Lucene search
K

7041 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 8:8 a.m.5 views

CVE-2019-14382

DSM in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs...

6.5CVSS6.8AI score0.0122EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:55 a.m.8 views

CVE-2019-14383

J2B in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs...

6.5CVSS6.8AI score0.01338EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:49 a.m.8 views

CVE-2018-12504

tinyexr 0.9.5 has an assertion failure in ComputeChannelLayout in tinyexr.h...

7.5CVSS6.9AI score0.01584EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:27 a.m.9 views

CVE-2018-12459

An inconsistent bits-per-sample value in the ffmpeg4decodepictureheader function in libavcodec/mpeg4videodec.c in FFmpeg 4.0 may trigger an assertion violation while converting a crafted AVI file to MPEG4, leading to a denial of service...

6.5CVSS6.7AI score0.01061EPSS
Exploits0References1
F5 Networks
F5 Networks
added 2025/05/22 3:4 a.m.16 views

K000151474: GNU C Library vulnerability CVE-2025-0395

Security Advisory Description When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size. CVE-2025-03...

6.2CVSS6.8AI score0.00349EPSS
Exploits0
NVD
NVD
added 2025/05/21 1:16 p.m.10 views

CVE-2025-40775

When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7...

7.5CVSS0.11727EPSS
Exploits1References3
OSV
OSV
added 2025/05/21 1:16 p.m.5 views

AZL-61972 CVE-2025-40775 affecting package bind for versions less than 9.20.9-1

When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7...

7.5CVSS5.8AI score0.11727EPSS
Exploits1References1
OSV
OSV
added 2025/05/21 1:16 p.m.2 views

DEBIAN-CVE-2025-40775

When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7...

7.5CVSS8.1AI score0.11727EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/05/21 12:35 p.m.21 views

CVE-2025-40775 DNS message with invalid TSIG causes an assertion failure

When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7...

7.5CVSS0.11727EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/05/21 12:35 p.m.12 views

CVE-2025-40775 DNS message with invalid TSIG causes an assertion failure

When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7...

7.5CVSS6.9AI score0.11727EPSS
Exploits1References1
CVE
CVE
added 2025/05/21 12:35 p.m.183 views

CVE-2025-40775

CVE-2025-40775 affects ISC BIND 9, specifically versions 9.20.0–9.20.8 and 9.21.0–9.21.7. The root cause is an invalid value in the TSIG algorithm field in an incoming DNS message, which causes BIND to abort with an assertion failure. The impact is remote denial of service via crafted TSIGs. A fi...

7.5CVSS7.5AI score0.11727EPSS
Exploits1References3
AlpineLinux
AlpineLinux
added 2025/05/21 12:35 p.m.22 views

CVE-2025-40775

When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7...

7.5CVSS7.6AI score0.11727EPSS
Exploits1
Debian CVE
Debian CVE
added 2025/05/21 12:35 p.m.21 views

CVE-2025-40775

When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7...

7.5CVSS8.1AI score0.11727EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2025/05/21 12:47 a.m.12 views

SUSE CVE-2025-37897

In the Linux kernel, the following vulnerability has been resolved: wifi: plfxlc: Remove erroneous assert in plfxlcmacrelease plfxlcmacrelease asserts that mac-lock is held. This assertion is incorrect, because even if it was possible, it would not be the valid behaviour. The function is used whe...

3.3CVSS7.6AI score0.0016EPSS
Exploits0References16
CNNVD
CNNVD
added 2025/05/21 12:0 a.m.3 views

ISC BIND 安全漏洞

ISC BIND is an ISC open source suite of open source software that implements the DNS protocol. A security vulnerability exists in ISC BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7, which stems from an invalid value in the TSIG algorithm field that could lead to an assertion...

7.5CVSS8AI score0.11727EPSS
Exploits1References2
ArchLinux
ArchLinux
added 2025/05/21 12:0 a.m.17 views

[ASA-202505-14] bind: denial of service

Arch Linux Security Advisory ASA-202505-14 ========================================== Severity: High Date : 2025-05-21 CVE-ID : CVE-2025-40775 Package : bind Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-2881 Summary ======= The package bind before version 9.20.9...

7.5CVSS6.7AI score0.11727EPSS
Exploits1References4
OSV
OSV
added 2025/05/20 4:15 p.m.2 views

DEBIAN-CVE-2025-37897

In the Linux kernel, the following vulnerability has been resolved: wifi: plfxlc: Remove erroneous assert in plfxlcmacrelease plfxlcmacrelease asserts that mac-lock is held. This assertion is incorrect, because even if it was possible, it would not be the valid behaviour. The function is used whe...

5.5CVSS5.6AI score0.0016EPSS
Exploits0References1
OSV
OSV
added 2025/05/20 4:15 p.m.1 views

UBUNTU-CVE-2025-37897

In the Linux kernel, the following vulnerability has been resolved: wifi: plfxlc: Remove erroneous assert in plfxlcmacrelease plfxlcmacrelease asserts that mac-lock is held. This assertion is incorrect, because even if it was possible, it would not be the valid behaviour. The function is used whe...

5.5CVSS6.2AI score0.0016EPSS
Exploits0References30
Cvelist
Cvelist
added 2025/05/20 3:21 p.m.13 views

CVE-2025-37897 wifi: plfxlc: Remove erroneous assert in plfxlc_mac_release

In the Linux kernel, the following vulnerability has been resolved: wifi: plfxlc: Remove erroneous assert in plfxlcmacrelease plfxlcmacrelease asserts that mac-lock is held. This assertion is incorrect, because even if it was possible, it would not be the valid behaviour. The function is used whe...

0.0016EPSS
Exploits0References5
CVE
CVE
added 2025/05/20 3:21 p.m.98 views

CVE-2025-37897

CVE-2025-37897 affects the Linux kernel wifi driver (plfxlc) where plfxlc_mac_release() asserts mac->lock, which is incorrect because mac->lock cannot be held when probe fails or the device is disconnected. The issue can trigger a kernel warning (warning trace shown in the advisory) and is ...

5.5CVSS6.4AI score0.0016EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder