Lucene search
+L

514 matches found

OSV
OSV
added 2026/05/11 12:30 a.m.5 views

CVE-2026-8257 WebAssembly Binaryen BrOn wasm-ir-builder.cpp makeBrOn assertion

A vulnerability was detected in WebAssembly Binaryen up to 117. This issue affects the function IRBuilder::makeBrOn of the file src/wasm/wasm-ir-builder.cpp of the component BrOn Parser. Performing a manipulation results in reachable assertion. The attack needs to be approached locally. The explo...

4.8CVSS5.2AI score0.00159EPSS
Exploits1References10
Talos
Talos
added 2026/04/27 12:0 a.m.17 views

OpenVPN TLS Crypt v2 Client Key Extraction denial of service vulnerability

Talos Vulnerability Report TALOS-2026-2381 OpenVPN TLS Crypt v2 Client Key Extraction denial of service vulnerability April 27, 2026 CVE Number CVE-2026-35058 SUMMARY A reachable assertion vulnerability exists in the TLS Crypt v2 Client Key Extraction functionality of OpenVPN 2.6.x and 2.8git. A...

7.5CVSS6.9AI score0.00815EPSS
Exploits0
Snyk
Snyk
added 2026/04/24 5:19 a.m.4 views

Reachable Assertion

Overview Affected versions of this package are vulnerable to Reachable Assertion via the forEach mutation handler. An attacker can cause the cluster-wide background controller to crash into a persistent CrashLoopBackOff and disrupt all matching resource operations by creating a specially crafted...

8.3CVSS5.5AI score0.00369EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/04/05 12:0 a.m.2 views

FreeBSD : nghttp2 -- CWE-617: Reachable Assertion (c08273b5-30e5-11f1-b9f2-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the c08273b5-30e5-11f1-b9f2-b42e991fc52e advisory. https://github.com/nghttp2/nghttp2/security/advisories/GHSA-6933-cjhr-5qg6 reports: nghttp2 is an...

7.5CVSS5.9AI score0.00775EPSS
Exploits0References3
Snyk
Snyk
added 2026/04/04 1:21 a.m.3 views

Reachable Assertion

Overview Affected versions of this package are vulnerable to Reachable Assertion via the transportflagsfromdomain function. An attacker can cause a crash of the daemon by sending a D-Bus method call with conflicting publish flags. Remediation A fix was pushed into the master branch but not yet...

6.8CVSS5.8AI score0.00203EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/03/23 12:0 a.m.5 views

Siemens SIMATIC S7-1500 Reachable Assertion (CVE-2025-38285)

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix WARN in getbpfrawtpregs syzkaller reported an issue: WARNING: CPU: 3 PID: 5971 at kernel/trace/bpftrace.c:1861 getbpfrawtpregs+0xa4/0x100 kernel/trace/bpftrace.c:1861 Modules linked in: CPU: 3 UID: 0 PID: 5971 Comm:...

5.5CVSS6AI score0.0017EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/18 8:49 p.m.6 views

Reachable Assertion

Overview Affected versions of this package are vulnerable to Reachable Assertion due to missing internal state validation after the nghttp2sessionterminatesession or nghttp2sessionterminatesession2 APIs are called. An attacker can cause the application to terminate unexpectedly by sending a...

8.7CVSS5.9AI score0.00775EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2026/03/18 12:0 a.m.6 views

nghttp2 -- CWE-617: Reachable Assertion

https://github.com/nghttp2/nghttp2/security/advisories/GHSA-6933-cjhr-5qg6 reports: nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops reading the incoming data when user facing public API nghttp2sessionterminatesessi...

7.5CVSS5.9AI score0.00775EPSS
Exploits0References1
Redos
Redos
added 2026/03/17 12:0 a.m.6 views

ROS-20260317-73-0034

A vulnerability in the populatefreespacetree function in the fs/btrfs/free-space-tree.c module of the btrfs file system of the Linux operating system kernel is associated with a reachable assertion. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS5.8AI score0.00136EPSS
Exploits0
Snyk
Snyk
added 2026/03/06 10:54 p.m.4 views

Reachable Assertion

Overview Affected versions of this package are vulnerable to Reachable Assertion in the qjs interpreter when executed with the -m option and a low memory limit. An attacker can trigger an out-of-memory condition followed by an assertion failure during runtime cleanup by providing crafted JavaScri...

7.5CVSS5.8AI score0.00284EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/06 8:57 p.m.6 views

Reachable Assertion

Overview Affected versions of this package are vulnerable to Reachable Assertion via the gcdecrefchild function in the garbage collection process when executed with the -m option. An attacker can cause the application to abort and terminate unexpectedly by providing crafted JavaScript input that...

6.8CVSS5.8AI score0.00215EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/03/02 4:53 p.m.6 views

CVE-2025-47384 Reachable Assertion in FW

Transient DOS when MAC configures config id greater than supported maximum value...

6.5CVSS5.9AI score0.00105EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/02 4:53 p.m.38 views

CVE-2025-47371 Reachable Assertion in Modem

Transient DOS when an LTE RLC packet with invalid TB is received by UE...

6.5CVSS0.00105EPSS
Exploits0References1
CVE
CVE
added 2026/03/02 4:53 p.m.21 views

CVE-2025-47371

The CVE describes a transient denial-of-service in a UE when an LTE RLC packet with an invalid TB is received by the modem. Root cause: an LTE RLC packet with an invalid TB triggers a fault in the modem’s processing. Impact is reported as transient DOS to the UE; no additional exploit details or ...

6.5CVSS5.9AI score0.00105EPSS
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/19 5:6 p.m.13 views

Security Bulletin: IBM Watson Machine Learning Accelerator for IBM Cloud Pak for Data is affected by multiple vulnerabilities.

Summary Multiple vulnerabilities were addressed in IBM Watson Machine Learning Accelerator for IBM Cloud Pak for Data. Follow the instructions in this document to address them. Vulnerability Details CVEID:CVE-2021-38291 DESCRIPTION: FFmpeg version git commit de8e6e67e7523e48bb27ac224a0b446df05e16...

9.8CVSS6.6AI score0.02772EPSS
Exploits5Affected Software1
EUVD
EUVD
added 2026/02/16 3:30 a.m.10 views

EUVD-2026-6136

A vulnerability was detected in Open5GS up to 2.7.6. The affected element is the function smfgnhandlecreatepdpcontextrequest of the file /src/smf/gn-handler.c of the component SMF. The manipulation results in reachable assertion. It is possible to launch the attack remotely. The exploit is now...

7.5CVSS5.2AI score0.0052EPSS
Exploits1References7
NVD
NVD
added 2026/02/16 1:15 a.m.7 views

CVE-2026-2523

A vulnerability was detected in Open5GS up to 2.7.6. The affected element is the function smfgnhandlecreatepdpcontextrequest of the file /src/smf/gn-handler.c of the component SMF. The manipulation results in reachable assertion. It is possible to launch the attack remotely. The exploit is now...

7.5CVSS0.0052EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2026/02/16 12:2 a.m.6 views

CVE-2026-2523

A vulnerability was detected in Open5GS up to 2.7.6. The affected element is the function smfgnhandlecreatepdpcontextrequest of the file /src/smf/gn-handler.c of the component SMF. The manipulation results in reachable assertion. It is possible to launch the attack remotely. The exploit is now...

6.9CVSS5.2AI score0.0052EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2026/02/16 12:0 a.m.4 views

Siemens SIMATIC S7-1500 Reachable Assertion (CVE-2024-57924)

In the Linux kernel, the following vulnerability has been resolved: fs: relax assertions on failure to encode file handles Encoding file handles is usually performed by a filesystem encodefh method that may fail for various reasons. The legacy users of exportfsencodefh, namely, nfsd and...

5.5CVSS5.3AI score0.002EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/02/16 12:0 a.m.6 views

Siemens SIMATIC S7-1500 Reachable Assertion (CVE-2025-38701)

In the Linux kernel, the following vulnerability has been resolved: ext4: do not BUG when INLINEDATAFL lacks system.data xattr A syzbot fuzzed image triggered a BUGON in ext4updateinlinedata when an inode had the INLINEDATAFL flag set but was missing the system.data extended attribute. Since this...

5.5CVSS6.5AI score0.00165EPSS
Exploits0References2
Rows per page
Query Builder