7041 matches found
CVE-2025-54369
Node-SAML is a SAML library not dependent on any frameworks that runs in Node. In versions 5.0.1 and below, Node-SAML loads the assertion from the unsigned original response document. This is different than the parts that are verified when checking signature. This allows an attacker to modify...
CVE-2025-54369 Node-SAML SAML Authentication Bypass
Node-SAML is a SAML library not dependent on any frameworks that runs in Node. In versions 5.0.1 and below, Node-SAML loads the assertion from the unsigned original response document. This is different than the parts that are verified when checking signature. This allows an attacker to modify...
K000152700: BIND vulnerability CVE-2025-40775
Security Advisory Description When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20...
curl: Use after free (or assert triggered) with failed allocations in openssl
Summary: summary of the vulnerability A heap use after free or assertion can be triggered if some allocations fail I am not sure you consider allocations failures to be part of security issues, and I am not sure the issue lies in curl or in openssl, but I still think you want something to be fixe...
CVE-2025-34142
An XML External Entity XXE injection vulnerability exists in ETQ Reliance on the CG legacy platform within the /resources/sessions/sso endpoint. The SAML authentication handler processes XML input without disabling external entity resolution, allowing crafted SAML responses to invoke external...
PT-2025-34401
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.16.0-rc6-syzkaller-00002-g155a3c003e55 Description: The Linux kernel contained a flaw in the netfilter bpf Berkeley Packet Filter functionality. Specifically, the nf hook run bpf function did not disable...
The vulnerability of the Demon Routing Protocol Daemon (RPD) in Juniper Networks’ Junos OS and Junos OS Evolved operating systems allows a attacker to cause a service failure.
The vulnerability of the Demon Routing Protocol Daemon RPD in Juniper Networks’ Junos OS and Junos OS Evolved operating systems is related to the use of the assert function. Exploiting this vulnerability allows a remote attacker to cause service interruptions...
Apache HTTP Server Denial of Service Vulnerability (CNVD-2025-16603)
Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. A denial of service vulnerability exists in Apache HTTP Server, which stems from a modproxyhttp2 assertion failure that can be...
CLSA-2025-1752749664 libreswan: Fix of CVE-2024-3652
CVE-2024-3652: fix assertion failure and crash caused by requesting AES-GMAC without specifying esp= line...
[slackware-security] bind
New bind packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/bind-9.18.38-i586-1slack15.0.txz: Upgraded. Fix a possible assertion failure when using the 'stale-answer-client-timeout 0' option. For...
CVE-2025-40777
If a named caching resolver is configured with serve-stale-enable yes, and with stale-answer-client-timeout set to 0 the only allowable value other than disabled, and if the resolver, in the process of resolving a query, encounters a CNAME chain involving a specific combination of cached or...
CVE-2025-40777
If a named caching resolver is configured with serve-stale-enable yes, and with stale-answer-client-timeout set to 0 the only allowable value other than disabled, and if the resolver, in the process of resolving a query, encounters a CNAME chain involving a specific combination of cached or...
DEBIAN-CVE-2025-40777
If a named caching resolver is configured with serve-stale-enable yes, and with stale-answer-client-timeout set to 0 the only allowable value other than disabled, and if the resolver, in the process of resolving a query, encounters a CNAME chain involving a specific combination of cached or...
CVE-2025-40777
If a named caching resolver is configured with serve-stale-enable yes, and with stale-answer-client-timeout set to 0 the only allowable value other than disabled, and if the resolver, in the process of resolving a query, encounters a CNAME chain involving a specific combination of cached or...
CVE-2025-40777 A possible assertion failure when 'stale-answer-client-timeout' is set to '0'
If a named caching resolver is configured with serve-stale-enable yes, and with stale-answer-client-timeout set to 0 the only allowable value other than disabled, and if the resolver, in the process of resolving a query, encounters a CNAME chain involving a specific combination of cached or...
CVE-2025-40777 A possible assertion failure when 'stale-answer-client-timeout' is set to '0'
If a named caching resolver is configured with serve-stale-enable yes, and with stale-answer-client-timeout set to 0 the only allowable value other than disabled, and if the resolver, in the process of resolving a query, encounters a CNAME chain involving a specific combination of cached or...
CVE-2025-40777
Summary: CVE-2025-40777 affects ISC BIND 9 where a named caching resolver configured with serve-stale-enable=yes and stale-answer-client-timeout=0 can abort due to an assertion failure while resolving a CNAME chain. Affected versions include BIND 9.20.0–9.20.10, 9.21.0–9.21.9, and 9.20.9-S1–9.20....
ISC BIND 9 安全漏洞
ISC BIND 9 is a Domain Name System software from the ISC organization. A security vulnerability exists in ISC BIND 9 that stems from an assertion failure that could result in service suspension. The following versions are affected: versions 9.20.0 through 9.20.10, 9.21.0 through 9.21.9, and...
CVE-2025-7485
A vulnerability classified as problematic was found in Open5GS up to 2.7.3. Affected by this vulnerability is the function ngaprecvhandler/s1aprecvhandler/recvhandler of the component SCTP Partial Message Handler. The manipulation leads to reachable assertion. The attack needs to be approached...
CVE-2025-7485 Open5GS SCTP Partial Message recv_handler assertion
A vulnerability classified as problematic was found in Open5GS up to 2.7.3. Affected by this vulnerability is the function ngaprecvhandler/s1aprecvhandler/recvhandler of the component SCTP Partial Message Handler. The manipulation leads to reachable assertion. The attack needs to be approached...