Design/Logic Flaw

The EBMLIntegerValue function in ebmlnumber.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service assert fault via a crafted mkv file...

Design/Logic Flaw

The UpdateDataSize function in ebmlmaster.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service assert fault via a crafted mkv file...

CVE-2017-12801

The UpdateDataSize function in ebmlmaster.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service assert fault via a crafted mkv file...

CVE-2017-12782

The ReadData function in ebmlmaster.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service assert fault via a crafted mkv file...

CVE-2017-12783

The ReadDataFloat function in ebmlnumber.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service assert fault via a crafted mkv file...

CVE-2017-12802

CVE-2017-12802 concerns the EBML_IntegerValue function in libebml2’s ebmlnumber.c. The vulnerability affects versions up to 2012-08-26 and allows remote attackers to cause a denial of service (assert fault) via a specially crafted MKV file. No exploit/vector details are provided in the connected ...

CVE-2017-12801

The CVE-2017-12801 issue affects libebml2 (UpdateDataSize in ebmlmaster.c) and is triggered by processing crafted MKV files. The vulnerability allows remote attackers to cause a denial-of-service, producing an assertion fault. Technical details from connected records show the flaw exists in libeb...

CVE-2017-12803

The CVE-2017-12803 issue affects mkclean 0.8.9, specifically the Node_ValidatePtr function in corec/corec/node/node.c. A crafted MKV file can trigger a remote denial of service (assert fault). Documents consistently describe the vulnerability without detailing a fixed version or patch availabilit...

CVE-2017-13673

An assert failure issue was found in the VGA display emulator built into the Quick emulator QEMU. It could occur while updating graphics display, due to miscalculating region for dirty bitmap snapshot in split screen mode. A privileged user/process inside guest could use this flaw to crash the QE...

UBUNTU-CVE-2017-12425

An issue was discovered in Varnish HTTP Cache 4.0.1 through 4.0.4, 4.1.0 through 4.1.7, 5.0.0, and 5.1.0 through 5.1.2. A wrong if statement in the varnishd source code means that particular invalid requests from the client can trigger an assert, related to an Integer Overflow. This causes the...

Varnish -- Denial of service vulnerability

phk reports: A wrong if statement in the varnishd source code means that particular invalid requests from the client can trigger an assert...

CVE-2017-10688

In LibTIFF 4.0.8, there is a assertion abort in the TIFFWriteDirectoryTagCheckedLong8Array function in tifdirwrite.c. A crafted input will lead to a remote denial of service attack...

Updated openvpn packages fix security vulnerability

It was discovered that OpenVPN improperly triggered an assert when receiving an oversized control packet in some situations. A remote attacker could use this to cause a denial of service server or client crash CVE-2017-7478. It was discovered that OpenVPN improperly triggered an assert when packe...

Design/Logic Flaw

In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the WriteBlob function in MagickCore/blob.c because of missing checks in the ReadOneJNGImage function in coders/png.c...

FreeBSD : OpenVPN -- two remote denial-of-service vulnerabilities (04cc7bd2-3686-11e7-aa64-080027ef73ec)

Samuli Seppanen reports : OpenVPN v2.4.0 was audited for security vulnerabilities independently by Quarkslabs funded by OSTIF and Cryptography Engineering funded by Private Internet Access between December 2016 and April 2017. The primary findings were two remote denial-of-service vulnerabilities...

Fedora 25 : 1:dovecot (2016-daf90926d4)

Fixed crash in auth process when auth-policy was configured and authentication was aborted/failed without a username set. - director: If two users had different tags but the same hash, the users may have been redirected to the wrong tag's hosts. - Index files may have been thought incorrectly...

CVE-2016-7785

The avireadseek function in libavformat/avidec.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service assert fault via a crafted AVI file...

CVE-2016-8595

The gsmparse function in libavcodec/gsmparser.c in FFmpeg before 3.1.5 allows remote attackers to cause a denial of service assert fault via a crafted AVI file...

shopify-scripts: Incorrect code generation when result of NODE_NEGATE is not used

Introduction ============ Not using the result of NODENEGATE leads to incorrect code generation which could possibly result in arbitrary bytecode generation. Currently it is possible to produce a crash through a SIGABRT via an assert failure. Proof of concept ================ assertfailure.rb...

Denial Of Service (DoS)

mss is vulnerable to denial of service DoS. It uses an assert statement to check if the display is opened on a Linux system. Assert is usually used to test conditions that should have never happened and is to crash early in the case of a corrupt program state. Therefore, a malicious user can...