firmwareqcs6490_firmwaresd750gsd870_firmwaresdx70m_firmwareqca6390ar8035sd750g_firmwarewcd9375wsa8830_firmwaresd855_firmwaresd865_5g_firmwaresnapdragon_4_gen_1qcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewcn7850_firmwarewsa8815_firmwarewsa8835_firmwareqcx315sm8475wcn6750_firmwarewcn3991qca8337_firmwarewcd9380_firmwaresd780gsd865_5gsdx55m_firmwarewcn6856_firmwaresd888wsa8835qcx315_firmwarewcd9380sd888_5gqca6574asd690_5g_firmwarewcn6855_firmwaresm7325pwcn6750sa515msd855wsa8815sm7325p_firmwarewcn6850sdx57m_firmwaresd765qca6426_firmwareqca6574a_firmwaresd695sd768g_firmwareqcn9024sm7315qca6391sdx55mqca6421_firmwarewcn6740_firmwaresdx65_firmwareqcm6490_firmwaresd480_firmwarewcn6851_firmwareqca6574auqcn9024_firmwaresdx57mwcd9341_firmwaresd480sd870wsa8810wcn6855wcn6856sd695_firmwaresd768gwcn6740qca6696qca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwareqcn6024sdx70msm7250par8035_firmwareSnapdragonwcn3991_firmwareqca8337_firmwarewcd9380_firmwareqca6431_firmwaresdx55m_firmwarewcn6856_firmwaresnapdragon_4_gen_1_firmwarewcd9360_firmwareqcx315_firmwaresd765g_firmwareqca6595au_firmwareqca6390_firmwaresd690_5g_firmwarewcn6855_firmwarewcd9385_firmwaresdxr2_5g_firmwareqcn6024_firmwaresd_8_gen1_5g_firmwaresm7325p_firmwaresdx57m_firmwareqca6426_firmwaresm7315_firmwareqca6574a_firmwareqca6574au_firmwaresd768g_firmwaresdx55_firmwarewcd9375_firmwareqca8081_firmwarewcn3998_firmwaresm7250p_firmwareqca6436_firmwareqca6421_firmwarewcn6740_firmwaresdx65_firmwaresa515m_firmwareqcm6490_firmwaresd480_firmwarewcn6851_firmwarewcn3988_firmwaresd778g_firmwareqcn9024_firmwarewsa8810_firmwarewcd9341_firmwaresd765_firmwarewcn7851_firmwaresd695_firmwareqca6696_firmwareqcs6490_firmwaresd870_firmwaresdx70m_firmwareqca6391_firmwaresd750g_firmwaresd780g_firmwarewcd9370_firmwaresd888_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewsa8815_firmwaresd888_5g_firmwarewsa8835_firmwarewcn6850_firmwarewcn7850_firmwarewcn6750_firmwarear8035_firmware
CWE ID-CWE-617
Reachable Assertion
CVE-2022-33024
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.99% / 58.11%
||
7 Day CHG~0.00%
Published-22 Jun, 2022 | 13:33
Updated-03 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an Assertion `int decode_preR13_entities(BITCODE_RL, BITCODE_RL, unsigned int, BITCODE_RL, BITCODE_RL, Bit_Chain *, Dwg_Data *' failed at dwg2dxf: decode.c:5801 in libredwg v0.12.4.4608.

Action-Not Available
Vendor-n/aGNU
Product-libredwgn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2024-53429
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.71% / 49.06%
||
7 Day CHG~0.00%
Published-21 Nov, 2024 | 00:00
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Open62541 v1.4.6 is has an assertion failure in fuzz_binary_decode, which leads to a crash.

Action-Not Available
Vendor-n/aopen62541
Product-n/aopen62541
CWE ID-CWE-617
Reachable Assertion
CVE-2022-27382
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.55% / 71.97%
||
7 Day CHG+0.07%
Published-12 Apr, 2022 | 19:14
Updated-03 Aug, 2024 | 05:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component Item_field::used_tables/update_depend_map_for_order.

Action-Not Available
Vendor-n/aMariaDB Foundation
Product-mariadbn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2022-27448
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.15% / 79.91%
||
7 Day CHG+0.06%
Published-14 Apr, 2022 | 12:56
Updated-03 Aug, 2024 | 05:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an Assertion failure in MariaDB Server v10.9 and below via 'node->pcur->rel_pos == BTR_PCUR_ON' at /row/row0mysql.cc.

Action-Not Available
Vendor-n/aMariaDB FoundationDebian GNU/Linux
Product-debian_linuxmariadbn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2022-26446
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-7.5||HIGH
EPSS-1.05% / 60.12%
||
7 Day CHG~0.00%
Published-08 Nov, 2022 | 00:00
Updated-01 May, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Modem 4G RRC, there is a possible system crash due to improper input validation. This could lead to remote denial of service, when concatenating improper SIB12 (CMAS message), with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00867883; Issue ID: ALPS07274118.

Action-Not Available
Vendor-MediaTek Inc.
Product-nr15mt6725mt6763mt6789mt8766mt6769mt6833mt6875mt6762dmt8667mt6762mt6769tmt2731mt6853mt6889mt6297mt6890mt6891mt6877mt6765mt8789mt8768lr13mt8385mt6781mt6769zmt6883mt6762mmt6855mt8675mt8791mt6880mt8666mt6765tmt6767mt6785mt8797lr12amt6761nr16mt6785tmt6873mt6779mt2735mt6893mt6768mt6771mt6783mt6879mt8788mt6895mt6983mt8765mt8786mt6885mt6739MT2731, MT2735, MT6297, MT6725, MT6739, MT6761, MT6762, MT6762D, MT6762M, MT6763, MT6765, MT6765T, MT6767, MT6768, MT6769, MT6769T, MT6769Z, MT6771, MT6779, MT6781, MT6783, MT6785, MT6785T, MT6789, MT6833, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT6895, MT6983, MT8385, MT8666, MT8667, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797
CWE ID-CWE-617
Reachable Assertion
CVE-2022-25691
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.41% / 32.85%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in Modem due to reachable assertion while processing SIB1 with invalid SCS and bandwidth settings in Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwareqca8081_firmwarewsa8835wcn3998qcn6024_firmwareqca8337_firmwarewsa8810_firmwarewsa8815_firmwaresd695_firmwarewcd9380wcn7850wcd9385wcn7850_firmwaresd695sdx65wcd9385_firmwaresd480_firmwaresm4375wcd9375qca8081wcd9375_firmwarear8035_firmwarewsa8810wcn6856_firmwarewsa8830wcn6856wsa8815sm8475wcn3988wsa8835_firmwaresd480sm4375_firmwarewcn7851_firmwarear8035qcn9024_firmwarewcn6855_firmwareqcn9024wcn3998_firmwarewcn6855wcn3988_firmwarewcd9370_firmwarewcn7851sdx65_firmwareqcn6024wsa8830_firmwarewcd9370qca8337sd_8_gen1_5g_firmwareSnapdragon Mobile
CWE ID-CWE-617
Reachable Assertion
CVE-2022-25671
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.43% / 34.77%
||
7 Day CHG~0.00%
Published-15 Nov, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in MODEM due to reachable assertion in Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-ar8035_firmwarewcd9380_firmwarewcn6856_firmwarewsa8830wcn6856sm8475qca8081_firmwarewsa8835_firmwarewsa8835wcn7851_firmwarear8035qcn9024_firmwarewcn6855_firmwareqcn9024qcn6024_firmwareqca8337_firmwarewcn6855wcn7851sdx65_firmwarewcd9380wcn7850qcn6024wcn7850_firmwarewsa8830_firmwaresdx65qca8337sd_8_gen1_5g_firmwareqca8081Snapdragon Mobile
CWE ID-CWE-617
Reachable Assertion
CVE-2022-24777
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-1.13% / 62.49%
||
7 Day CHG~0.00%
Published-25 Mar, 2022 | 16:35
Updated-23 Apr, 2025 | 18:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Denial of Service via reachable assertion in grpc-swift

grpc-swift is the Swift language implementation of gRPC, a remote procedure call (RPC) framework. Prior to version 1.7.2, a grpc-swift server is vulnerable to a denial of service attack via a reachable assertion. This is due to incorrect logic when handling GOAWAY frames. The attack is low-effort: it takes very little resources to construct and send the required sequence of frames. The impact on availability is high as the server will crash, dropping all in flight connections and requests. This issue is fixed in version 1.7.2. There are currently no known workarounds.

Action-Not Available
Vendor-grpcThe Linux Foundation
Product-grpc_swiftgrpc-swift
CWE ID-CWE-617
Reachable Assertion
CVE-2022-25672
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.41% / 32.57%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in MODEM due to reachable assertion while processing SIB1 with invalid Bandwidth in Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwareqca8081_firmwarewsa8835wcn3998qcn6024_firmwareqca8337_firmwarewsa8810_firmwarewsa8815_firmwaresd695_firmwarewcd9380wcn7850wcd9385wcn7850_firmwaresd695sdx65wcd9385_firmwaresd480_firmwaresm4375wcd9375qca8081wcd9375_firmwarear8035_firmwarewsa8810wcn6856_firmwarewsa8830wcn6856wsa8815sm8475wcn3988wsa8835_firmwaresd480sm4375_firmwarewcn7851_firmwarear8035qcn9024_firmwarewcn6855_firmwareqcn9024wcn3998_firmwarewcn6855wcn3988_firmwarewcd9370_firmwarewcn7851sdx65_firmwareqcn6024wsa8830_firmwarewcd9370qca8337sd_8_gen1_5g_firmwareSnapdragon Mobile
CWE ID-CWE-617
Reachable Assertion
CVE-2024-47522
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.58% / 43.34%
||
7 Day CHG~0.00%
Published-16 Oct, 2024 | 19:40
Updated-02 Apr, 2026 | 14:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Suricata ja4: invalid alpn leads to panic

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, invalid ALPN in TLS/QUIC traffic when JA4 matching/logging is enabled can lead to Suricata aborting with a panic. This issue has been addressed in 7.0.7. One may disable ja4 as a workaround.

Action-Not Available
Vendor-oisfOISF
Product-suricatasuricata
CWE ID-CWE-617
Reachable Assertion
CVE-2022-25689
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.41% / 32.85%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in Modem due to reachable assertion in Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-ar8035_firmwarewcd9380_firmwarewcn6856_firmwarewcn6856qca8081_firmwarear8035qcn9024_firmwarewcn6855_firmwareqcn9024qcn6024_firmwarewcn6855qca8337_firmwaresdx65_firmwarewcd9380qcn6024sdx65qca8337qca8081Snapdragon Mobile
CWE ID-CWE-617
Reachable Assertion
CVE-2022-25702
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.41% / 32.85%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in modem due to reachable assertion while processing reconfiguration message in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwarewcd9340_firmwarewcn3615_firmwaresd429_firmwareapq8037_firmwareapq8009sd855_firmwaresdx50mqcn6024_firmwaresdx55qca6421wcn3610_firmwarewcn7850qca6426_firmwaremsm8937wcn3660bwcn3660b_firmwaresm4375sd205_firmwarewsa8830sd768gwcn6740_firmwarewcn6856wsa8815qca6390sda429w_firmwaresdx50m_firmwarewcn3680bsd480wcn7851_firmwarewcn3620_firmwaresd855wcd9340wcn6850sdx55_firmwaremsm8608sdxr2_5g_firmwareapq8037qcn6024sd765g_firmwarewcn3680b_firmwaremsm8108_firmwaresd865_5g_firmwareqca6421_firmwareapq8017_firmwaresdm429w_firmwarewcn6750msm8917_firmwaresd695_firmwarewcd9380msm8108qca6431_firmwaremsm8208sd695sd480_firmwareqca8081wcd9375_firmwarear8035_firmwaresd888sm7315_firmwarewcn6856_firmwaresd870aqt1000qca6390_firmwarear8035qcn9024_firmwarewcn6855_firmwarewcn6855sd780g_firmwareqcx315_firmwaresdx65_firmwaresd870_firmwaresa515mqca6431sa515m_firmwarewcd9370sd888_firmwarewcn3980sd429sd439_firmwaresd690_5gsm7315qca8081_firmwaresd765_firmwaresd765gwsa8835sdx55mmsm8208_firmwaremsm8917wcn3998wcn6850_firmwarewsa8810_firmwareqca8337_firmwarewsa8815_firmwarewcn3991_firmwarewcn6740msm8608_firmwarewcd9385qca6436wcn7850_firmwaresdx65wcd9385_firmwarewcn6750_firmwarewsa8810sd210aqt1000_firmwarewsa8835_firmwaresm4375_firmwaresm7250p_firmwareapq8009_firmwareqca6391qcn9024wcn3991wcn3998_firmwarewcn6851wcd9370_firmwaresd439sda429wqcx315sd210_firmwarewsa8830_firmwareqca8337sd_8_gen1_5g_firmwarefsm10055_firmwaresdxr2_5gfsm10055wcd9341wcn3980_firmwarewcn6851_firmwaresdm429wwcd9326qca6391_firmwaresd205wcd9326_firmwaresm7250pmsm8937_firmwarewcn3610msm8209apq8017wcd9375sd750g_firmwaresd865_5gsd780gqca6426sdx55m_firmwaresd690_5g_firmwaresm8475wcn3988wcn3615sd750gwcn3620sd765sd768g_firmwarewcn3988_firmwarewcn7851msm8209_firmwareqca6436_firmwarewcd9341_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-617
Reachable Assertion
CVE-2022-25692
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.41% / 32.85%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in Modem due to reachable assertion while processing the common config procedure in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd429wcd9380_firmwareqca6595au_firmwaresd429_firmwaresd690_5gqca8081_firmwaresd765_firmwaresd765gwsa8835sdx55mwcn3998wcn6850_firmwareqcn6024_firmwareqcs6490sdx55wsa8810_firmwareqca8337_firmwarewsa8815_firmwarewcn3991_firmwareqca6696wcn6740wcn3610_firmwarewcn7850wcd9385wcn3660bwcn7850_firmwaresdx65wcd9385_firmwarewcn3660b_firmwaresm4375wcn6750_firmwarewsa8810wcd9360_firmwarewcd9341_firmwarewsa8830sd888_5gsd768gwcn6740_firmwarewcn6856wsa8815qca6390sda429w_firmwarewcn3680bwsa8835_firmwaresd480wcn7851_firmwarewcn3620_firmwaresm4375_firmwaresm7250p_firmwareqcs6490_firmwareqca6391qcn9024wcn3991wcn3998_firmwarewcn6850wcn6851sdx55_firmwaresd778g_firmwarewcd9370_firmwareqca6574a_firmwareqcm6490sda429wqcn6024sdx57mqcx315sd888_5g_firmwarewsa8830_firmwareqca8337sd765g_firmwarewcn3680b_firmwareqca6574asd_8_gen1_5g_firmwaresd865_5g_firmwarewcd9341wcn3980_firmwarewcn6851_firmwaresdm429w_firmwaresdm429wwcn6750sm7325pqca6391_firmwaresm7250psd695_firmwarewcd9380wcn3610sd695sd480_firmwarewcd9375qca8081wcd9375_firmwarear8035_firmwareqca6696_firmwaresd865_5gsm7325p_firmwaresd780gwcn6856_firmwaresd870sdx57m_firmwaresdx55m_firmwaresd690_5g_firmwaresm8475sd778gwcn3988qca6390_firmwarear8035qcn9024_firmwarewcn6855_firmwarewcn3620sd765sd768g_firmwarewcd9360wcn6855sd780g_firmwareqcx315_firmwarewcn3988_firmwarewcn7851sdx65_firmwaresd870_firmwareqcm6490_firmwaresa515msa515m_firmwareqca6595auwcd9370wcn3980Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-617
Reachable Assertion
CVE-2024-45795
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.53% / 41.16%
||
7 Day CHG~0.00%
Published-16 Oct, 2024 | 18:34
Updated-02 Apr, 2026 | 14:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Suricata detect/datasets: reachable assertion with unimplemented rule option

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, rules using datasets with the non-functional / unimplemented "unset" option can trigger an assertion during traffic parsing, leading to denial of service. This issue is addressed in 7.0.7. As a workaround, use only trusted and well tested rulesets.

Action-Not Available
Vendor-oisfOISF
Product-suricatasuricata
CWE ID-CWE-617
Reachable Assertion
CVE-2025-8804
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.73% / 49.61%
||
7 Day CHG~0.00%
Published-10 Aug, 2025 | 10:02
Updated-15 Aug, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Open5GS AMF ngap_build_downlink_nas_transport assertion

A vulnerability was found in Open5GS up to 2.7.5. Affected by this vulnerability is the function ngap_build_downlink_nas_transport of the component AMF. The manipulation leads to reachable assertion. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.7.6 is able to address this issue. The identifier of the patch is bca0a7b6e01d254f4223b83831162566d4626428. It is recommended to upgrade the affected component.

Action-Not Available
Vendor-open5gsn/a
Product-open5gsOpen5GS
CWE ID-CWE-617
Reachable Assertion
CVE-2022-29339
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.14% / 62.74%
||
7 Day CHG+0.02%
Published-05 May, 2022 | 12:44
Updated-03 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In GPAC 2.1-DEV-rev87-g053aae8-master, function BS_ReadByte() in utils/bitstream.c has a failed assertion, which causes a Denial of Service. This vulnerability was fixed in commit 9ea93a2.

Action-Not Available
Vendor-n/aGPAC
Product-gpacn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2024-45396
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.56% / 42.55%
||
7 Day CHG~0.00%
Published-11 Oct, 2024 | 14:36
Updated-12 Nov, 2024 | 20:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Quicly assertion failures

Quicly is an IETF QUIC protocol implementation. Quicly up to commtit d720707 is susceptible to a denial-of-service attack. A remote attacker can exploit these bugs to trigger an assertion failure that crashes process using quicly. The vulnerability is addressed with commit 2a95896104901589c495bc41460262e64ffcad5c.

Action-Not Available
Vendor-denah2oh2o_project
Product-quiclyquiclyquicly
CWE ID-CWE-617
Reachable Assertion
CVE-2022-23610
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.67% / 47.46%
||
7 Day CHG~0.00%
Published-16 Mar, 2022 | 17:40
Updated-23 Apr, 2025 | 18:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Verification of Cryptographic Signature in wire-server

wire-server provides back end services for Wire, an open source messenger. In versions of wire-server prior to the 2022-01-27 release, it was possible to craft DSA Signatures to bypass SAML SSO and impersonate any Wire user with SAML credentials. In teams with SAML, but without SCIM, it was possible to create new accounts with fake SAML credentials. Under certain conditions that can be established by an attacker, an upstream library for parsing, rendering, signing, and validating SAML XML data was accepting public keys as trusted that were provided by the attacker in the signature. As a consequence, the attacker could login as any user in any Wire team with SAML SSO enabled. If SCIM was not enabled, the attacker could also create new users with new SAML NameIDs. In order to exploit this vulnerability, the attacker needs to know the SSO login code (distributed to all team members with SAML credentials and visible in the Team Management app), the SAML EntityID identifying the IdP (a URL not considered sensitive, but usually hard to guess, also visible in Team Management), and the SAML NameID of the user (usually an email address or a nick). The issue has been fixed in wire-server `2022-01-27` and is already deployed on all Wire managed services. On premise instances of wire-server need to be updated to `2022-01-27`, so that their backends are no longer affected. There are currently no known workarounds. More detailed information about how to reproduce the vulnerability and mitigation strategies is available in the GitHub Security Advisory.

Action-Not Available
Vendor-wirewireapp
Product-wire-serverwire-server
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2024-45403
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-3.7||LOW
EPSS-0.63% / 45.84%
||
7 Day CHG~0.00%
Published-11 Oct, 2024 | 14:28
Updated-12 Nov, 2024 | 19:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
H2O assertion failure when HTTP/3 requests are cancelled

h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. When h2o is configured as a reverse proxy and HTTP/3 requests are cancelled by the client, h2o might crash due to an assertion failure. The crash can be exploited by an attacker to mount a Denial-of-Service attack. By default, the h2o standalone server automatically restarts, minimizing the impact. However, HTTP requests that were served concurrently will still be disrupted. The vulnerability has been addressed in commit 1ed32b2. Users may disable the use of HTTP/3 to mitigate the issue.

Action-Not Available
Vendor-denah2o
Product-h2oh2o
CWE ID-CWE-617
Reachable Assertion
CVE-2024-42645
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.50% / 38.87%
||
7 Day CHG+0.02%
Published-29 Jul, 2025 | 00:00
Updated-06 Aug, 2025 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in FlashMQ v1.14.0 allows attackers to cause an assertion failure via sending a crafted retain message, leading to a Denial of Service (DoS).

Action-Not Available
Vendor-flashmqn/a
Product-flashmqn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2019-25041
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.13% / 79.69%
||
7 Day CHG~0.00%
Published-27 Apr, 2021 | 05:16
Updated-05 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unbound before 1.9.5 allows an assertion failure via a compressed name in dname_pkt_copy. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited

Action-Not Available
Vendor-nlnetlabsn/aDebian GNU/Linux
Product-unbounddebian_linuxn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2024-42644
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.50% / 38.87%
||
7 Day CHG+0.02%
Published-29 Jul, 2025 | 00:00
Updated-06 Aug, 2025 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FlashMQ v1.14.0 was discovered to contain an assertion failure in the function PublishCopyFactory::getNewPublish, which occurs when the QoS value of the publish object is greater than 0.

Action-Not Available
Vendor-flashmqn/a
Product-flashmqn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2021-28905
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.42% / 69.64%
||
7 Day CHG~0.00%
Published-20 May, 2021 | 18:36
Updated-03 Aug, 2024 | 21:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In function lys_node_free() in libyang <= v1.0.225, it asserts that the value of node->module can't be NULL. But in some cases, node->module can be null, which triggers a reachable assertion (CWE-617).

Action-Not Available
Vendor-cesnetn/a
Product-libyangn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2019-18844
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.74% / 74.98%
||
7 Day CHG~0.00%
Published-13 Nov, 2019 | 19:12
Updated-05 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Device Model in ACRN before 2019w25.5-140000p relies on assert calls in devicemodel/hw/pci/core.c and devicemodel/include/pci_core.h (instead of other mechanisms for propagating error information or diagnostic information), which might allow attackers to cause a denial of service (assertion failure) within pci core. This is fixed in 1.2. 6199e653418e is a mitigation for pre-1.1 versions, whereas 2b3dedfb9ba1 is a mitigation for 1.1.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-acrnn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2022-29228
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-1.17% / 63.69%
||
7 Day CHG~0.00%
Published-09 Jun, 2022 | 19:20
Updated-23 Apr, 2025 | 18:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reachable assertion in Envoy

Envoy is a cloud-native high-performance proxy. In versions prior to 1.22.1 the OAuth filter would try to invoke the remaining filters in the chain after emitting a local response, which triggers an ASSERT() in newer versions and corrupts memory on earlier versions. continueDecoding() shouldn’t ever be called from filters after a local reply has been sent. Users are advised to upgrade. There are no known workarounds for this issue.

Action-Not Available
Vendor-envoyproxyenvoyproxy
Product-envoyenvoy
CWE ID-CWE-617
Reachable Assertion
CWE ID-CWE-416
Use After Free
CVE-2019-14022
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.79% / 51.92%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Error occurs While extracting the ipv6_header having an invalid length due to lack of length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8096AU, MDM9205, MDM9206, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, Nicobar, QCM2150, QCS605, QM215, Rennell, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm2150_firmwaremdm9640_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8996ausm7150msm8917sdm670qcs605_firmwaresc8180xmdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwaremdm9205mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresdm660sc8180x_firmwaresdm710qm215sc7180_firmwaremdm9607sdm710_firmwaremsm8937msm8905sm8150_firmwaremsm8909apq8096ausdm439_firmwarerennellsc7180sdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8096au_firmwaremsm8917_firmwaresm8150sdm850nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-617
Reachable Assertion
CVE-2022-35969
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.38% / 30.29%
||
7 Day CHG+0.02%
Published-16 Sep, 2022 | 20:45
Updated-23 Apr, 2025 | 17:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
`CHECK` fail in `Conv2DBackpropInput` in TensorFlow

TensorFlow is an open source platform for machine learning. The implementation of `Conv2DBackpropInput` requires `input_sizes` to be 4-dimensional. Otherwise, it gives a `CHECK` failure which can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 50156d547b9a1da0144d7babe665cf690305b33c. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-617
Reachable Assertion
CVE-2022-35997
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.40% / 32.44%
||
7 Day CHG+0.02%
Published-16 Sep, 2022 | 22:15
Updated-23 Apr, 2025 | 17:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
`CHECK` fail in `tf.sparse.cross` in TensorFlow

TensorFlow is an open source platform for machine learning. If `tf.sparse.cross` receives an input `separator` that is not a scalar, it gives a `CHECK` fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 83dcb4dbfa094e33db084e97c4d0531a559e0ebf. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-617
Reachable Assertion
CVE-2024-34475
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.61% / 44.96%
||
7 Day CHG~0.00%
Published-04 May, 2024 | 00:00
Updated-22 Apr, 2025 | 17:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Open5GS before 2.7.1 is vulnerable to a reachable assertion that can cause an AMF crash via NAS messages from a UE: gmm_state_authentication in amf/gmm-sm.c for != OGS_ERROR.

Action-Not Available
Vendor-open5gsn/aopen5gs
Product-open5gsn/aopen5gs
CWE ID-CWE-617
Reachable Assertion
CVE-2022-22060
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.38% / 30.25%
||
7 Day CHG~0.00%
Published-06 Jun, 2023 | 07:38
Updated-03 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reachable Assertion in Modem

Assertion occurs while processing Reconfiguration message due to improper validation

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sm7325-ae_firmware315_5g_iot_modem_firmwareqca8337wcn785x-5qca6431_firmwarewcd9360_firmwaresm7250-ac_firmwareqca6595au_firmwareqca6390_firmwaresm8350wcd9370qca6426wcn685x-1sm7350-ab_firmwaresm8450sm4375wcn3998sm8250-abwcd9385_firmwareqcn6024_firmwaresm6375_firmwaresm7325-afsm7315_firmwaresm7325-aesnapdragon_x55_5g_modem-rf_systemqca6574au_firmwaresdx55_firmwareqca6595auwcn3998_firmwareqca8081_firmwaresm7325-af_firmwaresm7250p_firmwarewcd9375_firmwarewcd9360qca6436_firmwaresm4350-acsnapdragon_auto_5g_modem-rf_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcs6490qca6698aqsm8250_firmwaresm7250-ab_firmwaresm8250-acwcn3988_firmware315_5g_iot_modemqca6421sm7250-aawsa8810_firmwaresm4375_firmwaresm8450_firmwareqca6436qca8081qca6698aq_firmwarewcn685x-1_firmwarewcd9385sm8150_firmwaresxr2130_firmwarewcd9341qca6431qca6696_firmwareqcs6490_firmwareqca6390ar8035sm4350_firmwarewcd9375sm8250-ac_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwaresm7225_firmwaresnapdragon_7c\+_gen_3_compute_firmwareqcm6490sm8150wcn3988wsa8815_firmwarewsa8835_firmwaresm7350-absm8475wcn6750_firmwarewcn785x-1sm6375wcn3991qca8337_firmwarewcd9380_firmwaresd865_5gsm8350-ac_firmwaresm8150-acsd888wsa8835snapdragon_7c\+_gen_3_computesnapdragon_auto_5g_modem-rfwcd9380sxr2130qca6574awcn685x-5_firmwaresm7325psm7325wcn6750sm7225sm7250-absd855wsa8815sm7325p_firmwaresdx57m_firmwaresnapdragon_xr2_5g_platform_firmwareqca6426_firmwareqca6574a_firmwareqcn9024wcn785x-5_firmwaresm7315sm8250-ab_firmwareqca6391snapdragon_x55_5g_modem-rf_system_firmwareqca6421_firmwaresm6350sm8475_firmwarewcn6740_firmwaresnapdragon_xr2_5g_platformsnapdragon_x65_5g_modem-rf_systemqcm6490_firmwaresm8350_firmwarewcn685x-5sm6350_firmwarewcn785x-1_firmwareqca6574auqcn9024_firmwaresdx57mwcd9341_firmwarewsa8810sm7250-aa_firmwaresm7250-acsm8150-ac_firmwaresm8350-acwcn6740qca6696qca6391_firmwaresm4350wcd9370_firmwaresm4350-ac_firmwaresdx55sd888_firmwaresm8250qcn6024sm7250par8035_firmwaresm7325_firmwareSnapdragonwcn6740_firmwaresnapdragon_auto_5g_modem-rf_firmwareqca8337_firmwaresnapdragon_x65_5g_modem-rf_system_firmwaresnapdragon_778g_5g_mobile_platform_firmwaresnapdragon_690_5g_mobile_platform_firmwarewcd9380_firmware315_5g_iot_modem_firmwareqcm6490_firmwarewsa8835_firmwareqca6431_firmwarefastconnect_6900_firmwarewcd9360_firmwarewcn3988_firmwarefastconnect_6700_firmwareqcn9024_firmwarewsa8810_firmwaresnapdragon_888_5g_mobile_platform_firmwarewcd9341_firmwarefastconnect_7800_firmwareqca6595au_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqca6698aq_firmwaresnapdragon_480_5g_mobile_platform_firmwaresxr2130_firmwareqca6696_firmwareqcs6490_firmwareqca6391_firmwarewcd9385_firmwareqcn6024_firmwaresnapdragon_855_mobile_platform_firmwarewcd9370_firmwaresd888_firmwaresm7325p_firmwarewsa8830_firmwaresdx57m_firmwaresd855_firmwaresd865_5g_firmwaresnapdragon_xr2_5g_platform_firmwareqca6426_firmwarewsa8815_firmwaresm7315_firmwareqca6574a_firmwarefastconnect_6200_firmwareqca6574au_firmwaresdx55_firmwaresnapdragon_695_5g_mobile_platform_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresnapdragon_865_5g_mobile_platform_firmwareqca8081_firmwarefastconnect_6800_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresm7250p_firmwarewcd9375_firmwareqca6436_firmwarear8035_firmwaresnapdragon_750g_5g_mobile_platform_firmwareqca6421_firmware
CWE ID-CWE-617
Reachable Assertion
CVE-2024-31744
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.74% / 50.01%
||
7 Day CHG~0.00%
Published-19 Apr, 2024 | 00:00
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Jasper 4.2.2, the jpc_streamlist_remove function in src/libjasper/jpc/jpc_dec.c:2407 has an assertion failure vulnerability, allowing attackers to cause a denial of service attack through a specific image file.

Action-Not Available
Vendor-n/aJasPer
Product-n/ajasper
CWE ID-CWE-617
Reachable Assertion
CVE-2024-32475
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.68% / 47.86%
||
7 Day CHG~0.00%
Published-18 Apr, 2024 | 14:18
Updated-04 Sep, 2025 | 19:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Envoy RELEASE_ASSERT using auto_sni with :authority header > 255 bytes

Envoy is a cloud-native, open source edge and service proxy. When an upstream TLS cluster is used with `auto_sni` enabled, a request containing a `host`/`:authority` header longer than 255 characters triggers an abnormal termination of Envoy process. Envoy does not gracefully handle an error when setting SNI for outbound TLS connection. The error can occur when Envoy attempts to use the `host`/`:authority` header value longer than 255 characters as SNI for outbound TLS connection. SNI length is limited to 255 characters per the standard. Envoy always expects this operation to succeed and abnormally aborts the process when it fails. This vulnerability is fixed in 1.30.1, 1.29.4, 1.28.3, and 1.27.5.

Action-Not Available
Vendor-envoyproxyenvoyproxyenvoyproxy
Product-envoyenvoyenvoy
CWE ID-CWE-253
Incorrect Check of Function Return Value
CWE ID-CWE-617
Reachable Assertion
CVE-2019-10894
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-5.59% / 91.95%
||
7 Day CHG~0.00%
Published-09 Apr, 2019 | 03:50
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This was addressed in epan/dissectors/packet-gssapi.c by ensuring that a valid dissector is called.

Action-Not Available
Vendor-n/aWireshark FoundationDebian GNU/LinuxCanonical Ltd.Fedora ProjectopenSUSE
Product-ubuntu_linuxdebian_linuxfedorawiresharkleapn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2025-48704
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.27% / 18.44%
||
7 Day CHG~0.00%
Published-25 Dec, 2025 | 00:00
Updated-05 Jan, 2026 | 19:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Pexip Infinity 35.0 through 37.2 before 38.0 has Improper Input Validation in signalling that allows an attacker to trigger a software abort, resulting in a denial of service.

Action-Not Available
Vendor-pexipPexip
Product-pexip_infinityInfinity
CWE ID-CWE-617
Reachable Assertion
CVE-2025-47913
Matching Score-4
Assigner-Go Project
ShareView Details
Matching Score-4
Assigner-Go Project
CVSS Score-7.5||HIGH
EPSS-0.59% / 43.98%
||
7 Day CHG+0.01%
Published-13 Nov, 2025 | 21:29
Updated-09 Jan, 2026 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Potential denial of service in golang.org/x/crypto/ssh/agent

SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.

Action-Not Available
Vendor-golang.org/x/cryptoGo
Product-sshgolang.org/x/crypto/ssh/agent
CWE ID-CWE-617
Reachable Assertion
CVE-2021-24029
Matching Score-4
Assigner-Meta Platforms, Inc.
ShareView Details
Matching Score-4
Assigner-Meta Platforms, Inc.
CVSS Score-7.5||HIGH
EPSS-1.19% / 64.06%
||
7 Day CHG~0.00%
Published-15 Mar, 2021 | 21:15
Updated-03 Aug, 2024 | 19:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A packet of death scenario is possible in mvfst via a specially crafted message during a QUIC session, which causes a crash via a failed assertion. Per QUIC specification, this particular message should be treated as a connection error. This issue affects mvfst versions prior to commit a67083ff4b8dcbb7ee2839da6338032030d712b0 and proxygen versions prior to v2021.03.15.00.

Action-Not Available
Vendor-Facebook
Product-proxygenmvfstproxygenmvfst
CWE ID-CWE-617
Reachable Assertion
CVE-2022-25673
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.41% / 32.57%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in MODEM due to reachable assertion while processing configuration from network in Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-ar8035_firmwarewcd9380_firmwarewcn6856_firmwarewsa8830wcn6856sm8475qca8081_firmwarewsa8835_firmwarewsa8835wcn7851_firmwarear8035qcn9024_firmwarewcn6855_firmwareqcn9024qcn6024_firmwareqca8337_firmwarewcn6855wcn7851sdx65_firmwarewcd9380wcn7850qcn6024wcn7850_firmwarewsa8830_firmwaresdx65qca8337sd_8_gen1_5g_firmwareqca8081Snapdragon Mobile
CWE ID-CWE-617
Reachable Assertion
CVE-2024-23385
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.24% / 15.44%
||
7 Day CHG-0.00%
Published-04 Nov, 2024 | 10:04
Updated-07 Nov, 2024 | 20:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reachable Assertion in Modem

Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055snapdragon_8_gen_1_mobile_platformwsa8830qca8337fsm10056qfw7124sg8275p_firmwarewcd9360_firmwareqcn6224_firmwarefsm10055_firmwarewsa8840snapdragon_212_mobile_platformwcn3950_firmwarewcn6755_firmwareqca6595au_firmwaresnapdragon_x70_modem-rf_systemsnapdragon_480_5g_mobile_platformwcd9370snapdragon_480\+_5g_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwareqep8111_firmwareqca6584au_firmwaresnapdragon_8_gen_2_mobile_platformmsm8108wcd9385_firmwaremsm8108_firmwarewcn3950wcd9326_firmwareqcn6024_firmwarewcn3615_firmwarefastconnect_6200wcn3660bapq8037snapdragon_429_mobile_platform_firmwaresnapdragon_695_5g_mobile_platform_firmwarewcn3680b_firmwaresnapdragon_208_processor_firmwaresdx71m_firmwaresnapdragon_212_mobile_platform_firmwarewsa8845h_firmwarewcn3615wcd9375_firmwaresnapdragon_8_gen_3_mobile_platformsdx55_firmwaresnapdragon_425_mobile_platformwcn3610_firmwarewcd9360snapdragon_429_mobile_platformqfw7114qca8081_firmwareqca6584ausnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwaresnapdragon_x72_5g_modem-rf_systemsnapdragon_208_processorsnapdragon_x70_modem-rf_system_firmwarewsa8840_firmwaresnapdragon_439_mobile_platformqca6698aqqcs8550_firmwaresm8635wcn3988_firmwaresnapdragon_8\+_gen_1_mobile_platformwcd9340fastconnect_6700_firmwareapq8017_firmwarewsa8810_firmwareqcn6224wsa8845hwcn6755wcd9395_firmwarewcd9326snapdragon_x75_5g_modem-rf_systemsnapdragon_x62_5g_modem-rf_systemfsm10056_firmwareqca8081sdx71msnapdragon_x35_5g_modem-rf_systemsnapdragon_auto_5g_modem-rf_gen_2qcm4490qca6698aq_firmwaremsm8209_firmwareqca6174a_firmwarewcd9385snapdragon_auto_5g_modem-rf_gen_2_firmwareqca6696_firmwarear8035wcd9375snapdragon_210_processor_firmwaresnapdragon_430_mobile_platformwcd9390qcc710_firmwarewsa8830_firmwarewcn3620_firmwarewsa8815_firmwarewcn3988wsa8835_firmwarewcn3620apq8017snapdragon_8_gen_2_mobile_platform_firmwarewcn3610msm8608wcd9380_firmwareqca8337_firmwaresdm429wqcm8550ar8035_firmwarewsa8835sdm429w_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwarewcd9380qcn6274snapdragon_wear_4100\+_platform_firmwaresnapdragon_x72_5g_modem-rf_system_firmwarefastconnect_6700snapdragon_210_processorsnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_425_mobile_platform_firmwaresnapdragon_wear_4100\+_platformsm8635_firmwareqca6574asnapdragon_430_mobile_platform_firmwareqca6174asg8275pwcn3980sm6370_firmwareqfw7114_firmwarewsa8845wcd9340_firmwarewsa8815sdx57m_firmwarewsa8845_firmware205_mobile_platform_firmwaresnapdragon_4_gen_1_mobile_platformsnapdragon_439_mobile_platform_firmwarewcn3660b_firmwareqca6574a_firmwarefastconnect_6200_firmwaresnapdragon_x62_5g_modem-rf_system_firmwareqcn9024msm8209wcn3980_firmwarefastconnect_7800snapdragon_x35_5g_modem-rf_system_firmwaresmart_audio_200_platformqcm4490_firmwareqcn6274_firmwareqcs4490_firmwaresnapdragon_x65_5g_modem-rf_systemqca6574au_firmwarewsa8832_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900fastconnect_6900_firmwareqca6574ausmart_audio_200_platform_firmwareqcn9024_firmwaresdx57msnapdragon_8\+_gen_2_mobile_platformwsa8810fastconnect_7800_firmwarewsa8832snapdragon_8_gen_1_mobile_platform_firmwaresm8550psm6370wcn3680bsdx61qcc710qcs4490wcd9395205_mobile_platformqca6696qcs8550wcd9370_firmwaresm8550p_firmwaremsm8608_firmwaresdx55wcd9390_firmwaresnapdragon_8_gen_3_mobile_platform_firmwareqcn6024apq8037_firmwaresnapdragon_695_5g_mobile_platformsnapdragon_8\+_gen_1_mobile_platform_firmwareqca6595auqfw7124_firmwareqep8111sdx61_firmwaresnapdragon_480\+_5g_mobile_platformSnapdragonqca8337_firmwarewcd9380_firmwaresg8275p_firmwarewcd9360_firmwarear8035_firmwarefsm10055_firmwareqcn6224_firmwarefastconnect_6200_firmwaresdm429w_firmwarewcn3950_firmwarewcn6755_firmwareqca6595au_firmwaresnapdragon_x72_5g_modem-rf_system_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_425_mobile_platform_firmwaresm8635_firmwaresnapdragon_430_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwareqca6584au_firmwareqep8111_firmwaresm6370_firmwareqfw7114_firmwaremsm8108_firmwarewcd9385_firmwareqcn6024_firmwarewcd9326_firmwarewcn3615_firmwarewcd9340_firmwaresdx57m_firmwarewsa8845_firmwaresnapdragon_439_mobile_platform_firmwarewcn3660b_firmwaresnapdragon_429_mobile_platform_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca6574au_firmwaresdx55_firmwaresdx71m_firmwaresnapdragon_208_processor_firmwaresnapdragon_212_mobile_platform_firmwareqca8081_firmwarewcd9375_firmwarewcn3680b_firmwarewsa8845h_firmwaresnapdragon_x62_5g_modem-rf_system_firmwarewcn3610_firmwarewcn3980_firmwareqca6574a_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareqcm4490_firmwaresnapdragon_x35_5g_modem-rf_system_firmwareqcn6274_firmwareqcs4490_firmwaresnapdragon_x70_modem-rf_system_firmwarewsa8840_firmwarewsa8832_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwareqcs8550_firmwarewcn3988_firmwaresmart_audio_200_platform_firmwarefastconnect_6700_firmwareqcn9024_firmwareapq8017_firmwarewsa8810_firmwarefastconnect_7800_firmwarefsm10056_firmwarewcd9395_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqca6698aq_firmwaremsm8209_firmwareqca6174a_firmwarequalcomm_205_mobile_platform_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqca6696_firmwaremsm8608_firmwaresm8550p_firmwaresnapdragon_210_processor_firmwarewcd9370_firmwareqcc710_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwarewsa8830_firmwarewcn3620_firmwareapq8037_firmwarewsa8815_firmwarewsa8835_firmwaresdx61_firmwareqfw7124_firmwaresnapdragon_8_gen_2_mobile_platform_firmware
CWE ID-CWE-617
Reachable Assertion
CVE-2024-24427
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.39% / 30.58%
||
7 Day CHG~0.00%
Published-21 Jan, 2025 | 00:00
Updated-24 Jan, 2025 | 18:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A reachable assertion in the amf_ue_set_suci function of Open5GS <= 2.6.4 allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet.

Action-Not Available
Vendor-open5gsn/a
Product-open5gsn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2024-24428
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.47% / 37.55%
||
7 Day CHG~0.00%
Published-21 Jan, 2025 | 00:00
Updated-24 Jan, 2025 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A reachable assertion in the oai_nas_5gmm_decode function of Open5GS <= 2.6.4 allows attackers to cause a Denial of Service (DoS) via a crafted NGAP packet.

Action-Not Available
Vendor-open5gsn/a
Product-open5gsn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2024-24420
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.58% / 43.64%
||
7 Day CHG~0.00%
Published-21 Jan, 2025 | 00:00
Updated-03 Jul, 2025 | 00:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A reachable assertion in the decode_linked_ti_ie function of Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet.

Action-Not Available
Vendor-n/aThe Linux Foundation
Product-magman/a
CWE ID-CWE-617
Reachable Assertion
CVE-2024-24430
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.75% / 50.50%
||
7 Day CHG~0.00%
Published-22 Jan, 2025 | 00:00
Updated-22 Apr, 2025 | 17:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A reachable assertion in the mme_ue_find_by_imsi function of Open5GS <= 2.6.4 allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet.

Action-Not Available
Vendor-open5gsn/a
Product-open5gsn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2024-20094
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-7.5||HIGH
EPSS-0.72% / 49.49%
||
7 Day CHG~0.00%
Published-07 Oct, 2024 | 02:35
Updated-25 Apr, 2025 | 18:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00843282; Issue ID: MSV-1535.

Action-Not Available
Vendor-MediaTek Inc.
Product-mt6890mt6891mt8771mt6875mt8675mt6873mt6885mt8791tmt6883nr15mt6853mt6889mt6877mt6875tmt6893mt8791mt8797mt2735mt6833mt6855mt6880MT2735, MT6833, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT8675, MT8771, MT8791, MT8791T, MT8797mt6855mt6873mt6893mt8675mt2735mt6890mt6833mt6885mt8791tmt6877mt6891mt6883mt6853mt6875tmt6880mt6875mt8797mt6889mt8791mt8771
CWE ID-CWE-617
Reachable Assertion
CVE-2016-9399
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.76% / 88.57%
||
7 Day CHG~0.00%
Published-23 Mar, 2017 | 18:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The calcstepsizes function in jpc_dec.c in JasPer 1.900.22 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors.

Action-Not Available
Vendor-n/aJasPeropenSUSEFedora Project
Product-leapjasperfedoran/a
CWE ID-CWE-617
Reachable Assertion
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • Next
Details not found