724 matches found
CVE-2020-3645
Firmware will hit assert in WLAN firmware If encrypted data length in FILS IE of reassoc response is more than 528 bytes in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon...
Code injection
Firmware will hit assert in WLAN firmware If encrypted data length in FILS IE of reassoc response is more than 528 bytes in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon...
CVE-2020-3645
CVE-2020-3645 affects Qualcomm/Qualcomm-based WLAN firmware used across Snapdragon Compute, Connectivity, Consumer Electronics Connectivity, Consumer IoT, Industrial IoT, Mobile, and related SoCs (e.g., IPQ6018, IPQ8074, Kamorta, Nicobar, QCA63xx, QCN7xxx, SC7xxx, SDM8xx, SXR1x0, etc.). The vulne...
CVE-2020-3645
Firmware will hit assert in WLAN firmware If encrypted data length in FILS IE of reassoc response is more than 528 bytes in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon...
Denial Of Service (DoS)
Eclipse Mosquitto is vulnerable to denial of service DoS. It is possible when a message is published to Mosquitto that has a topic starting with $, but that is not $SYS, e.g. $test/test, leading to an unreachable assert and quiting the Mosquitto...
The vulnerability of microprogrammed software in HP PageWide and HP OfficeJet Pro printers stems from the use of an assert() or similar operator function, which allows a malicious actor to trigger a service failure.
The vulnerability of Microprogrammed Software in HP PageWide and HP OfficeJet Pro printers is related to the use of the assert function or similar operators. Exploiting this vulnerability can allow attackers to trigger a service failure using a specially created file...
The vulnerability of microprogrammed software in HP PageWide and HP OfficeJet Pro printers arises from the use of an operator like “assert()”, which allows a malicious actor to trigger a service failure or gain unauthorized access to protected information.
The vulnerability of Microprogrammed Software in HP PageWide and HP OfficeJet Pro printers is related to the use of the assert function or similar operators. Exploiting this vulnerability can allow attackers to cause malfunctions during maintenance or gain unauthorized access to protected...
Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2019-1405)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
UBUNTU-CVE-2019-13465
An issue was discovered in the ROS communications-related packages aka roscomm or ros-melodic-ros-comm through 1.14.3. ROSASSERTMSG only works when ROSASSERTENABLED is defined. This leads to a problem in the remove function in clients/roscpp/src/libros/spinner.cpp. When ROSASSERTENABLED is not...
CVE-2019-18844
The Device Model in ACRN before 2019w25.5-140000p relies on assert calls in devicemodel/hw/pci/core.c and devicemodel/include/pcicore.h instead of other mechanisms for propagating error information or diagnostic information, which might allow attackers to cause a denial of service assertion failu...
CVE-2019-6471
A race condition which may occur when discarding malformed packets can result in BIND exiting due to a REQUIRE assertion failure in dispatch.c. Versions affected: BIND 9.11.0 - 9.11.7, 9.12.0 - 9.12.4-P1, 9.14.0 - 9.14.2. Also all releases of the BIND 9.13 development branch and version 9.15.0 of...
openSUSE Security Update : bind (openSUSE-2019-2265)
This update for bind fixes the following issues : Security issue fixed : - CVE-2019-6471: Fixed a reachable assert in dispatch.c. bsc1138687 Non-security issue fixed : - bind will no longer rely on /etc/insserv.conf bsc1118367, bsc1118368 This update was imported from the SUSE:SLE-15:Update updat...
CVE-2019-2174
In SensorManager::assertStateLocked of SensorManager.cpp in Android 7.1.1, 7.1.2, 8.0, 8.1, and 9, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
Debian: Security Advisory (DSA-4514-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-4514-1 : varnish - security update
Alf-Andre Walla discovered a remotely triggerable assert in the Varnish web accelerator; sending a malformed HTTP request could result in denial of service. The oldstable distribution stretch is not affected. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...
DEBIAN-CVE-2019-15892
An issue was discovered in Varnish Cache before 6.0.4 LTS, and 6.1.x and 6.2.x before 6.2.1. An HTTP/1 parsing failure allows a remote attacker to trigger an assert by sending crafted HTTP/1 requests. The assert will cause an automatic restart with a clean cache, which makes it a Denial of Servic...
UBUNTU-CVE-2019-15892
An issue was discovered in Varnish Cache before 6.0.4 LTS, and 6.1.x and 6.2.x before 6.2.1. An HTTP/1 parsing failure allows a remote attacker to trigger an assert by sending crafted HTTP/1 requests. The assert will cause an automatic restart with a clean cache, which makes it a Denial of Servic...
CVE-2019-15892
An issue was discovered in Varnish Cache before 6.0.4 LTS, and 6.1.x and 6.2.x before 6.2.1. An HTTP/1 parsing failure allows a remote attacker to trigger an assert by sending crafted HTTP/1 requests. The assert will cause an automatic restart with a clean cache, which makes it a Denial of Servic...
CVE-2019-15892
An issue was discovered in Varnish Cache before 6.0.4 LTS, and 6.1.x and 6.2.x before 6.2.1. An HTTP/1 parsing failure allows a remote attacker to trigger an assert by sending crafted HTTP/1 requests. The assert will cause an automatic restart with a clean cache, which makes it a Denial of Servic...
NewStart CGSL MAIN 4.05 : bind Vulnerability (NS-SA-2019-0130)
The remote NewStart CGSL host, running version MAIN 4.05, has bind packages installed that are affected by a vulnerability: - A denial of service flaw was discovered in bind versions that include the deny-answer-aliases feature. This flaw may allow a remote attacker to trigger an INSIST assert in...