CVE-2020-36382

OpenVPN Access Server 2.7.3 to 2.8.7 allows remote attackers to trigger an assert during the user authentication phase via incorrect authentication token data in an early phase of the user authentication resulting in a denial of service...

CVE-2020-36382

OpenVPN Access Server versions 2.7.3 through 2.8.7 are affected by CVE-2020-36382. The issue is a failure during the user authentication phase where incorrect authentication token data can trigger an assert, leading to a denial of service. This vulnerability is documented by SUSE security advisor...

The vulnerability of the BIND DNS server component, related to the lack of use of the assert() function, allows a attacker to cause a service failure.

The vulnerability of the BIND DNS server component is related to the lack of use of the assert function. Exploiting this vulnerability allows a remote attacker to cause a service failure...

The vulnerability of the DNS BIND server, related to the lack of use of the assert() function, allows a hacker to trigger a service failure.

The vulnerability of the DNS BIND server is related to the lack of use of the assert function. Exploiting this vulnerability allows a malicious actor to cause a service failure through a specially crafted request...

The vulnerability of the libuv library for DNS-servers like Bind9, which allows a hacker to cause a service failure.

The vulnerability of the libuv library for DNS-servers like Bind9 is related to the insufficient use of the assert function. Exploiting this vulnerability could allow a malicious actor to cause service failures...

openSUSE Security Update : qemu (openSUSE-2021-600)

This update for qemu fixes the following issues : - CVE-2020-12829: Fix OOB access in sm501 device emulation bsc1172385 - CVE-2020-25723: Fix use-after-free in usb xhci packet handling bsc1178934 - CVE-2020-25084: Fix use-after-free in usb ehci packet handling bsc1176673 - CVE-2020-25625: Fix...

Huawei EulerOS: Security Advisory for compat-openldap (EulerOS-SA-2021-1771)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:0582-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2021:1244-1 Security update for qemu

This update for qemu fixes the following issues: - Fix OOB access in sm501 device emulation CVE-2020-12829, bsc1172385 - Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation CVE-2020-13362 bsc1172383 - Fix use-after-free in usb xhci packet handling CVE-2020-25723, bsc1178934 - Fix...

The vulnerability of the `dirvote_add_signatures_to_pending_consensus()` function in the Tor browser, related to the lack of use of the `assert()` function, allows a violator to trigger a service failure.

The vulnerability of the dirvoteaddsignaturestopendingconsensus function in the Tor browser is related to the lack of use of the assert function. Exploiting this vulnerability allows a malicious actor to trigger a service failure remotely...

The vulnerability of the Bind9 DNS server package lies in the lack of use of the assert() function, which allows a attacker to cause a service failure.

The vulnerability of the Bind9 DNS server package is related to the lack of use of the assert function. Exploiting this vulnerability could allow a malicious actor to cause service failures...

OSV-2019-1 ASSERT: bufferRemainingSize() >= length.

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18431 Crash type: ASSERT Crash state: bufferRemainingSize = length. Envoy::Http::Http1::ConnectionImpl::copyToBuffer Envoy::Http::Http1::RequestStreamEncoderImpl::encodeHeaders...

The vulnerability of the `Internal::TiffReader::visitDirectory` function in the `tiffvisitor.cpp` file of the Exiv2 media metadata management library, related to the insufficient use of the `assert()` function, allows a malicious actor to cause service failures.

The vulnerability of the Internal::TiffReader::visitDirectory function in the tiffvisitor.cpp file of the Exiv2 media metadata management library is related to the insufficient use of the assert function. Exploiting this vulnerability could allow an attacker to cause service failures...

The vulnerability of the tsig.c component of the BIND DNS server allows a attacker to cause a service failure.

The vulnerability of the tsig.c component in the BIND DNS server is related to the insufficient use of the assert function. Exploiting this vulnerability allows a remote attacker to cause service failures...

The vulnerability of the `net_tx_pkt_add_raw_fragment` function in the `hw/net/net_tx_pkt.c` file of the QEMU hardware emulation software, related to the insufficient use of the `assert()` function, allows a hacker to trigger a system failure.

The vulnerability of the nettxpktaddrawfragment function in the hw/net/nettxpkt.c file of the QEMU hardware emulation software is related to the insufficient use of the assert function. Exploiting this vulnerability could allow an attacker to cause a system failure...

[SECURITY] Fedora 33 Update: php-wikimedia-assert-0.5.0-1.fc33

This package provides an alternative to PHP's assert that allows for a simple and reliable way to check preconditions and postconditions in PHP code. It was proposed as a MediaWiki RFC, but is completely generic and can be used by any PHP program or library...

Fedora 33 : mediawiki / php-oojs-oojs-ui / php-wikimedia-assert / etc (2020-a4802c53d9)

https://lists.wikimedia.org/pipermail/mediawiki-announce/2020-Septembe r/000263.html The 1.34.x series is now end-of-life and the 1.35.x series is a LTS release. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenabl...

Fedora: Security Advisory for php-wikimedia-assert (FEDORA-2020-a4802c53d9)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE SLES12 Security Update : libzypp (SUSE-SU-2020:0079-2)

This update for libzypp fixes the following issues : Security issue fixed : CVE-2019-18900: Fixed assert cookie file that was world readable bsc1158763. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted...

CVE-2018-4474

A memory consumption issue was addressed with improved memory handling. This issue is fixed in iCloud for Windows 7.7, watchOS 5, Safari 12, iOS 12, iTunes 12.9 for Windows, tvOS 12. Unexpected interaction causes an ASSERT failure...