EUVD-2021-26756

Malware in sbrugna...

EUVD-2021-15558

Malware in sbrugna...

EUVD-2021-26757

Malware in sbrugna...

OESA-2025-2076 mod_http2 security update

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers. Security Fixes: A vulnerability classified as problematic has been found in Apache HTTP Server up to 2.4.63 Web Server.CWE is classifying the issue as CWE-617. The product contains an...

RHEL 8 : libyang (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libyang: NULL pointer dereference in readyinleaf CVE-2021-28906 - libyang: NULL pointer dereference via...

Debian dla-3579 : elfutils - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3579 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3579-1 [email protected] https://www.debian.org/lts/security/...

Amazon Linux 2 : elfutils (ALAS-2023-2259)

"The version of elfutils installed on the remote host is prior to 0.176-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2259 advisory. The libcpu component which is used by libasm of elfutils version 0.177 git 47780c9e, suffers from denial-of-service vulnerability...

Design/Logic Flaw

The libcpu component which is used by libasm of elfutils version 0.177 git 47780c9e, suffers from denial-of-service vulnerability caused by application crashes due to out-of-bounds write CWE-787, off-by-one error CWE-193 and reachable assertion CWE-617; to exploit the vulnerability, the attackers...

CVE-2020-21047

The libcpu component which is used by libasm of elfutils version 0.177 git 47780c9e, suffers from denial-of-service vulnerability caused by application crashes due to out-of-bounds write CWE-787, off-by-one error CWE-193 and reachable assertion CWE-617; to exploit the vulnerability, the attackers...

CVE-2020-21047

CVE-2020-21047 affects elfutils’ libcpu (used by libasm, elfutils 0.177, git 47780c9e). It enables a denial-of-service via an out-of-bounds write (CWE-787), off-by-one error (CWE-193), and reachable assertion (CWE-617). Exploitation requires crafting ELF files that bypass bound checks. The vulner...

SUSE CVE-2021-28905

In function lysnodefree in libyang module can't be NULL. But in some cases, node-module can be null, which triggers a reachable assertion CWE-617...

CVE-2021-3430

Assertion reachable with repeated LLCONNECTIONPARAMREQ. Zephyr versions = v1.14 contain Reachable Assertion CWE-617. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-46h3-hjcq-2jjr...

CVE-2021-3431

Assertion reachable with repeated LLFEATUREREQ. Zephyr versions = v2.5.0 contain Reachable Assertion CWE-617. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7548-5m6f-mqv9...

Design/Logic Flaw

Assertion reachable with repeated LLCONNECTIONPARAMREQ. Zephyr versions = v1.14 contain Reachable Assertion CWE-617. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-46h3-hjcq-2jjr...

CVE-2021-3431

CVE-2021-3431 concerns Zephyr RTOS. Affected: Zephyr versions >= 2.5.0 where repeated LL_FEATURE_REQ can trigger a Reachable Assertion (CWE-617). Documented impact across sources describes a denial of service risk arising from this assertion. Root cause identified as the repeated LL_FEATURE_RE...

CVE-2021-3431 BT: Assertion failure on repeated LL_FEATURE_REQ

Assertion reachable with repeated LLFEATUREREQ. Zephyr versions = v2.5.0 contain Reachable Assertion CWE-617. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7548-5m6f-mqv9...

CVE-2021-3430

CVE-2021-3430 affects Zephyr RTOS v1.14 and later, where an assertion can be reached via a repeated LL_CONNECTION_PARAM_REQ. The CVE describes a Reachable Assertion (CWE-617) that could enable a denial-of-service condition. Public documentation in NVD and CNVD notes this vulnerability and referen...

CVE-2021-3430 BT: Assertion failure on repeated LL_CONNECTION_PARAM_REQ

Assertion reachable with repeated LLCONNECTIONPARAMREQ. Zephyr versions = v1.14 contain Reachable Assertion CWE-617. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-46h3-hjcq-2jjr...

CVE-2021-3454

CVE-2021-3454 concerns Zephyr RTOS, where a truncated L2CAP K-frame causes an assertion failure. Multiple connected sources corroborate that Zephyr versions 2.4.0 and later are affected, due to improper handling of length parameter inconsistencies (CWE-130) and a reachable assertion (CWE-617). Av...

CVE-2021-3454 Truncated L2CAP K-frame causes assertion failure

Truncated L2CAP K-frame causes assertion failure. Zephyr versions = 2.4.0, = v.2.50 contain Improper Handling of Length Parameter Inconsistency CWE-130, Reachable Assertion CWE-617. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-fx88-6c29-vrp3...