Total
442 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-33096 | 2024-04-12 | N/A | 7.5 HIGH | ||
Transient DOS while processing DL NAS Transport message, as specified in 3GPP 24.501 v16. | |||||
CVE-2023-33095 | 2024-04-12 | N/A | 7.5 HIGH | ||
Transient DOS while processing multiple payload container type with incorrect container length received in DL NAS transport OTA in NR. | |||||
CVE-2020-36420 | 1 Polipo Project | 1 Polipo | 2024-04-11 | 4.3 MEDIUM | 7.5 HIGH |
Polipo through 1.1.1, when NDEBUG is omitted, allows denial of service via a reachable assertion during parsing of a malformed Range header. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | |||||
CVE-2019-25041 | 2 Debian, Nlnetlabs | 2 Debian Linux, Unbound | 2024-04-11 | 5.0 MEDIUM | 7.5 HIGH |
Unbound before 1.9.5 allows an assertion failure via a compressed name in dname_pkt_copy. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited | |||||
CVE-2019-25037 | 2 Debian, Nlnetlabs | 2 Debian Linux, Unbound | 2024-04-11 | 5.0 MEDIUM | 7.5 HIGH |
Unbound before 1.9.5 allows an assertion failure and denial of service in dname_pkt_copy via an invalid packet. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited | |||||
CVE-2019-25036 | 2 Debian, Nlnetlabs | 2 Debian Linux, Unbound | 2024-04-11 | 5.0 MEDIUM | 7.5 HIGH |
Unbound before 1.9.5 allows an assertion failure and denial of service in synth_cname. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited | |||||
CVE-2018-7714 | 1 Opencv | 1 Opencv | 2024-04-11 | 5.0 MEDIUM | 7.5 HIGH |
The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service (assertion failure) because (pixels <= (1<<30)) may be false. Note: “OpenCV CV_Assert is not an assertion (C-like assert()), it is regular C++ exception which can raised in case of invalid or non-supported parameters. | |||||
CVE-2018-7713 | 1 Opencv | 1 Opencv | 2024-04-11 | 5.0 MEDIUM | 7.5 HIGH |
The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service (assertion failure) because (size.width <= (1<<20)) may be false. Note: “OpenCV CV_Assert is not an assertion (C-like assert()), it is regular C++ exception which can raised in case of invalid or non-supported parameters. | |||||
CVE-2018-7712 | 1 Opencv | 1 Opencv | 2024-04-11 | 5.0 MEDIUM | 7.5 HIGH |
The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service (assertion failure) because (size.height <= (1<<20)) may be false. Note: “OpenCV CV_Assert is not an assertion (C-like assert()), it is regular C++ exception which can raised in case of invalid or non-supported parameters. | |||||
CVE-2018-17231 | 1 Telegram | 1 Telegram Desktop | 2024-04-11 | 5.0 MEDIUM | 7.5 HIGH |
Telegram Desktop (aka tdesktop) 1.3.14 might allow attackers to cause a denial of service (assertion failure and application exit) via an "Edit color palette" search that triggers an "index out of range" condition. NOTE: this issue is disputed by multiple third parties because the described attack scenario does not cross a privilege boundary | |||||
CVE-2024-3567 | 2024-04-10 | N/A | 5.5 MEDIUM | ||
A flaw was found in QEMU. An assertion failure was present in the update_sctp_checksum() function in hw/net/net_tx_pkt.c when trying to calculate the checksum of a short-sized fragmented packet. This flaw allows a malicious guest to crash QEMU and cause a denial of service condition. | |||||
CVE-2024-25445 | 1 Hugin Project | 1 Hugin | 2024-02-20 | N/A | 7.8 HIGH |
Improper handling of values in HuginBase::PTools::Transform::transform of Hugin 2022.0.0 leads to an assertion failure. | |||||
CVE-2006-4574 | 1 Wireshark | 1 Wireshark | 2024-02-15 | 5.0 MEDIUM | 7.5 HIGH |
Off-by-one error in the MIME Multipart dissector in Wireshark (formerly Ethereal) 0.10.1 through 0.99.3 allows remote attackers to cause a denial of service (crash) via certain vectors that trigger an assertion error related to unexpected length values. | |||||
CVE-2006-4095 | 3 Apple, Canonical, Isc | 4 Mac Os X, Mac Os X Server, Ubuntu Linux and 1 more | 2024-02-15 | 5.0 MEDIUM | 7.5 HIGH |
BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned. | |||||
CVE-2022-22901 | 1 Jerryscript | 1 Jerryscript | 2024-02-14 | 4.3 MEDIUM | 5.5 MEDIUM |
There is an Assertion in 'context_p->next_scanner_info_p->type == SCANNER_TYPE_FUNCTION' failed at parser_parse_function_arguments in /js/js-parser.c of JerryScript commit a6ab5e9. | |||||
CVE-2006-6767 | 1 Time-travellers | 1 Oftpd | 2024-02-10 | 9.4 HIGH | 7.5 HIGH |
oftpd before 0.3.7 allows remote attackers to cause a denial of service (daemon abort) via a (1) LPRT or (2) LPASV command with an unsupported address family, which triggers an assertion failure. | |||||
CVE-2006-6811 | 2 Canonical, Kde | 2 Ubuntu Linux, Ksirc | 2024-02-08 | 4.3 MEDIUM | 6.5 MEDIUM |
KsIRC 1.3.12 allows remote attackers to cause a denial of service (crash) via a long PRIVMSG string when connecting to an Internet Relay Chat (IRC) server, which causes an assertion failure and results in a NULL pointer dereference. NOTE: this issue was originally reported as a buffer overflow. | |||||
CVE-2006-5779 | 2 Canonical, Openldap | 2 Ubuntu Linux, Openldap | 2024-02-08 | 5.0 MEDIUM | 7.5 HIGH |
OpenLDAP before 2.3.29 allows remote attackers to cause a denial of service (daemon crash) via LDAP BIND requests with long authcid names, which triggers an assertion failure. | |||||
CVE-2023-2156 | 4 Debian, Fedoraproject, Linux and 1 more | 4 Debian Linux, Fedora, Linux Kernel and 1 more | 2024-02-03 | N/A | 7.5 HIGH |
A flaw was found in the networking subsystem of the Linux kernel within the handling of the RPL protocol. This issue results from the lack of proper handling of user-supplied data, which can lead to an assertion failure. This may allow an unauthenticated remote attacker to create a denial of service condition on the system. | |||||
CVE-2023-40462 | 2 Debian, Sierrawireless | 9 Debian Linux, Aleos, Es450 and 6 more | 2024-02-02 | N/A | 7.5 HIGH |
The ACEManager component of ALEOS 4.16 and earlier does not perform input sanitization during authentication, which could potentially result in a Denial of Service (DoS) condition for ACEManager without impairing other router functions. ACEManager recovers from the DoS condition by restarting within ten seconds of becoming unavailable. |