Lucene search
K

59 matches found

NVD
NVD
added 2026/06/25 2:16 p.m.4 views

CVE-2026-47145

In EmberZNet v9.0.2 and earlier, malformed Color Control messages can lead to asserts that terminate the process. These messages must come from a device that has already joined the network. Only devices supporting the Color Control cluster may be impacted...

7.1CVSS0.00249EPSS
Exploits0References2
CVE
CVE
added 2026/06/25 1:35 p.m.22 views

CVE-2026-47146

CVE-2026-47146 affects EmberZNet v9.0.2 and earlier; malformed Color Control messages can trigger asserts that abort the process. Impact is limited to devices that have already joined the network and that support the Color Control cluster. The provided documents do not specify a patch version or ...

7.1CVSS5.8AI score0.00249EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/25 1:35 p.m.5 views

EUVD-2026-39400

In EmberZNet v9.0.2 and earlier, malformed Color Control messages can lead to asserts that terminate the process. These messages must come from a device that has already joined the network. Only devices supporting the Color Control cluster may be impacted...

7.1CVSS5.8AI score0.00249EPSS
Exploits0References2
Redos
Redos
added 2026/06/15 12:0 a.m.7 views

ROS-20260615-73-0035

The vulnerability of the rtsreadauthverifiernochecks function in the FreeRDP client is related to the insufficient use of the assert function. Exploiting this vulnerability could allow a malicious actor to cause service failures...

6.5CVSS4.8AI score0.00271EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2026/04/22 7:47 p.m.6 views

CVE-2026-34066

nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. Prior to version 1.3.0, HistoryStore::puthistorictxns uses an assert! to enforce invariants about HistoricTransaction.blocknumber must be within the macro block being pushed and within the same epoch. During histo...

5.3CVSS5.7AI score0.00242EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/17 9:11 p.m.11 views

CVE-2026-29013 libcoap Out-of-Bounds Read in OSCORE CBOR Unwrap Handling

libcoap contains out-of-bounds read vulnerabilities in OSCORE Appendix B.2 CBOR unwrap handling where getbyteinc in src/oscore/oscorecbor.c relies solely on assert for bounds checking, which is removed in release builds compiled with NDEBUG. Attackers can send crafted CoAP requests with malformed...

8.8CVSS5.8AI score0.00296EPSS
Exploits0References1
CVE
CVE
added 2026/04/17 9:11 p.m.21 views

CVE-2026-29013

CVE-2026-29013 affects libcoap with out-of-bounds read vulnerabilities in OSCORE CBOR unwrap handling (get_byte_inc in src/oscore/oscore_cbor.c relies on assert for bounds, removed under NDEBUG). Attackers can send crafted CoAP messages during OSCORE negotiation to trigger reads beyond bounds, po...

9.8CVSS6AI score0.00296EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2026/04/17 9:11 p.m.11 views

CVE-2026-29013

libcoap contains out-of-bounds read vulnerabilities in OSCORE Appendix B.2 CBOR unwrap handling where getbyteinc in src/oscore/oscorecbor.c relies solely on assert for bounds checking, which is removed in release builds compiled with NDEBUG. Attackers can send crafted CoAP requests with malformed...

9.8CVSS5.8AI score0.00296EPSS
Exploits0
CVE
CVE
added 2026/03/05 6:21 a.m.28 views

CVE-2026-1678

CVE-2026-1678 affects Zephyr’s DNS name parser. The function dns_unpack_name() caches the buffer tailroom and reuses it when appending DNS labels; as the buffer grows, the cached size can become incorrect, allowing the final null terminator to be written past the buffer. With assertions disabled ...

9.8CVSS6AI score0.00376EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/26 12:0 a.m.8 views

PT-2026-22166

Golioth Firmware SDK version 0.10.0 prior to 0.22.0, fixed in commit 48f521b, contain a stack-based buffer overflow in Payload Utils. The golioth payload as int and golioth payload as float helpers copy network-supplied payload data into fixed-size stack buffers using memcpy with a length derived...

6.3CVSS5.9AI score0.00297EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/01/21 12:0 a.m.6 views

PT-2026-3845

Name of the Vulnerable Software and Affected Versions EVerest versions prior to 2025.10.0 Description The software may experience crashes due to the frequent use of the assert function for error handling. This can lead to a denial of service, as the manager terminates all modules and exits upon...

7.4CVSS5.3AI score0.00156EPSS
Exploits0References2
OSV
OSV
added 2026/01/06 12:15 a.m.10 views

AZL-73506 CVE-2025-69227 affecting package python-aiohttp 3.6.2-3

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow for an infinite loop to occur when assert statements are bypassed, resulting in a DoS attack when processing a POST body. If optimizations are enabled -O or PYTHONOPTIMIZE=1, and the...

8.7CVSS5.9AI score0.00337EPSS
Exploits0References1
OSV
OSV
added 2026/01/06 12:15 a.m.7 views

UBUNTU-CVE-2025-69227

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow for an infinite loop to occur when assert statements are bypassed, resulting in a DoS attack when processing a POST body. If optimizations are enabled -O or PYTHONOPTIMIZE=1, and the...

8.7CVSS6.4AI score0.00337EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/01/05 11:19 p.m.5 views

CVE-2025-69227 AIOHTTP vulnerable to DoS when bypassing asserts

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow for an infinite loop to occur when assert statements are bypassed, resulting in a DoS attack when processing a POST body. If optimizations are enabled -O or PYTHONOPTIMIZE=1, and the...

8.7CVSS6.5AI score0.00337EPSS
Exploits0References2
OSV
OSV
added 2026/01/05 11:19 p.m.4 views

CVE-2025-69227 AIOHTTP vulnerable to DoS when bypassing asserts

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow for an infinite loop to occur when assert statements are bypassed, resulting in a DoS attack when processing a POST body. If optimizations are enabled -O or PYTHONOPTIMIZE=1, and the...

8.7CVSS6.8AI score0.00337EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/01/05 11:19 p.m.35 views

CVE-2025-69227 AIOHTTP vulnerable to DoS when bypassing asserts

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow for an infinite loop to occur when assert statements are bypassed, resulting in a DoS attack when processing a POST body. If optimizations are enabled -O or PYTHONOPTIMIZE=1, and the...

8.7CVSS0.00337EPSS
Exploits0References2
OSV
OSV
added 2026/01/05 11:10 p.m.7 views

GHSA-JJ3X-WXRX-4X23 AIOHTTP vulnerable to DoS when bypassing asserts

Summary When assert statements are bypassed, an infinite loop can occur, resulting in a DoS attack when processing a POST body. Impact If optimisations are enabled -O or PYTHONOPTIMIZE=1, and the application includes a handler that uses the Request.post method, then an attacker may be able to...

8.7CVSS7.2AI score0.00337EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-9775

Malware in sbrugna...

10CVSS9.5AI score0.00964EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-58038

Malicious code in bioql PyPI...

8.8CVSS8.7AI score0.00867EPSS
Exploits1References4
NVD
NVD
added 2025/08/16 11:15 a.m.5 views

CVE-2025-38511

In the Linux kernel, the following vulnerability has been resolved: drm/xe/pf: Clear all LMTT pages on alloc Our LMEM buffer objects are not cleared by default on alloc and during VF provisioning we only setup LMTT PTEs for the actually provisioned LMEM range. But beyond that valid range we might...

5.5CVSS0.00135EPSS
Exploits0References3
Rows per page
Query Builder