Reachable Assertion

Overview Affected versions of this package are vulnerable to Reachable Assertion in the lookupstart process. An attacker can cause a crash of the daemon by sending two unsolicited announcements containing CNAME resource records two seconds apart. Remediation A fix was pushed into the master branc...

CVE-2025-68471 Avahi has a reachable assertion in lookup_start

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, avahi-daemon can be crashed by sending 2 unsolicited announcements with CNAME resource records 2 seconds apart...

CVE-2025-68468 Avahi has a reachable assertion in lookup_multicast_callback

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, avahi-daemon can be crashed by sending unsolicited announcements containing CNAME resource records pointing it to resource records with short TTLs. As soon as they...

ROS-20260112-7364

A vulnerability in the closureputaftersub function of the drivers/md/bcache/closure.c module of the Linux operating system kernel involves an uncontrolled reachable assertion. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Avahi security vulnerability

Avahi is a set of open-source local service discovery tools for Linux. Avahi has a security vulnerability, which stems from an assertion error in the lookuphandlecname function, potentially leading to denial-of-service attacks...

CVE-2023-31918

Jerryscript 3.0 commit 1a2c047 was discovered to contain an Assertion Failure via the parserparsefunctionarguments at jerry-core/parser/js/js-parser.c...

CVE-2023-31919

Jerryscript 3.0 commit 05dbbd1 was discovered to contain an Assertion Failure via the jcontextraiseexception at jerry-core/jcontext/jcontext.c...

CVE-2023-31920

Jerryscript 3.0 commit 05dbbd1 was discovered to contain an Assertion Failure via the vmloop at jerry-core/vm/vm.c...

CVE-2018-12687

tinyexr 0.9.5 has an assertion failure in DecodePixelData in tinyexr.h...

CVE-2022-33024

There is an Assertion int decodepreR13entitiesBITCODERL, BITCODERL, unsigned int, BITCODERL, BITCODERL, BitChain , DwgData ' failed at dwg2dxf: decode.c:5801 in libredwg v0.12.4.4608...

CVE-2022-31620

In libjpeg before 1.64, BitStream::Get in bitstream.hpp has an assertion failure that may cause denial of service. This is related to out-of-bounds array access during arithmetically coded lossless scan or arithmetically coded sequential scan...

CVE-2019-20056

stbimage.h aka the stb image loader 2.23, as used in libsixel and other products, has an assertion failure in stbishiftsigned...

CVE-2020-12676

FusionAuth fusionauth-samlv2 0.2.3 allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a "Signature exclusion attack"...

CVE-2024-34034

An issue was discovered in FlexRIC 2.0.0. It crashes during a Subscription Request denial-of-service DoS attack, triggered by an assertion error. An attacker must send a high number of E42 Subscription Requests to the Near-RT RIC component...

CVE-2022-23565

Tensorflow is an Open Source Machine Learning Framework. An attacker can trigger denial of service via assertion failure by altering a SavedModel on disk such that AttrDefs of some operation are duplicated. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on...

CVE-2022-23572

Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, TensorFlow can fail to specialize a type during shape inference. This case is covered by the DCHECK function however, DCHECK is a no-op in production builds and an assertion failure in debug builds. In the first cas...

CVE-2023-29129

A vulnerability has been identified in Mendix SAML Mendix 7 compatible All versions = V1.17.3 = V1.16.4 = V2.3.0 = V2.2.0 = V3.3.1 = V3.1.9 = V3.3.0 = V3.1.8 = V3.3.1 = V3.3.0 = V3.1.9 = V3.1.8 V3.2.6. The affected versions of the module insufficiently verify the SAML assertions. This could allow...

CVE-2023-50176

A session fixation in Fortinet FortiOS version 7.4.0 through 7.4.3 and 7.2.0 through 7.2.7 and 7.0.0 through 7.0.13 allows attacker to execute unauthorized code or commands via phishing SAML authentication link...

CVE-2022-33244

Transient DOS due to reachable assertion in modem during MIB reception and SIB timeout...

EUVD-2026-0980

Directus is a real-time API and App dashboard for managing SQL database content. Prior to version 11.14.0, an open redirect vulnerability exists in the Directus SAML authentication callback endpoint. During SAML authentication, the RelayState parameter is intended to preserve the user's original...