7041 matches found
CVE-2025-22919
A reachable assertion in FFmpeg git-master commit N-113007-g8d24a28d06 allows attackers to cause a Denial of Service DoS via opening a crafted AAC file...
Astra Linux – Vulnerability in avahi
A vulnerability was discovered in Avahi. There exists a potentially exploitable assertion within the dbussethostname function...
Astra Linux – Vulnerability in bind9
Client queries that trigger the delivery of stale data and also require lookups in local authoritative zone data may result in assertion failures. This issue affects BIND 9 versions 9.16.13 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.33-S1 through 9.11.37-S1, 9.16.13-S1...
Azure Linux 3.0 Security Update: avahi (CVE-2023-38472)
The version of avahi installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-38472 advisory. - A vulnerability was found in Avahi. A reachable assertion exists in the avahirdataparse function...
Azure Linux 3.0 Security Update: kernel (CVE-2024-23850)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-23850 advisory. - In btrfsgetrootref in fs/btrfs/disk-io.c in the Linux kernel through 6.7.1, there can be an assertion failur...
Azure Linux 3.0 Security Update: bind (CVE-2023-5517)
The version of bind installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-5517 advisory. - A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: -...
CVE-2021-35101
Improper handling of writes to virtual GICR control can lead to assertion failure in the hypervisor in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile...
CVE-2022-25689
Denial of service in Modem due to reachable assertion in Snapdragon Mobile...
CVE-2022-33272
Transient DOS in modem due to reachable assertion...
CVE-2022-33250
Transient DOS due to reachable assertion in modem when network repeatedly sent invalid message container for NR to LTE handover...
CVE-2022-33251
Transient DOS due to reachable assertion in Modem because of invalid network configuration...
CVE-2022-22060
Assertion occurs while processing Reconfiguration message due to improper validation...
CVE-2022-40508
Transient DOS due to reachable assertion in Modem while processing config related to cross carrier scheduling, which is not supported...
Security Bulletin: Vulnerability in GNU glibc affects IBM Integrated Analytics System [CVE-2024-33601]
Summary Redhat provided GNU glibc is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE CVE-2024-33601 Vulnerability Details CVEID:CVE-2024-33601 DESCRIPTION: glibc is vulnerable to a denial of service, caused by a memory allocation failure...
CVE-2024-6351
A malformed packet can cause a buffer overflow in the NWK/APS layer of the Ember ZNet stack and lead to an assert...
Updated glibc packages fix security vulnerability
When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size. CVE-2025-0395...
DFG JIT Use-After-Free
DFG's doesGC is incorrect about the HasIndexedProperty operation's behavior on StringObjects. This can lead to a use-after-free condition. See also https://bugs.chromium.org/p/project-zero/issues/detail?id=1699 for a similar issue. The DFG JIT compiler attempts to determine whether a DFG IR...
CVE-2025-0395
A flaw was found in the GNU C Library glibc. A buffer overflow condition via the assert function may be triggered due to glibc not allocating enough space for the assertion failure message string and size information. In certain conditions, a local attacker can exploit this, potentially leading t...
CVE-2023-37022
Open5GS MME versions = 2.6.4 contain a reachable assertion in the UE Context Release Request packet handler. A packet containing an invalid MMEUES1APID field causes Open5gs to crash; an attacker may repeatedly send such packets to cause denial of service...
CVE-2023-37004
Open5GS MME versions = 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an Initial Context Setup Response message missing a required MMEUES1APID field to repeatedly crash the MME, resulting in denial of service...