Total
457 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-33041 | 1 Qualcomm | 254 Ar8035, Ar8035 Firmware, Csr8811 and 251 more | 2024-04-12 | N/A | 7.5 HIGH |
Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids. | |||||
CVE-2023-33096 | 2024-04-12 | N/A | 7.5 HIGH | ||
Transient DOS while processing DL NAS Transport message, as specified in 3GPP 24.501 v16. | |||||
CVE-2023-33095 | 2024-04-12 | N/A | 7.5 HIGH | ||
Transient DOS while processing multiple payload container type with incorrect container length received in DL NAS transport OTA in NR. | |||||
CVE-2023-40462 | 2 Debian, Sierrawireless | 9 Debian Linux, Aleos, Es450 and 6 more | 2024-02-28 | N/A | 7.5 HIGH |
The ACEManager component of ALEOS 4.16 and earlier does not perform input sanitization during authentication, which could potentially result in a Denial of Service (DoS) condition for ACEManager without impairing other router functions. ACEManager recovers from the DoS condition by restarting within ten seconds of becoming unavailable. | |||||
CVE-2023-34194 | 1 Tinyxml Project | 1 Tinyxml | 2024-02-28 | N/A | 7.5 HIGH |
StringEqual in TiXmlDeclaration::Parse in tinyxmlparser.cpp in TinyXML through 2.6.2 has a reachable assertion (and application exit) via a crafted XML document with a '\0' located after whitespace. | |||||
CVE-2023-32845 | 1 Mediatek | 36 Mt2735, Mt2737, Mt6297 and 33 more | 2024-02-28 | N/A | 7.5 HIGH |
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01139296 (MSV-860). | |||||
CVE-2023-49286 | 1 Squid-cache | 1 Squid | 2024-02-28 | N/A | 7.5 HIGH |
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
CVE-2023-32846 | 1 Mediatek | 36 Mt2735, Mt2737, Mt6297 and 33 more | 2024-02-28 | N/A | 7.5 HIGH |
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01138453 (MSV-861). | |||||
CVE-2023-32843 | 1 Mediatek | 36 Mt2735, Mt2737, Mt6297 and 33 more | 2024-02-28 | N/A | 7.5 HIGH |
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130204; Issue ID: MOLY01130204 (MSV-849). | |||||
CVE-2023-32842 | 1 Mediatek | 36 Mt2735, Mt2737, Mt6297 and 33 more | 2024-02-28 | N/A | 7.5 HIGH |
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130256; Issue ID: MOLY01130256 (MSV-848). | |||||
CVE-2024-25445 | 1 Hugin Project | 1 Hugin | 2024-02-28 | N/A | 7.8 HIGH |
Improper handling of values in HuginBase::PTools::Transform::transform of Hugin 2022.0.0 leads to an assertion failure. | |||||
CVE-2023-32841 | 1 Mediatek | 36 Mt2735, Mt2737, Mt6297 and 33 more | 2024-02-28 | N/A | 7.5 HIGH |
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01128524 (MSV-846). | |||||
CVE-2023-32844 | 1 Mediatek | 36 Mt2735, Mt2737, Mt6297 and 33 more | 2024-02-28 | N/A | 7.5 HIGH |
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01130183 (MSV-850). | |||||
CVE-2023-4236 | 4 Debian, Fedoraproject, Isc and 1 more | 13 Debian Linux, Fedora, Bind and 10 more | 2024-02-28 | N/A | 7.5 HIGH |
A flaw in the networking code handling DNS-over-TLS queries may cause `named` to terminate unexpectedly due to an assertion failure. This happens when internal data structures are incorrectly reused under significant DNS-over-TLS query load. This issue affects BIND 9 versions 9.18.0 through 9.18.18 and 9.18.11-S1 through 9.18.18-S1. | |||||
CVE-2023-38469 | 2 Avahi, Redhat | 2 Avahi, Enterprise Linux | 2024-02-28 | N/A | 5.5 MEDIUM |
A vulnerability was found in Avahi, where a reachable assertion exists in avahi_dns_packet_append_record. | |||||
CVE-2022-35205 | 1 Gnu | 1 Binutils | 2024-02-28 | N/A | 5.5 MEDIUM |
An issue was discovered in Binutils readelf 2.38.50, reachable assertion failure in function display_debug_names allows attackers to cause a denial of service. | |||||
CVE-2023-37836 | 1 Jpeg | 1 Libjpeg | 2024-02-28 | N/A | 6.5 MEDIUM |
libjpeg commit db33a6e was discovered to contain a reachable assertion via BitMapHook::BitMapHook at bitmaphook.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file. | |||||
CVE-2021-46179 | 1 Upx Project | 1 Upx | 2024-02-28 | N/A | 6.5 MEDIUM |
Reachable Assertion vulnerability in upx before 4.0.0 allows attackers to cause a denial of service via crafted file passed to the the readx function. | |||||
CVE-2023-44175 | 1 Juniper | 2 Junos, Junos Os Evolved | 2024-02-28 | N/A | 7.5 HIGH |
A Reachable Assertion vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows to send specific genuine PIM packets to the device resulting in rpd to crash causing a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. Note: This issue is not noticed when all the devices in the network are Juniper devices. This issue affects Juniper Networks: Junos OS: * All versions prior to 20.4R3-S7; * 21.2 versions prior to 21.2R3-S5; * 21.3 versions prior to 21.3R3-S4; * 21.4 versions prior to 21.4R3-S4; * 22.1 versions prior to 22.1R3-S4; * 22.2 versions prior to 22.2R3; * 22.3 versions prior to 22.3R3; * 22.4 versions prior to 22.4R3. Junos OS Evolved: * All versions prior to 22.3R3-EVO; * 22.4-EVO versions prior to 22.4R3-EVO; * 23.2-EVO versions prior to 23.2R1-EVO. | |||||
CVE-2021-31294 | 1 Redis | 1 Redis | 2024-02-28 | N/A | 5.9 MEDIUM |
Redis before 6cbea7d allows a replica to cause an assertion failure in a primary server by sending a non-administrative command (specifically, a SET command). NOTE: this was fixed for Redis 6.2.x and 7.x in 2021. Versions before 6.2 were not intended to have safety guarantees related to this. |