EulerOS 2.0 SP11 : glibc (EulerOS-SA-2025-1655)

According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message stri...

EulerOS 2.0 SP13 : glibc (EulerOS-SA-2025-1632)

According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message stri...

EulerOS 2.0 SP13 : glibc (EulerOS-SA-2025-1615)

According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message stri...

BIT-MARIADB-MIN-2022-32082

MariaDB v10.5 to v10.7 was discovered to contain an assertion failure at table-getrefcount == 0 in dict0dict.cc...

BIT-MARIADB-MIN-2022-27448

There is an Assertion failure in MariaDB Server v10.9 and below via 'node-pcur-relpos == BTRPCURON' at /row/row0mysql.cc...

CVE-2025-5520 Open5GS AMF/MME emm_state_authentication assertion

A vulnerability was found in Open5GS up to 2.7.3. It has been classified as problematic. Affected is the function gmmstateauthentication/emmstateauthentication of the component AMF/MME. The manipulation leads to reachable assertion. It is possible to launch the attack remotely. The exploit has be...

CVE-2025-5520 Open5GS AMF/MME emm_state_authentication assertion

A vulnerability was found in Open5GS up to 2.7.3. It has been classified as problematic. Affected is the function gmmstateauthentication/emmstateauthentication of the component AMF/MME. The manipulation leads to reachable assertion. It is possible to launch the attack remotely. The exploit has be...

CVE-2025-5501 Open5GS NGAP PathSwitchRequest Message ngap-handler.c ngap_handle_path_switch_request_transfer assertion

A vulnerability classified as problematic was found in Open5GS up to 2.7.3. Affected by this vulnerability is the function ngaphandlepathswitchrequesttransfer of the file src/smf/ngap-handler.c of the component NGAP PathSwitchRequest Message Handler. The manipulation leads to reachable assertion...

SUSE CVE-2025-5455

An issue was found in the private API function qDecodeDataUrl in QtCore, which is used in QTextDocument and QNetworkReply, and, potentially, in user code. If the function was called with malformed data, for example, an URL that contained a "charset" parameter that lacked a value such as...

DEBIAN-CVE-2025-5455

An issue was found in the private API function qDecodeDataUrl in QtCore, which is used in QTextDocument and QNetworkReply, and, potentially, in user code. If the function was called with malformed data, for example, an URL that contained a "charset" parameter that lacked a value such as...

CVE-2025-5455

An issue was found in the private API function qDecodeDataUrl in QtCore, which is used in QTextDocument and QNetworkReply, and, potentially, in user code. If the function was called with malformed data, for example, an URL that contained a "charset" parameter that lacked a value such as...

UBUNTU-CVE-2025-5455

An issue was found in the private API function qDecodeDataUrl in QtCore, which is used in QTextDocument and QNetworkReply, and, potentially, in user code. If the function was called with malformed data, for example, an URL that contained a "charset" parameter that lacked a value such as...

Medium: glibc

Issue Overview: In iconvdata/iso-2022-jp-3.c in the GNU C Library aka glibc 2.34, remote attackers can force iconv to emit a spurious '\0' character via crafted ISO-2022-JP-3 data that is accompanied by an internal state reset. This may affect data integrity in certain iconv use cases. NOTE: the...

CVE-2024-45403

h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. When h2o is configured as a reverse proxy and HTTP/3 requests are cancelled by the client, h2o might crash due to an assertion failure. The crash can be exploited by an attacker to mount a Denial-of-Service attack. By default, th...

CVE-2024-33255

Jerryscript commit cefd391 was discovered to contain an Assertion Failure via ECMASTRINGISREFEQUALSTOONE stringp in ecmafreestringlist...

CVE-2024-33263

QuickJS commit 3b45d15 was discovered to contain an Assertion Failure via JSFreeRuntimeJSRuntime at quickjs.c...

CVE-2024-50615

TinyXML2 through 10.0.0 has a reachable assertion for UINTMAX/digit, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef...

CVE-2024-34475

Open5GS before 2.7.1 is vulnerable to a reachable assertion that can cause an AMF crash via NAS messages from a UE: gmmstateauthentication in amf/gmm-sm.c for != OGSERROR...

CVE-2024-24429

A reachable assertion in the nasepssendemmtoesm function of Open5GS = 2.6.4 allows attackers to cause a Denial of Service DoS via a crafted NGAP packet...

CVE-2024-24432

A reachable assertion in the ogskdfhashmme function of Open5GS = 2.6.4 allows attackers to cause a Denial of Service DoS via a crafted NAS packet...