Authentication flaw

The prefetch implementation in named in ISC BIND 9.10.0, when a recursive nameserver is enabled, allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit via a DNS query that triggers a response with unspecified attributes...

Server side request forgery (ssrf)

Squid 3.1 before 3.3.12 and 3.4 before 3.4.4, when SSL-Bump is enabled, allows remote attackers to cause a denial of service assertion failure via a crafted range request, related to state management...

CXF: Denial of Service (DoS) via invalid JAX-RS SAML tokens

The SamlHeaderInHandler in Apache CXF before 2.6.11, 2.7.x before 2.7.8, and 3.0.x before 3.0.1 allows remote attackers to cause a denial of service infinite loop via a crafted SAML token in the authorization header of a request to a JAX-RS service...

openSUSE: Security Advisory for lighttpd (openSUSE-SU-2014:0496-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Design/Logic Flaw

The 1 cf2initLocalRegionBuffer and 2 cf2initGlobalRegionBuffer functions in cff/cf2ft.c in FreeType before 2.5.3 do not properly check if a subroutine exists, which allows remote attackers to cause a denial of service assertion failure, as demonstrated by a crafted ttf file...

CVE-2014-2241

CVE-2014-2241 affects FreeType up to 2.5.3. The cf2_initLocalRegionBuffer and cf2_initGlobalRegionBuffer functions do not properly verify that a subroutine exists, allowing an attacker to trigger a denial-of-service (assertion failure) via a crafted TrueType font. Connected advisories generally r...

Design/Logic Flaw

CoreCapture in Apple iOS before 7.1 and Apple TV before 6.1 does not properly validate IOKit API calls, which allows attackers to cause a denial of service assertion failure and device crash via a crafted app...

CVE-2014-1271

CVE-2014-1271 concerns CoreCapture in Apple iOS prior to 7.1 and Apple TV prior to 6.1. The vulnerability arises because CoreCapture does not properly validate IOKit API calls, which can allow a crafted app to trigger a denial of service via assertion failure and device crash. The issue centers o...

libtiff: assertion failure on downsampled OJPEG file

The OJPEGPostDecode function in tifojpeg.c in LibTIFF 3.9.0 and 3.9.2, as used in tiff2ps, allows remote attackers to cause a denial of service assertion failure and application exit via a crafted TIFF image, related to "downsampled OJPEG input."...

CVE-2010-4777

The Perlregnumberedbufffetch function in Perl 5.10.0, 5.12.0, 5.14.0, and other versions, when running with debugging enabled, allows context-dependent attackers to cause a denial of service assertion failure and application exit via crafted input that is not properly handled when using certain...

Code injection

The Perlregnumberedbufffetch function in Perl 5.10.0, 5.12.0, 5.14.0, and other versions, when running with debugging enabled, allows context-dependent attackers to cause a denial of service assertion failure and application exit via crafted input that is not properly handled when using certain...

CVE-2010-4777

The Perlregnumberedbufffetch function in Perl 5.10.0, 5.12.0, 5.14.0, and other versions, when running with debugging enabled, allows context-dependent attackers to cause a denial of service assertion failure and application exit via crafted input that is not properly handled when using certain...

CVE-2010-4777

The Perlregnumberedbufffetch function in Perl 5.10.0, 5.12.0, 5.14.0, and other versions, when running with debugging enabled, allows context-dependent attackers to cause a denial of service assertion failure and application exit via crafted input that is not properly handled when using certain...

CVE-2010-4777

The Perlregnumberedbufffetch function in Perl 5.10.0, 5.12.0, 5.14.0, and other versions, when running with debugging enabled, allows context-dependent attackers to cause a denial of service assertion failure and application exit via crafted input that is not properly handled when using certain...

CVE-2010-4777

Perl_reg_numbered_buff_fetch in Perl 5.10.0/5.12.0/5.14.0 (and other versions), when debugging is enabled, allows context‑dependent attackers to cause a denial of service (assertion failure and application exit) via crafted input in certain regexes, evidenced by crashes of SpamAssassin and OCSInv...

CVE-2012-2249

Tor before 0.2.3.23-rc allows remote attackers to cause a denial of service assertion failure and daemon exit via a renegotiation attempt that occurs after the initiation of the V3 link protocol...

CVE-2012-2249

Tor before 0.2.3.23-rc allows remote attackers to cause a denial of service assertion failure and daemon exit via a renegotiation attempt that occurs after the initiation of the V3 link protocol...

Design/Logic Flaw

Tor before 0.2.3.24-rc allows remote attackers to cause a denial of service assertion failure and daemon exit by performing link protocol negotiation incorrectly...

CVE-2012-2249

Tor before 0.2.3.23-rc allows remote attackers to cause a denial of service assertion failure and daemon exit via a renegotiation attempt that occurs after the initiation of the V3 link protocol...

Information disclosure

Tor before 0.2.3.23-rc allows remote attackers to cause a denial of service assertion failure and daemon exit via a renegotiation attempt that occurs after the initiation of the V3 link protocol...