AZL-35148 CVE-2024-27319 affecting package pytorch for versions less than 2.2.2-1

Versions of the package onnx before and including 1.15.0 are vulnerable to Out-of-bounds Read as the ONNXASSERT and ONNXASSERTM functions have an off by one string copy...

PT-2024-21818 · Onnx · Onnx

Name of the Vulnerable Software and Affected Versions: onnx versions prior to 1.15.0 Description: The issue is related to an Out-of-bounds Read in the onnx package. This occurs because the ONNX ASSERT and ONNX ASSERTM functions have an off-by-one string copy. Recommendations: For versions prior t...

The vulnerabilities of Mozilla Firefox, Firefox ESR, and the email client Thunderbird on Linux operating systems allow a perpetrator to trigger a service failure.

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird on Linux operating systems is related to the use of the assert function. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

Vulnerability of the btrfs_get_root_ref function (fs/btrfs/disk-io.c) in the Linux kernel, which allows a hacker to cause a service failure

The vulnerability of the btrfsgetrootref function fs/btrfs/disk-io.c in the Linux kernel is related to the insufficient use of the assert function. Exploiting this vulnerability can allow an attacker to cause a service failure...

ALPINE-CVE-2023-34323

When a transaction is committed, C Xenstored will first check the quota is correct before attempting to commit any nodes. It would be possible that accounting is temporarily negative if a node has been removed outside of the transaction. Unfortunately, some versions of C Xenstored are assuming th...

Default credentials

When a transaction is committed, C Xenstored will first check the quota is correct before attempting to commit any nodes. It would be possible that accounting is temporarily negative if a node has been removed outside of the transaction. Unfortunately, some versions of C Xenstored are assuming th...

CVE-2023-34323 xenstored: A transaction conflict can crash C Xenstored

When a transaction is committed, C Xenstored will first check the quota is correct before attempting to commit any nodes. It would be possible that accounting is temporarily negative if a node has been removed outside of the transaction. Unfortunately, some versions of C Xenstored are assuming th...

CVE-2023-34323

CVE-2023-34323 affects the Xen stored component (C Xenstored). The issue arises when a transaction is committed: quota is checked, but some builds assume quota cannot be negative and use assert(), causing a crash if -DNDEBUG is not defined. Public details label the impact as local, with low privi...

CVE-2023-34323

When a transaction is committed, C Xenstored will first check the quota is correct before attempting to commit any nodes. It would be possible that accounting is temporarily negative if a node has been removed outside of the transaction. Unfortunately, some versions of C Xenstored are assuming th...

The vulnerability of the TiXmlDeclaration::Parse() function in the TinyXML parser component, tinyxmlparser.cpp, allows a attacker to cause a service failure.

The vulnerability of the TiXmlDeclaration::Parse function in the TinyXML parser tinyxmlparser.cpp is related to the use of the assert operator when processing the character 0, which is located after a space. Exploiting this vulnerability may allow an attacker to cause a service failure remotely...

The vulnerability of embedded software developed by Qualcomm, related to deficiencies in the use of the assert() function, allows attackers to trigger a service failure.

The vulnerability of embedded software developed for Qualcomm chips lies in the improper implementation of the channel bandwidth division mechanism and the switching between subbands when performing Beam Switching. This occurs due to the use of the assert function. Exploiting this vulnerability c...

NULL Pointer Dereference

xen is vulnerable to NULL Pointer Dereference. The vulnerability is due to the incorrect assumption in C Xenstored that the quota cannot be negative. This leads to a crash when accounting temporarily goes negative, as assert checks fail when tools are built with default settings, which do not...

The vulnerability of the DNS BIND server, related to the lack of use of the assert() function, allows a hacker to trigger a service failure.

The vulnerability of the DNS BIND server is related to the lack of use of the assert function. Exploiting this vulnerability allows a remote attacker to cause service failures...

Buffer Overflow

libzephyr.so is vulnerable to Buffer Overflow. The vulnerability occurs due to a ineffective assert check within the STM32 Crypto Driver component which then leads to an application crash...

The vulnerability of embedded software developed by Qualcomm, related to the lack of use of the assert() function, allows a malicious actor to cause service failures.

The vulnerability of embedded software developed for Qualcomm chips lies in the lack of utilization of the assert function. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

Xen: A transaction conflict can crash C Xenstored (XSA-440)

When a transaction is committed, C Xenstored will first check the quota is correct before attempting to commit any nodes. It would be possible that accounting is temporarily negative if a node has been removed outside of the transaction. Unfortunately, some versions of C Xenstored are assuming th...

PT-2023-5953 · Qualcomm · Qualcomm Embedded Platform

Name of the Vulnerable Software and Affected Versions: Qualcomm embedded platform affected versions not specified Description: The issue is related to a transient Denial of Service DOS in the modem when triggering a camping on a 5G cell. It is also associated with a software vulnerability in...

The vulnerability of the DoT protocol’s implementation in BIND DNS servers allows a attacker to induce a service failure.

The vulnerability of the DoT protocol DNS over TLS implementation in BIND DNS servers lies in the insufficient use of the assert function or similar operators when processing requests. Exploiting this vulnerability allows a malicious actor to cause service failures...

The vulnerability in the Object::getString component of the Poppler PDF rendering library allows a attacker to cause a service failure.

The vulnerability of the Object::getString component in the Poppler PDF rendering library is related to the insufficient use of the assert function. Exploiting this vulnerability may allow an attacker to cause a service failure...

The vulnerability of the PDFDoc::replacePageDict function (PDFDoc.cc) in the Poppler PDF rendering library allows a attacker to trigger a service failure.

The vulnerability of the PDFDoc::replacePageDict function in the Poppler PDF rendering library is related to the insufficient use of the assert function. Exploiting this vulnerability could allow an attacker to cause service failures...