FlexRIC security vulnerabilities

FlexRIC is an open-source RAN intelligent controller developed by Mosaic5G. Version FlexRIC v2.0.0 contains a security vulnerability. This vulnerability arises from handling RICINDICATION messages that do not contain the ranfuncid field, causing an assert to be triggered or null pointer...

CVE-2026-40227

In systemd 260 before 261, a local unprivileged user can trigger an assert via an IPC API call with an array or map that has a null element...

CVE-2026-40223

In systemd 258 before 260, a local unprivileged user can trigger an assert when a Delegate=yes and User= unit exists and is running...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-56705)

media: atomisp: In iacss3astatisticsallocate, there is no check on the allocation result of the rgbydata memory. If rgbydata is not successfully allocated, it may trigger the asserthoststats-rgbydata assertion in iacsss3ahmemdecode. This plugin only works with Tenable.ot. Please visit...

PT-2025-3682 · Ember · Ember Znet Stack

Name of the Vulnerable Software and Affected Versions: Ember ZNet stack affected versions not specified Description: A malformed packet can cause a buffer overflow in the APS layer of the Ember ZNet stack and lead to an assert. Recommendations: At the moment, there is no information about a newer...

SUSE CVE-2024-5695

If an out-of-memory condition occurs at a specific point using allocations in the probabilistic heap checker, an assertion could have been triggered, and in rarer situations, memory corruption could have occurred. This vulnerability affects Firefox 127...

QEMU: net: triggerable assertion due to race condition in hot-unplug

A flaw was found in QEMU. The async nature of hot-unplug enables a race scenario where the net device backend is cleared before the virtio-net pci frontend has been unplugged. A malicious guest could use this time window to trigger an assertion and cause a denial of service...

UBUNTU-CVE-2023-3301

A flaw was found in QEMU. The async nature of hot-unplug enables a race scenario where the net device backend is cleared before the virtio-net pci frontend has been unplugged. A malicious guest could use this time window to trigger an assertion and cause a denial of service...

openSUSE Security Update : privoxy (openSUSE-2021-265)

This update for privoxy fixes the following issues : - Update to version 3.0.31 : - Security/Reliability boo1181650 - Prevent an assertion from getting triggered by a crafted CGI request. Commit 5bba5b89193fa. OVE-20210130-0001. CVE-2021-20217 Reported by: Joshua Rogers Opera - Fixed a memory lea...

ALSA-2020:0598 Important: nodejs:12 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 12.16.1. Security Fixes: nodejs: HTTP request smuggling using malformed...

SUSE SLES11 Security Update : glibc (SUSE-SU-2018:0874-1)

This update for glibc fixes the following issues: Security issues fixed : - CVE-2017-12133: Avoid use-after-free read access in clntudpcall bsc1081556 Non security issue fixed : - Fix incorrect getaddrinfo assertion trigger bsc1076871 Note that Tenable Network Security has extracted the preceding...

SUSE-SU-2018:0874-1 Security update for glibc

This update for glibc fixes the following issues: Security issues fixed: - CVE-2017-12133: Avoid use-after-free read access in clntudpcall bsc1081556 Non security issue fixed: - Fix incorrect getaddrinfo assertion trigger bsc1076871...