CVE-2022-38150

CVE-2022-38150 affects Varnish Cache 7.0.0–7.0.2 and 7.1.0. A crafted reason phrase in the backend response can cause the Varnish server to assert and automatically restart. The issue is mitigated by upgrading to Varnish 7.0.3 or 7.1.1, which include the fix. Several open-source advisories (openS...

The vulnerability of the Garbage Collector component in Firefox browsers allows a hacker to trigger a service failure.

The vulnerability of the Garbage Collector component in Firefox browsers is related to the use of the assert function or similar operators. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

The vulnerability of the Gopher network protocol implementation in Squid proxy servers allows attackers to induce service failures.

The vulnerability of the Gopher network protocol implementation in Squid proxies relates to the use of the assert function or similar operators. Exploiting this vulnerability allows a malicious actor to trigger a service failure by sending a specially crafted response to the proxy server...

CVE-2022-29228

A flaw was found in Envoy. The OAuth filter would try to invoke the remaining filters in the chain after emitting a local response, which triggers an ASSERT in newer versions and corrupts memory on earlier versions...

Design/Logic Flaw

Envoy is a cloud-native high-performance proxy. In versions prior to 1.22.1 the OAuth filter would try to invoke the remaining filters in the chain after emitting a local response, which triggers an ASSERT in newer versions and corrupts memory on earlier versions. continueDecoding shouldn’t eve...

The vulnerability of embedded software developed by Qualcomm, related to the use of the assert() function or similar operators, allows attackers to trigger a service failure.

The vulnerability of embedded software developed for Qualcomm chips lies in the use of the assert function or similar operators. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the Polipo proxy server, related to the lack of use of the assert() function, allows a hacker to trigger a service failure.

The vulnerability of the Polipo proxy server is related to the lack of use of the assert function. Exploiting this vulnerability allows a remote attacker to cause a service failure...

The vulnerability of the BIND DNS server component, which allows a perpetrator to cause a service failure

The vulnerability of the BIND DNS server component is related to the lack of use of the assert function. Exploiting this vulnerability allows a remote attacker to cause service failures...

The vulnerability of the Exiv2 metadata management library, related to the lack of use of the assert() function, allows a attacker to cause a service failure.

The vulnerability of the Exiv2 metadata management library is related to the insufficient use of the assert function. Exploiting this vulnerability allows a malicious actor to trigger a service failure through a specially created image file...

The vulnerability of the csnNormalize23() function in the LDAP OpenLDAP implementation, related to the insufficient use of the assert() function, allows a perpetrator to cause a service failure.

The vulnerability of the csnNormalize23 function in the LDAP OpenLDAP implementation is related to the insufficient use of the assert function. Exploiting this vulnerability could allow a malicious actor to cause service failures using a malicious package...

The vulnerability of the slapd server in the LDAP protocol OpenLDAP implementation, related to the lack of use of the assert() function, allows a attacker to cause a service failure.

The vulnerability of the slapd server in the LDAP OpenLDAP implementation is related to the insufficient use of the assert function. Exploiting this vulnerability allows a malicious actor to cause service failures using a malicious package...

CVE-2021-46054

A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::visitRethrowwasm::Rethrow...

The vulnerability of the open implementation of the OpenLDAP protocol, related to the lack of use of the assert() function, allows a violator to perform a denial-of-service attack.

The vulnerability of the open implementation of the OpenLDAP protocol is related to the lack of use of the assert function. Exploiting this vulnerability allows a malicious actor to cause a service failure by sending a specially crafted package with a short timestamp...

PT-2021-8075 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The vulnerability is related to the use of the get user pages unlocked call to handle mmap assert in the nitro enclaves component of the Linux kernel. After a specific commit, the call...

The vulnerability of the synth_cname() function on the Unbound DNS server, related to the underutilization of the assert() function, allows a attacker to cause a service failure.

The vulnerability of the synthcname function on the Unbound DNS server is related to the insufficient use of the assert function. Exploiting this vulnerability could allow a malicious actor to cause service failures...

The vulnerability of the dname_pkt_copy function in the DNS server Unbound, allowing a hacker to cause a service failure

The vulnerability of the dnamepktcopy function in the Unbound DNS server is related to the insufficient use of the assert function. Exploiting this vulnerability could allow a malicious actor to cause service failures...

The vulnerability of the dname_pkt_copy function in the DNS server Unbound, allowing a hacker to cause a service failure

The vulnerability of the dnamepktcopy function in the Unbound DNS server is related to the insufficient use of the assert function. Exploiting this vulnerability could allow a malicious actor to cause service failures...

The vulnerability in the software web interface of F-Secure Internet Gatekeeper allows a hacker to trigger a service failure.

The vulnerability of the F-Secure Internet Gatekeeper software’s web interface relates to the use of the assert function or similar operators when processing user name parameters. Exploiting this vulnerability allows a malicious actor to trigger a service failure by sending a specially crafted HT...

Can't claim last part of airdrop

Handle gpersoon Vulnerability details Impact Suppose you are eligible for the last part of your airdrop or your entire airdrop if you haven't claimed anything yet. Then you call the function claim of AirdropDistribution.sol, which has the following statement: "assertairdropmsg.sender.amount -...

depositAndFix can be made to fail

Handle cmichel Vulnerability details There's a griefing attack where an attacker can make any user transaction for TempusController.depositAndFix fail. In depositAndFix, swapAmount many yield shares are swapped to principal where swapAmount is derived from the function arguments. A final...