514 matches found
CVE-2026-8257 WebAssembly Binaryen BrOn wasm-ir-builder.cpp makeBrOn assertion
A vulnerability was detected in WebAssembly Binaryen up to 117. This issue affects the function IRBuilder::makeBrOn of the file src/wasm/wasm-ir-builder.cpp of the component BrOn Parser. Performing a manipulation results in reachable assertion. The attack needs to be approached locally. The explo...
OpenVPN TLS Crypt v2 Client Key Extraction denial of service vulnerability
Talos Vulnerability Report TALOS-2026-2381 OpenVPN TLS Crypt v2 Client Key Extraction denial of service vulnerability April 27, 2026 CVE Number CVE-2026-35058 SUMMARY A reachable assertion vulnerability exists in the TLS Crypt v2 Client Key Extraction functionality of OpenVPN 2.6.x and 2.8git. A...
Reachable Assertion
Overview Affected versions of this package are vulnerable to Reachable Assertion via the forEach mutation handler. An attacker can cause the cluster-wide background controller to crash into a persistent CrashLoopBackOff and disrupt all matching resource operations by creating a specially crafted...
FreeBSD : nghttp2 -- CWE-617: Reachable Assertion (c08273b5-30e5-11f1-b9f2-b42e991fc52e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the c08273b5-30e5-11f1-b9f2-b42e991fc52e advisory. https://github.com/nghttp2/nghttp2/security/advisories/GHSA-6933-cjhr-5qg6 reports: nghttp2 is an...
Reachable Assertion
Overview Affected versions of this package are vulnerable to Reachable Assertion via the transportflagsfromdomain function. An attacker can cause a crash of the daemon by sending a D-Bus method call with conflicting publish flags. Remediation A fix was pushed into the master branch but not yet...
Siemens SIMATIC S7-1500 Reachable Assertion (CVE-2025-38285)
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix WARN in getbpfrawtpregs syzkaller reported an issue: WARNING: CPU: 3 PID: 5971 at kernel/trace/bpftrace.c:1861 getbpfrawtpregs+0xa4/0x100 kernel/trace/bpftrace.c:1861 Modules linked in: CPU: 3 UID: 0 PID: 5971 Comm:...
Reachable Assertion
Overview Affected versions of this package are vulnerable to Reachable Assertion due to missing internal state validation after the nghttp2sessionterminatesession or nghttp2sessionterminatesession2 APIs are called. An attacker can cause the application to terminate unexpectedly by sending a...
nghttp2 -- CWE-617: Reachable Assertion
https://github.com/nghttp2/nghttp2/security/advisories/GHSA-6933-cjhr-5qg6 reports: nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops reading the incoming data when user facing public API nghttp2sessionterminatesessi...
ROS-20260317-73-0034
A vulnerability in the populatefreespacetree function in the fs/btrfs/free-space-tree.c module of the btrfs file system of the Linux operating system kernel is associated with a reachable assertion. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
Reachable Assertion
Overview Affected versions of this package are vulnerable to Reachable Assertion in the qjs interpreter when executed with the -m option and a low memory limit. An attacker can trigger an out-of-memory condition followed by an assertion failure during runtime cleanup by providing crafted JavaScri...
Reachable Assertion
Overview Affected versions of this package are vulnerable to Reachable Assertion via the gcdecrefchild function in the garbage collection process when executed with the -m option. An attacker can cause the application to abort and terminate unexpectedly by providing crafted JavaScript input that...
CVE-2025-47384 Reachable Assertion in FW
Transient DOS when MAC configures config id greater than supported maximum value...
CVE-2025-47371 Reachable Assertion in Modem
Transient DOS when an LTE RLC packet with invalid TB is received by UE...
CVE-2025-47371
The CVE describes a transient denial-of-service in a UE when an LTE RLC packet with an invalid TB is received by the modem. Root cause: an LTE RLC packet with an invalid TB triggers a fault in the modem’s processing. Impact is reported as transient DOS to the UE; no additional exploit details or ...
Security Bulletin: IBM Watson Machine Learning Accelerator for IBM Cloud Pak for Data is affected by multiple vulnerabilities.
Summary Multiple vulnerabilities were addressed in IBM Watson Machine Learning Accelerator for IBM Cloud Pak for Data. Follow the instructions in this document to address them. Vulnerability Details CVEID:CVE-2021-38291 DESCRIPTION: FFmpeg version git commit de8e6e67e7523e48bb27ac224a0b446df05e16...
EUVD-2026-6136
A vulnerability was detected in Open5GS up to 2.7.6. The affected element is the function smfgnhandlecreatepdpcontextrequest of the file /src/smf/gn-handler.c of the component SMF. The manipulation results in reachable assertion. It is possible to launch the attack remotely. The exploit is now...
CVE-2026-2523
A vulnerability was detected in Open5GS up to 2.7.6. The affected element is the function smfgnhandlecreatepdpcontextrequest of the file /src/smf/gn-handler.c of the component SMF. The manipulation results in reachable assertion. It is possible to launch the attack remotely. The exploit is now...
CVE-2026-2523
A vulnerability was detected in Open5GS up to 2.7.6. The affected element is the function smfgnhandlecreatepdpcontextrequest of the file /src/smf/gn-handler.c of the component SMF. The manipulation results in reachable assertion. It is possible to launch the attack remotely. The exploit is now...
Siemens SIMATIC S7-1500 Reachable Assertion (CVE-2024-57924)
In the Linux kernel, the following vulnerability has been resolved: fs: relax assertions on failure to encode file handles Encoding file handles is usually performed by a filesystem encodefh method that may fail for various reasons. The legacy users of exportfsencodefh, namely, nfsd and...
Siemens SIMATIC S7-1500 Reachable Assertion (CVE-2025-38701)
In the Linux kernel, the following vulnerability has been resolved: ext4: do not BUG when INLINEDATAFL lacks system.data xattr A syzbot fuzzed image triggered a BUGON in ext4updateinlinedata when an inode had the INLINEDATAFL flag set but was missing the system.data extended attribute. Since this...