Total
455 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2020-36420 | 1 Polipo Project | 1 Polipo | 2024-06-26 | 7.5 High |
Polipo through 1.1.1, when NDEBUG is omitted, allows denial of service via a reachable assertion during parsing of a malformed Range header. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | ||||
CVE-2024-3567 | 2 Qemu, Redhat | 2 Qemu, Enterprise Linux | 2024-06-11 | 5.5 Medium |
A flaw was found in QEMU. An assertion failure was present in the update_sctp_checksum() function in hw/net/net_tx_pkt.c when trying to calculate the checksum of a short-sized fragmented packet. This flaw allows a malicious guest to crash QEMU and cause a denial of service condition. | ||||
CVE-2024-33601 | 2024-06-10 | N/A | ||
nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary. | ||||
CVE-2024-32475 | 2024-06-04 | 7.5 High | ||
Envoy is a cloud-native, open source edge and service proxy. When an upstream TLS cluster is used with `auto_sni` enabled, a request containing a `host`/`:authority` header longer than 255 characters triggers an abnormal termination of Envoy process. Envoy does not gracefully handle an error when setting SNI for outbound TLS connection. The error can occur when Envoy attempts to use the `host`/`:authority` header value longer than 255 characters as SNI for outbound TLS connection. SNI length is limited to 255 characters per the standard. Envoy always expects this operation to succeed and abnormally aborts the process when it fails. This vulnerability is fixed in 1.30.1, 1.29.4, 1.28.3, and 1.27.5. | ||||
CVE-2024-3374 | 2024-06-04 | 5.3 Medium | ||
An unauthenticated user can trigger a fatal assertion in the server while generating ftdc diagnostic metrics due to attempting to build a BSON object that exceeds certain memory sizes. This issue affects MongoDB Server v5.0 versions prior to and including 5.0.16 and MongoDB Server v6.0 versions prior to and including 6.0.5. | ||||
CVE-2023-43529 | 2024-06-04 | 7.5 High | ||
Transient DOS while processing IKEv2 Informational request messages, when a malformed fragment packet is received. | ||||
CVE-2023-24843 | 1 Qualcomm | 132 315 5g Iot Modem, 315 5g Iot Modem Firmware, Ar8035 and 129 more | 2024-06-04 | 7.5 High |
Transient DOS in Modem while triggering a camping on an 5G cell. | ||||
CVE-2023-21653 | 1 Qualcomm | 20 Ar8035, Ar8035 Firmware, Qca8081 and 17 more | 2024-06-04 | 7.5 High |
Transient DOS in Modem while processing RRC reconfiguration message. | ||||
CVE-2023-21646 | 1 Qualcomm | 108 Ar8035, Ar8035 Firmware, Qca6390 and 105 more | 2024-06-04 | 7.5 High |
Transient DOS in Modem while processing invalid System Information Block 1. | ||||
CVE-2022-33250 | 1 Qualcomm | 130 Ar8035, Ar8035 Firmware, Qca6390 and 127 more | 2024-06-04 | 7.5 High |
Transient DOS due to reachable assertion in modem when network repeatedly sent invalid message container for NR to LTE handover. | ||||
CVE-2022-33244 | 1 Qualcomm | 78 Ar8035, Ar8035 Firmware, Qca6391 and 75 more | 2024-06-04 | 7.5 High |
Transient DOS due to reachable assertion in modem during MIB reception and SIB timeout | ||||
CVE-2022-33254 | 1 Qualcomm | 128 Aqt1000, Aqt1000 Firmware, Ar8035 and 125 more | 2024-06-04 | 7.5 High |
Transient DOS due to reachable assertion in Modem while processing SIB1 Message. | ||||
CVE-2022-40538 | 1 Qualcomm | 26 Ar8035, Ar8035 Firmware, Qca8081 and 23 more | 2024-06-04 | 7.5 High |
Transient DOS due to reachable assertion in modem while processing sib with incorrect values from network. | ||||
CVE-2022-40527 | 1 Qualcomm | 198 Ar8035, Ar8035 Firmware, Csr8811 and 195 more | 2024-06-04 | 7.5 High |
Transient DOS due to reachable assertion in WLAN while processing PEER ID populated by TQM. | ||||
CVE-2019-25041 | 2 Debian, Nlnetlabs | 2 Debian Linux, Unbound | 2024-05-17 | 7.5 High |
Unbound before 1.9.5 allows an assertion failure via a compressed name in dname_pkt_copy. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited | ||||
CVE-2019-25037 | 2 Debian, Nlnetlabs | 2 Debian Linux, Unbound | 2024-05-17 | 7.5 High |
Unbound before 1.9.5 allows an assertion failure and denial of service in dname_pkt_copy via an invalid packet. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited | ||||
CVE-2019-25036 | 2 Debian, Nlnetlabs | 2 Debian Linux, Unbound | 2024-05-17 | 7.5 High |
Unbound before 1.9.5 allows an assertion failure and denial of service in synth_cname. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited | ||||
CVE-2018-7714 | 1 Opencv | 1 Opencv | 2024-05-17 | N/A |
The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service (assertion failure) because (pixels <= (1<<30)) may be false. Note: “OpenCV CV_Assert is not an assertion (C-like assert()), it is regular C++ exception which can raised in case of invalid or non-supported parameters. | ||||
CVE-2018-7713 | 1 Opencv | 1 Opencv | 2024-05-17 | N/A |
The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service (assertion failure) because (size.width <= (1<<20)) may be false. Note: “OpenCV CV_Assert is not an assertion (C-like assert()), it is regular C++ exception which can raised in case of invalid or non-supported parameters. | ||||
CVE-2018-7712 | 1 Opencv | 1 Opencv | 2024-05-17 | N/A |
The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service (assertion failure) because (size.height <= (1<<20)) may be false. Note: “OpenCV CV_Assert is not an assertion (C-like assert()), it is regular C++ exception which can raised in case of invalid or non-supported parameters. |