CVE-2019-7697

An issue was discovered in Bento4 v1.5.1-627. There is an assertion failure in AP4AtomListWriter::Action in Core/Ap4Atom.cpp, leading to a denial of service program crash, as demonstrated by mp42hls...

CVE-2019-7662

An assertion failure was discovered in wasm::WasmBinaryBuilder::getType in wasm-binary.cpp in Binaryen 1.38.22. This allows remote attackers to cause a denial of service failed assertion and crash via a crafted wasm file...

Authentication flaw

An assertion failure was discovered in wasm::WasmBinaryBuilder::getType in wasm-binary.cpp in Binaryen 1.38.22. This allows remote attackers to cause a denial of service failed assertion and crash via a crafted wasm file...

CVE-2019-7662

An assertion failure was discovered in wasm::WasmBinaryBuilder::getType in wasm-binary.cpp in Binaryen 1.38.22. This allows remote attackers to cause a denial of service failed assertion and crash via a crafted wasm file...

CVE-2019-7662

CVE-2019-7662 affects Binaryen 1.38.22, where an assertion failure in wasm-binary.cpp::WasmBinaryBuilder::getType() can be triggered by a crafted wasm file, leading to remote denial of service through a crash. The available connected documents confirm the root cause and impact (DoS via crafted wa...

CVE-2019-7662

An assertion failure was discovered in wasm::WasmBinaryBuilder::getType in wasm-binary.cpp in Binaryen 1.38.22. This allows remote attackers to cause a denial of service failed assertion and crash via a crafted wasm file...

RHEL 7 : bind (RHSA-2019:0194)

"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0194 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named C Tenable...

Scientific Linux Security Update : bind on SL7.x x86_64 (20190129)

Security Fixes : - bind: Crash from assertion error when debug log level is 10 and log entries meet buffer boundary CVE-2018-5742 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid121455; scriptversion"1.5";...

bind: Crash from assertion error when debug log level is 10 and log entries meet buffer boundary

While backporting a feature for a newer branch of BIND9, RedHat introduced a path leading to an assertion failure in buffer.c:420. Affects RedHat versions bind-9.9.4-65.el7 - bind-9.9.4-72.el7. No ISC releases are affected. Other packages from other distributions who made the same error may also ...

SUSE SLED12 / SLES12 Security Update : krb5 (SUSE-SU-2019:0111-1)

This update for krb5 fixes the following issues : Security issue fixed : CVE-2018-20217: Fixed an assertion issue with older encryption types bsc1120489 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted...

SUSE-SU-2019:0113-1 Security update for krb5

This update for krb5 fixes the following issues: Security issue fixed: - CVE-2018-20217: Fixed an assertion issue with older encryption types bsc1120489...

Denial Of Service (DoS)

libbind9.so is vulnerable to denial of service. The deny-answer-aliases feature which is used to protect end users against DNS rebinding attacks is affected by an assertion failure in name.c, which would allow a remote attacker to crash the process...

Denial Of Service (DoS)

libbind9.so is vulnerable to denial of service. An assertion failure occurs when a response, with records in an unusual order, is processed. This is due to a mistaken assumption on the ordering of CNAME or DNAME resource records, which would cause named to exit with the assertion failure...

Security update for krb5 (important)

openSUSE Security Update: Security update for krb5 Announcement ID: openSUSE-SU-2019:0063-1 Rating: important References: 1120489 Cross-References: CVE-2018-20217 Affected Products: openSUSE Leap 15.0 An update that fixes one vulnerability is now available. Description: This update for krb5 fixes...

DEBIAN-CVE-2018-5740

"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, ...

ALPINE-CVE-2018-5740

"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, ...

CVE-2018-5740

"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, ...

CVE-2018-5737

A problem with the implementation of the new serve-stale feature in BIND 9.12 can lead to an assertion failure in rbtdb.c, even when stale-answer-enable is off. Additionally, problematic interaction between the serve-stale feature and NSEC aggressive negative caching can in some cases cause...

Design/Logic Flaw

An error in zone database reference counting can lead to an assertion failure if a server which is running an affected version of BIND attempts several transfers of a slave zone in quick succession. This defect could be deliberately exercised by an attacker who is permitted to cause a vulnerable...

CVE-2016-9778

An error in handling certain queries can cause an assertion failure when a server is using the nxdomain-redirect feature to cover a zone for which it is also providing authoritative service. A vulnerable server could be intentionally stopped by an attacker if it was using a configuration that met...