PT-2026-50140

Name of the Vulnerable Software and Affected Versions vLLM versions prior to 0.22.0 Description An assert-based security check in the activation function loading process allows an unauthenticated attacker to achieve arbitrary code execution on the server. This occurs when vLLM is run in Python...

FlexRIC 安全漏洞

FlexRIC is an open-source RAN intelligent controller developed by Mosaic5G. The FlexRIC v2.0.0 version contains a security vulnerability. This vulnerability stems from the iApp registry using assert instead of gracefully rejecting forced node ID uniqueness. This could allow remote unauthenticated...

CVE-2026-23557 Xenstored DoS via XS_RESET_WATCHES command

Any guest can cause xenstored to crash by issuing a XSRESETWATCHES command within a transaction due to an assert triggering. In case xenstored was built with NDEBUG defined nothing bad will happen, as assert is doing nothing in this case. Note that the default is not to define NDEBUG for xenstore...

The vulnerability of the `assert` function in the GNU C Library is related to incorrect calculations of the size of the buffer allocated. This vulnerability allows an attacker to compromise the accessibility of the protected information.

The vulnerability of the assert function in the GNU C Library is related to incorrect calculations of the size of the buffer allocated. Exploiting this vulnerability could allow a malicious actor to compromise the accessibility of protected information...

CVE-2024-42117

CVE-2024-42117 affects the Linux kernel DRM/AMD display path. The root cause was that find_disp_cfg_idx_by_plane_id and find_disp_cfg_idx_by_stream_id could return -1 and that value was used as an index, causing overrun/negative-return conditions. The fix is to return a valid positive index or ta...

The vulnerability of the DNS-server BIND daemon, which allows a hacker to cause a service failure.

The vulnerability of the DNS-server BIND daemon is related to the use of the assert function or similar operators. Exploiting this vulnerability allows a remote attacker to cause a service failure...

The vulnerability of the Gopher network protocol implementation in Squid proxy servers allows attackers to induce service failures.

The vulnerability of the Gopher network protocol implementation in Squid proxies relates to the use of the assert function or similar operators. Exploiting this vulnerability allows a malicious actor to trigger a service failure by sending a specially crafted response to the proxy server...

UBUNTU-CVE-2021-1093

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the driver contains an assert or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary, and may lead to denial of...

The vulnerability of microprogrammed software in HP PageWide and HP OfficeJet Pro printers stems from the use of an assert() or similar operator function, which allows a malicious actor to trigger a service failure.

The vulnerability of Microprogrammed Software in HP PageWide and HP OfficeJet Pro printers is related to the use of the assert function or similar operators. Exploiting this vulnerability can allow attackers to trigger a service failure using a specially created file...