514 matches found
Reachable Assertion
Overview Affected versions of this package are vulnerable to Reachable Assertion in the checkType function. An attacker can cause the client to panic and terminate unexpectedly by providing invalid TUF metadata which is valid JSON. The vulnerable parsing happens before signature validation, so a...
Reachable Assertion
Overview Affected versions of this package are vulnerable to Reachable Assertion in the checkType function. An attacker can cause the client to panic and terminate unexpectedly by providing invalid TUF metadata which is valid JSON. The vulnerable parsing happens before signature validation, so a...
CVE-2025-15531
A vulnerability was identified in Open5GS up to 2.7.5. This vulnerability affects the function sgwcbeareradd of the file src/sgwc/context.c. The manipulation leads to reachable assertion. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The...
EUVD-2026-3136
A vulnerability was identified in Open5GS up to 2.7.5. This vulnerability affects the function sgwcbeareradd of the file src/sgwc/context.c. The manipulation leads to reachable assertion. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The...
CVE-2025-15531 Open5GS context.c sgwc_bearer_add assertion
A vulnerability was identified in Open5GS up to 2.7.5. This vulnerability affects the function sgwcbeareradd of the file src/sgwc/context.c. The manipulation leads to reachable assertion. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The...
CVE-2025-15531
A vulnerability was identified in Open5GS up to 2.7.5. This vulnerability affects the function sgwcbeareradd of the file src/sgwc/context.c. The manipulation leads to reachable assertion. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The...
SUSE-SU-2026:0143-1 Security update for avahi
This update for avahi fixes the following issues: - CVE-2025-68276: avahi: reachable assertion in avahiwideareascancache can lead to crash of avahi-daemon bsc1256498. - CVE-2025-68468: avahi: reachable assertion in lookupmulticastcallback can lead to crash of avahi-daemon bsc1256499. -...
CVE-2025-15530
A vulnerability was determined in Open5GS up to 2.7.6. This affects the function sgwcs11handlecreateindirectdataforwardingtunnelrequest of the file /src/sgwc/s11-handler.c. Executing a manipulation can lead to reachable assertion. The attack can be executed remotely. The exploit has been publicly...
PT-2026-3362
A vulnerability was identified in Open5GS up to 2.7.5. This vulnerability affects the function sgwc bearer add of the file src/sgwc/context.c. The manipulation leads to reachable assertion. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The...
Avahi has a reachable assertion in lookup_start
...
Avahi has a reachable assertion in lookup_multicast_callback
...
Avahi has a reachable assertion in avahi_wide_area_scan_cache
...
Reachable Assertion
Overview Affected versions of this package are vulnerable to Reachable Assertion in the lookupmulticastcallback function. An attacker can cause a crash by sending unsolicited announcements containing CNAME resource records that point to resource records with short TTLs, which, upon expiration,...
Reachable Assertion
Overview Affected versions of this package are vulnerable to Reachable Assertion via the avahiwideareascancache process. An attacker can cause a crash of the daemon by sending crafted D-Bus requests that create record browsers with the AVAHILOOKUPUSEWIDEAREA flag set. Remediation A fix was pushed...
Reachable Assertion
Overview Affected versions of this package are vulnerable to Reachable Assertion in the lookupstart process. An attacker can cause a crash of the daemon by sending two unsolicited announcements containing CNAME resource records two seconds apart. Remediation A fix was pushed into the master branc...
CVE-2025-68468 Avahi has a reachable assertion in lookup_multicast_callback
Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, avahi-daemon can be crashed by sending unsolicited announcements containing CNAME resource records pointing it to resource records with short TTLs. As soon as they...
ROS-20260112-7364
A vulnerability in the closureputaftersub function of the drivers/md/bcache/closure.c module of the Linux operating system kernel involves an uncontrolled reachable assertion. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
PT-2025-53699
Name of the Vulnerable Software and Affected Versions Open5GS versions through 2.7.5 Description A flaw exists in Open5GS affecting the decode ipv6 header/ogs pfcp pdr rule find by packet function within the lib/pfcp/rule-match.c file of the PFCP Session Establishment Request Handler component...
UBUNTU-CVE-2025-34458
wb2osz/direwolf Dire Wolf versions up to and including 1.8, prior to commit 3658a87, contain a reachable assertion vulnerability in the APRS MIC-E decoder function aprsmice located in src/decodeaprs.c. When processing a specially crafted AX.25 frame containing a MIC-E message with an empty or...
EUVD-2025-204569
A vulnerability has been found in Open5GS up to 2.7.5. Affected is the function ogspfcppdrfindoradd/ogspfcpfarfindoradd/ogspfcpurrfindoradd/ogspfcpqerfindoradd in the library lib/pfcp/context.c of the component QER/FAR/URR/PDR. The manipulation leads to reachable assertion. It is possible to...