Search
Total
151 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-13746 | 2 Fedoraproject, Jasper Project | 2 Fedora, Jasper | 2021-02-05 | 5.0 MEDIUM | 7.5 HIGH |
| There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1297 in JasPer 2.0.12 that will lead to a remote denial of service attack. | |||||
| CVE-2017-13752 | 2 Fedoraproject, Jasper Project | 2 Fedora, Jasper | 2021-02-05 | 5.0 MEDIUM | 7.5 HIGH |
| There is a reachable assertion abort in the function jpc_dequantize() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack. | |||||
| CVE-2017-13747 | 2 Fedoraproject, Jasper Project | 2 Fedora, Jasper | 2021-02-05 | 5.0 MEDIUM | 7.5 HIGH |
| There is a reachable assertion abort in the function jpc_floorlog2() in jpc/jpc_math.c in JasPer 2.0.12 that will lead to a remote denial of service attack. | |||||
| CVE-2017-13749 | 2 Fedoraproject, Jasper Project | 2 Fedora, Jasper | 2021-02-05 | 5.0 MEDIUM | 7.5 HIGH |
| There is a reachable assertion abort in the function jpc_pi_nextrpcl() in jpc/jpc_t2cod.c in JasPer 2.0.12 that will lead to a remote denial of service attack. | |||||
| CVE-2017-13750 | 2 Fedoraproject, Jasper Project | 2 Fedora, Jasper | 2021-02-05 | 5.0 MEDIUM | 7.5 HIGH |
| There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1296 in JasPer 2.0.12 that will lead to a remote denial of service attack. | |||||
| CVE-2017-13745 | 1 Jasper Project | 1 Jasper | 2021-02-03 | 5.0 MEDIUM | 7.5 HIGH |
| There is a reachable assertion abort in the function jpc_dec_process_sot() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack by triggering an unexpected jpc_ppmstabtostreams return value, a different vulnerability than CVE-2018-9154. | |||||
| CVE-2018-15822 | 1 Ffmpeg | 1 Ffmpeg | 2021-01-05 | 5.0 MEDIUM | 7.5 HIGH |
| The flv_write_packet function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an empty audio packet, leading to an assertion failure. | |||||
| CVE-2019-18844 | 1 Linux | 1 Acrn | 2020-11-09 | 5.0 MEDIUM | 7.5 HIGH |
| The Device Model in ACRN before 2019w25.5-140000p relies on assert calls in devicemodel/hw/pci/core.c and devicemodel/include/pci_core.h (instead of other mechanisms for propagating error information or diagnostic information), which might allow attackers to cause a denial of service (assertion failure) within pci core. This is fixed in 1.2. 6199e653418e is a mitigation for pre-1.1 versions, whereas 2b3dedfb9ba1 is a mitigation for 1.1. | |||||
| CVE-2019-10894 | 2 Fedoraproject, Wireshark | 2 Fedora, Wireshark | 2020-11-02 | 5.0 MEDIUM | 7.5 HIGH |
| In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This was addressed in epan/dissectors/packet-gssapi.c by ensuring that a valid dissector is called. | |||||
| CVE-2020-8617 | 2 Debian, Isc | 2 Debian Linux, Bind | 2020-10-20 | 5.0 MEDIUM | 7.5 HIGH |
| Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration does not otherwise make use of it, almost all current BIND servers are vulnerable. In releases of BIND dating from March 2018 and after, an assertion check in tsig.c detects this inconsistent state and deliberately exits. Prior to the introduction of the check the server would continue operating in an inconsistent state, with potentially harmful results. | |||||
| CVE-2020-11135 | 1 Qualcomm | 54 Apq8098, Apq8098 Firmware, Kamorta and 51 more | 2020-09-14 | 7.8 HIGH | 7.5 HIGH |
| u'Reachable assertion when wrong data size is returned by parser for ape clips' in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8098, Kamorta, MSM8917, MSM8953, Nicobar, QCM2150, QCS605, QM215, Rennell, SA6155P, SA8155P, Saipan, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 | |||||
| CVE-2019-6469 | 1 Isc | 1 Bind | 2020-08-24 | 4.3 MEDIUM | 7.5 HIGH |
| An error in the EDNS Client Subnet (ECS) feature for recursive resolvers can cause BIND to exit with an assertion failure when processing a response that has malformed RRSIGs. Versions affected: BIND 9.10.5-S1 -> 9.11.6-S1 of BIND 9 Supported Preview Edition. | |||||
| CVE-2019-12312 | 1 Libreswan | 1 Libreswan | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| In Libreswan 3.27 an assertion failure can lead to a pluto IKE daemon restart. An attacker can trigger a NULL pointer dereference by initiating an IKEv2 IKE_SA_INIT exchange, followed by a bogus INFORMATIONAL exchange instead of the normallly expected IKE_AUTH exchange. This affects send_v2N_spi_response_from_state() in programs/pluto/ikev2_send.c that will then trigger a NULL pointer dereference leading to a restart of libreswan. | |||||
| CVE-2019-1010173 | 1 Jsish | 1 Jsish | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| Jsish 2.4.84 2.0484 is affected by: Reachable Assertion. The impact is: denial of service. The component is: function Jsi_ValueArrayIndex (jsiValue.c:366). The attack vector is: executing crafted javascript code. The fixed version is: after commit 738ead193aff380a7e3d7ffb8e11e446f76867f3. | |||||
| CVE-2016-8864 | 4 Debian, Isc, Netapp and 1 more | 11 Debian Linux, Bind, Data Ontap Edge and 8 more | 2020-08-17 | 5.0 MEDIUM | 7.5 HIGH |
| named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNAME record in the answer section of a response to a recursive query, related to db.c and resolver.c. | |||||
| CVE-2017-11692 | 1 Yaml-cpp Project | 1 Yaml-cpp | 2020-07-27 | 5.0 MEDIUM | 7.5 HIGH |
| The function "Token& Scanner::peek" in scanner.cpp in yaml-cpp 0.5.3 and earlier allows remote attackers to cause a denial of service (assertion failure and application exit) via a '!2' string. | |||||
| CVE-2020-3645 | 1 Qualcomm | 46 Ipq6018, Ipq6018 Firmware, Ipq8074 and 43 more | 2020-06-03 | 7.8 HIGH | 7.5 HIGH |
| Firmware will hit assert in WLAN firmware If encrypted data length in FILS IE of reassoc response is more than 528 bytes in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ6018, IPQ8074, Kamorta, Nicobar, QCA6390, QCA8081, QCN7605, QCS404, QCS405, QCS605, Rennell, SC7180, SC8180X, SDA845, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SXR1130, SXR2130 | |||||
| CVE-2020-13622 | 1 Jerryscript | 1 Jerryscript | 2020-05-27 | 5.0 MEDIUM | 7.5 HIGH |
| JerryScript 2.2.0 allows attackers to cause a denial of service (assertion failure) because a property key query for a Proxy object returns unintended data. | |||||
| CVE-2019-14022 | 1 Qualcomm | 80 Apq8096au, Apq8096au Firmware, Mdm9205 and 77 more | 2020-04-22 | 7.8 HIGH | 7.5 HIGH |
| Error occurs While extracting the ipv6_header having an invalid length due to lack of length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8096AU, MDM9205, MDM9206, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, Nicobar, QCM2150, QCS605, QM215, Rennell, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130 | |||||
| CVE-2020-3651 | 1 Qualcomm | 80 Apq8009, Apq8009 Firmware, Apq8017 and 77 more | 2020-04-22 | 7.8 HIGH | 7.5 HIGH |
| Active command timeout since WM status change cmd is not removed from active queue if peer sends multiple deauth frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCM2150, QCN7605, QCS605, QM215, SC8180X, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM8150, SXR1130 | |||||
| CVE-2018-7713 | 1 Opencv | 1 Opencv | 2020-02-10 | 5.0 MEDIUM | 7.5 HIGH |
| ** DISPUTED ** The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service (assertion failure) because (size.width <= (1<<20)) may be false. Note: “OpenCV CV_Assert is not an assertion (C-like assert()), it is regular C++ exception which can raised in case of invalid or non-supported parameters.” | |||||
| CVE-2018-7712 | 1 Opencv | 1 Opencv | 2020-02-10 | 5.0 MEDIUM | 7.5 HIGH |
| ** DISPUTED ** The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service (assertion failure) because (size.height <= (1<<20)) may be false. Note: “OpenCV CV_Assert is not an assertion (C-like assert()), it is regular C++ exception which can raised in case of invalid or non-supported parameters.” | |||||
| CVE-2018-7714 | 1 Opencv | 1 Opencv | 2020-02-10 | 5.0 MEDIUM | 7.5 HIGH |
| ** DISPUTED ** The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service (assertion failure) because (pixels <= (1<<30)) may be false. Note: “OpenCV CV_Assert is not an assertion (C-like assert()), it is regular C++ exception which can raised in case of invalid or non-supported parameters.” | |||||
| CVE-2019-14049 | 1 Qualcomm | 42 Apq8017, Apq8017 Firmware, Apq8053 and 39 more | 2020-02-10 | 7.2 HIGH | 7.8 HIGH |
| Stage-2 fault will occur while writing to an ION system allocation which has been assigned to non-HLOS memory which is non-standard in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9640, MSM8953, QCN7605, QCS605, SC8180X, SDA845, SDM429, SDM439, SDM450, SDM632, SDX20, SDX24, SDX55, SM8150, SXR1130 | |||||
| CVE-2015-8012 | 1 Lldpd Project | 1 Lldpd | 2020-01-31 | 5.0 MEDIUM | 7.5 HIGH |
| lldpd before 0.8.0 allows remote attackers to cause a denial of service (assertion failure and daemon crash) via a malformed packet. | |||||
| CVE-2020-6619 | 1 Nothings | 1 Stb Truetype.h | 2020-01-10 | 6.8 MEDIUM | 8.8 HIGH |
| stb stb_truetype.h through 1.22 has an assertion failure in stbtt__buf_seek. | |||||
| CVE-2020-6623 | 1 Nothings | 1 Stb Truetype.h | 2020-01-10 | 6.8 MEDIUM | 8.8 HIGH |
| stb stb_truetype.h through 1.22 has an assertion failure in stbtt__cff_get_index. | |||||
| CVE-2020-6617 | 1 Nothings | 1 Stb Truetype.h | 2020-01-10 | 6.8 MEDIUM | 8.8 HIGH |
| stb stb_truetype.h through 1.22 has an assertion failure in stbtt__cff_int. | |||||
| CVE-2019-6467 | 1 Isc | 1 Bind | 2019-12-18 | 5.0 MEDIUM | 7.5 HIGH |
| A programming error in the nxdomain-redirect feature can cause an assertion failure in query.c if the alternate namespace used by nxdomain-redirect is a descendant of a zone that is served locally. The most likely scenario where this might occur is if the server, in addition to performing NXDOMAIN redirection for recursive clients, is also serving a local copy of the root zone or using mirroring to provide the root zone, although other configurations are also possible. Versions affected: BIND 9.12.0-> 9.12.4, 9.14.0. Also affects all releases in the 9.13 development branch. | |||||
| CVE-2019-6468 | 1 Isc | 1 Bind | 2019-12-18 | 5.0 MEDIUM | 7.5 HIGH |
| In BIND Supported Preview Edition, an error in the nxdomain-redirect feature can occur in versions which support EDNS Client Subnet (ECS) features. In those versions which have ECS support, enabling nxdomain-redirect is likely to lead to BIND exiting due to assertion failure. Versions affected: BIND Supported Preview Edition version 9.10.5-S1 -> 9.11.5-S5. ONLY BIND Supported Preview Edition releases are affected. | |||||
| CVE-2011-3596 | 2 Debian, Polipo Project | 2 Debian Linux, Polipo | 2019-12-04 | 5.0 MEDIUM | 7.5 HIGH |
| Polipo before 1.0.4.1 suffers from a DoD vulnerability via specially-crafted HTTP POST / PUT request. | |||||
| CVE-2018-5742 | 2 Isc, Redhat | 2 Bind, Enterprise Linux | 2019-11-07 | 4.3 MEDIUM | 7.5 HIGH |
| While backporting a feature for a newer branch of BIND9, RedHat introduced a path leading to an assertion failure in buffer.c:420. Affects RedHat versions bind-9.9.4-65.el7 -> bind-9.9.4-72.el7. No ISC releases are affected. Other packages from other distributions who made the same error may also be affected. | |||||
| CVE-2018-5735 | 1 Debian | 1 Debian Linux | 2019-11-06 | 5.0 MEDIUM | 7.5 HIGH |
| The Debian backport of the fix for CVE-2017-3137 leads to assertion failure in validator.c:1858; Affects Debian versions 9.9.5.dfsg-9+deb8u15; 9.9.5.dfsg-9+deb8u18; 9.10.3.dfsg.P4-12.3+deb9u5; 9.11.5.P4+dfsg-5.1 No ISC releases are affected. Other packages from other distributions who did similar backports for the fix for 2017-3137 may also be affected. | |||||
| CVE-2019-6476 | 1 Isc | 1 Bind | 2019-10-24 | 5.0 MEDIUM | 7.5 HIGH |
| A defect in code added to support QNAME minimization can cause named to exit with an assertion failure if a forwarder returns a referral rather than resolving the query. This affects BIND versions 9.14.0 up to 9.14.6, and 9.15.0 up to 9.15.4. | |||||
| CVE-2018-5737 | 2 Isc, Netapp | 3 Bind, Cloud Backup, Data Ontap Edge | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| A problem with the implementation of the new serve-stale feature in BIND 9.12 can lead to an assertion failure in rbtdb.c, even when stale-answer-enable is off. Additionally, problematic interaction between the serve-stale feature and NSEC aggressive negative caching can in some cases cause undesirable behavior from named, such as a recursion loop or excessive logging. Deliberate exploitation of this condition could cause operational problems depending on the particular manifestation -- either degradation or denial of service. Affects BIND 9.12.0 and 9.12.1. | |||||
| CVE-2018-5734 | 2 Isc, Netapp | 3 Bind, Data Ontap Edge, Solidfire Element Os Management Node | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode instead of a FORMERR rcode. If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcache.c when the request doesn't contain all of the expected information. Affects BIND 9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, 9.10.6-S2. | |||||
| CVE-2017-3137 | 4 Debian, Isc, Netapp and 1 more | 11 Debian Linux, Bind, Data Ontap Edge and 8 more | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could lead to a situation in which named would exit with an assertion failure when processing a response in which records occurred in an unusual order. Affects BIND 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0-P3, 9.11.1b1->9.11.1rc1, and 9.9.9-S8. | |||||
| CVE-2017-7605 | 1 Libaacplus Project | 1 Libaacplus | 2019-10-03 | 6.8 MEDIUM | 7.8 HIGH |
| aacplusenc.c in HE-AAC+ Codec (aka libaacplus) 2.0.2 has an assertion failure, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file. | |||||
| CVE-2017-8915 | 1 Sap | 1 Hana Xs | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| sinopia, as used in SAP HANA XS 1.00 and 2.00, allows remote attackers to cause a denial of service (assertion failure and service crash) by pushing a package with a filename containing a $ (dollar sign) or % (percent) character, aka SAP Security Note 2407694. | |||||
| CVE-2017-12960 | 1 Gnu | 1 Pspp | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| There is a reachable assertion abort in the function dict_rename_var() in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service. | |||||
| CVE-2017-12959 | 1 Gnu | 1 Pspp | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| There is a reachable assertion abort in the function dict_add_mrset() in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to a remote denial of service attack. | |||||
| CVE-2017-0376 | 2 Debian, Torproject | 2 Debian Linux, Tor | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| The hidden-service feature in Tor before 0.3.0.8 allows a denial of service (assertion failure and daemon exit) in the connection_edge_process_relay_cell function via a BEGIN_DIR cell on a rendezvous circuit. | |||||
| CVE-2017-0375 | 1 Torproject | 1 Tor | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| The hidden-service feature in Tor before 0.3.0.8 allows a denial of service (assertion failure and daemon exit) in the relay_send_end_cell_from_edge_ function via a malformed BEGIN cell. | |||||
| CVE-2018-12504 | 1 Tinyexr Project | 1 Tinyexr | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| tinyexr 0.9.5 has an assertion failure in ComputeChannelLayout in tinyexr.h. | |||||
| CVE-2018-12687 | 1 Tinyexr Project | 1 Tinyexr | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| tinyexr 0.9.5 has an assertion failure in DecodePixelData in tinyexr.h. | |||||
| CVE-2018-14044 | 1 Surina | 1 Soundtouch | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| The RateTransposer::setChannels function in RateTransposer.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch. | |||||
| CVE-2018-14045 | 1 Surina | 1 Soundtouch | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| The FIRFilter::evaluateFilterMulti function in FIRFilter.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch. | |||||
| CVE-2017-17432 | 2 Debian, Openafs | 2 Debian Linux, Openafs | 2019-10-03 | 7.8 HIGH | 7.5 HIGH |
| OpenAFS 1.x before 1.6.22 does not properly validate Rx ack packets, which allows remote attackers to cause a denial of service (system crash or application crash) via crafted fields, as demonstrated by an integer underflow and assertion failure for a small MTU value. | |||||
| CVE-2018-17231 | 1 Telegram | 1 Telegram Desktop | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| ** DISPUTED ** Telegram Desktop (aka tdesktop) 1.3.14 might allow attackers to cause a denial of service (assertion failure and application exit) via an "Edit color palette" search that triggers an "index out of range" condition. NOTE: this issue is disputed by multiple third parties because the described attack scenario does not cross a privilege boundary. | |||||
| CVE-2018-19963 | 1 Xen | 1 Xen | 2019-10-03 | 6.9 MEDIUM | 7.8 HIGH |
| An issue was discovered in Xen 4.11 allowing HVM guest OS users to cause a denial of service (host OS crash) or possibly gain host OS privileges because x86 IOREQ server resource accounting (for external emulators) was mishandled. | |||||