3783 matches found
glibc: glibc: Denial of Service via iconv() function with specific character sets
A flaw was found in glibc, the GNU C Library. A remote attacker could exploit this vulnerability by providing specially crafted inputs using the IBM1390 or IBM1399 character sets to the iconv function. This could lead to an assertion failure, causing the application to crash and resulting in a...
DEBIAN-CVE-2026-48852
PuTTY 0.71 before 0.84 has an assertion failure in ECDSA signature verification...
CVE-2026-48852
PuTTY 0.71 before 0.84 has an assertion failure in ECDSA signature verification...
CVE-2026-48852
PuTTY 0.71 before 0.84 has an assertion failure in ECDSA signature verification...
UBUNTU-CVE-2026-48852
PuTTY 0.71 before 0.84 has an assertion failure in ECDSA signature verification...
CVE-2026-48852
PuTTY 0.71 before 0.84 has an assertion failure in ECDSA signature verification...
CVE-2026-48852
PuTTY 0.71 before 0.84 is affected by an assertion failure in ECDSA signature verification (CVE-2026-48852). The public data specifies affected version range and impact but provides no remediation details in the documents. The CVSS v3.1 vector yields a LOW overall impact (availability loss) with ...
CVE-2026-48852
PuTTY 0.71 before 0.84 has an assertion failure in ECDSA signature verification...
CLSA-2026-1779579653 thunderbird: Fix of 4 CVEs
CVE-2024-0742: assertion failure in nsPresContext::UserInputEventsAllowed Document::SetIsInitialDocument sticky-bit - CVE-2025-2830: path traversal via malformed attachment filename in multipart message directory guard in MimePart.fetchAttachment + mimedrft.cpp - CVE-2025-3909: predictable...
PT-2026-43124
Name of the Vulnerable Software and Affected Versions PuTTY versions 0.71 through 0.83 Description An assertion failure occurs during the ECDSA Elliptic Curve Digital Signature Algorithm signature verification process...
ALPINE-CVE-2026-5946
Multiple flaws have been identified in named related to the handling of DNS messages whose CLASS is not Internet IN — for example, CHAOS or HESIOD, or DNS messages that specify meta-classes ANY or NONE in the question section. Specially crafted requests reaching the affected code paths — recursio...
CVE-2026-5946
Multiple flaws have been identified in named related to the handling of DNS messages whose CLASS is not Internet IN — for example, CHAOS or HESIOD, or DNS messages that specify meta-classes ANY or NONE in the question section. Specially crafted requests reaching the affected code paths — recursio...
CVE-2026-5946 Invalid handling of CLASS != IN
Multiple flaws have been identified in named related to the handling of DNS messages whose CLASS is not Internet IN — for example, CHAOS or HESIOD, or DNS messages that specify meta-classes ANY or NONE in the question section. Specially crafted requests reaching the affected code paths — recursio...
CVE-2026-5946
Multiple flaws have been identified in named related to the handling of DNS messages whose CLASS is not Internet IN — for example, CHAOS or HESIOD, or DNS messages that specify meta-classes ANY or NONE in the question section. Specially crafted requests reaching the affected code paths — recursio...
Astra Linux – Vulnerability in bind9
In BIND 9.8.5 - 9.8.8, 9.9.3 - 9.11.29, 9.12.0 - 9.16.13, and versions of BIND 9 Supported Preview Edition such as 9.9.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1, as well as the release version 9.17.0 - 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: Fixed the race condition between balance operations and cancel/pause requests. Syzbot reported a panic that looked like this: Assertion failed: fsinfo-exclusiveoperation == BTRFSEXCLOPBALANCEPAUSED, in fs/btrfs/ioctl.c:465...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: jbd2: The assertion “jh-bfrozendata == NULL” failed when the journal was aborted. The following process will fail the assertion “jh-bfrozendata == NULL” in jbd2journaldirtymetadata: jbd2journalcommitTransaction; unlinkdir/a; jh-b...
Astra Linux – Vulnerability in unbound
Unbound before version 1.9.5 allows assertion failures and denial of service in dnamepktcopy due to an invalid packet. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, an ongoing Unbound installation cannot be remotely or locally exploited...
Astra Linux – Vulnerability in Redis
Redis before 6cbea7d allows a replica to cause an assertion failure in a primary server by sending a non-administrative command specifically, a SET command. NOTE: this issue was fixed for Redis 6.2.x and 7.x in 2021. Versions before 6.2 were not intended to have any safety guarantees related to...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: btrfs: fixed a race condition between the async reclaim worker and closectree Syzbot reported an assertion failure due to an attempt to add a delayed iput after setting BTRFSFSSTATENODELAYEDIPUT in the fsinfo state: WARNING:...