Total
430 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-3431 | 1 Zephyrproject | 1 Zephyr | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| Assertion reachable with repeated LL_FEATURE_REQ. Zephyr versions >= v2.5.0 contain Reachable Assertion (CWE-617). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7548-5m6f-mqv9 | |||||
| CVE-2022-33024 | 1 Gnu | 1 Libredwg | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| There is an Assertion `int decode_preR13_entities(BITCODE_RL, BITCODE_RL, unsigned int, BITCODE_RL, BITCODE_RL, Bit_Chain *, Dwg_Data *' failed at dwg2dxf: decode.c:5801 in libredwg v0.12.4.4608. | |||||
| CVE-2021-30340 | 1 Qualcomm | 106 Ar8035, Ar8035 Firmware, Qca6390 and 103 more | 2024-02-04 | 7.8 HIGH | 7.5 HIGH |
| Reachable assertion due to improper validation of coreset in PDCCH configuration in SA mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2022-31100 | 1 Pomsky-lang | 1 Pomsky | 2024-02-04 | 4.0 MEDIUM | 6.5 MEDIUM |
| rulex is a new, portable, regular expression language. When parsing untrusted rulex expressions, rulex may crash, possibly enabling a Denial of Service attack. This happens when the expression contains a multi-byte UTF-8 code point in a string literal or after a backslash, because rulex tries to slice into the code point and panics as a result. This is a security concern for you, if your service parses untrusted rulex expressions (expressions provided by an untrusted user), and your service becomes unavailable when the thread running rulex panics. The crashes are fixed in version **0.4.3**. Affected users are advised to update to this version. The only known workaround for this issue is to assume that regular expression parsing will panic and to add logic to catch panics. | |||||
| CVE-2021-45386 | 1 Broadcom | 1 Tcpreplay | 2024-02-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv6() at tree.c | |||||
| CVE-2022-31651 | 1 Sox Project | 1 Sox | 2024-02-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| In SoX 14.4.2, there is an assertion failure in rate_init in rate.c in libsox.a. | |||||
| CVE-2022-33069 | 1 Soliditylang | 1 Solidity | 2024-02-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| Ethereum Solidity v0.8.14 contains an assertion failure via SMTEncoder::indexOrMemberAssignment() at SMTEncoder.cpp. | |||||
| CVE-2021-35101 | 1 Qualcomm | 48 Aqt1000, Aqt1000 Firmware, Qca6390 and 45 more | 2024-02-04 | 4.9 MEDIUM | 6.5 MEDIUM |
| Improper handling of writes to virtual GICR control can lead to assertion failure in the hypervisor in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile | |||||
| CVE-2022-27939 | 2 Broadcom, Fedoraproject | 2 Tcpreplay, Fedora | 2024-02-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| tcprewrite in Tcpreplay 4.4.1 has a reachable assertion in get_layer4_v6 in common/get.c. | |||||
| CVE-2022-0865 | 4 Debian, Fedoraproject, Libtiff and 1 more | 4 Debian Linux, Fedora, Libtiff and 1 more | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
| Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 5e180045. | |||||
| CVE-2022-27382 | 1 Mariadb | 1 Mariadb | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component Item_field::used_tables/update_depend_map_for_order. | |||||
| CVE-2021-30329 | 1 Qualcomm | 106 Ar8035, Ar8035 Firmware, Qca6390 and 103 more | 2024-02-04 | 7.8 HIGH | 7.5 HIGH |
| Possible assertion due to improper validation of TCI configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2022-0667 | 2 Isc, Netapp | 17 Bind, Baseboard Management Controller H300e, Baseboard Management Controller H300e Firmware and 14 more | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| When the vulnerability is triggered the BIND process will exit. BIND 9.18.0 | |||||
| CVE-2022-34000 | 1 Libjxl Project | 1 Libjxl | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
| libjxl 0.6.1 has an assertion failure in LowMemoryRenderPipeline::Init() in render_pipeline/low_memory_render_pipeline.cc. | |||||
| CVE-2021-46511 | 1 Cesanta | 1 Mjs | 2024-02-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| There is an Assertion `m->len >= sizeof(v)' failed at src/mjs_core.c in Cesanta MJS v2.20.0. | |||||
| CVE-2021-46339 | 1 Jerryscript | 1 Jerryscript | 2024-02-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| There is an Assertion 'lit_is_valid_cesu8_string (string_p, string_size)' failed at /base/ecma-helpers-string.c(ecma_new_ecma_string_from_utf8) in JerryScript 3.0.0. | |||||
| CVE-2021-46344 | 1 Jerryscript | 1 Jerryscript | 2024-02-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| There is an Assertion 'flags & PARSER_PATTERN_HAS_REST_ELEMENT' failed at /jerry-core/parser/js/js-parser-expr.c in JerryScript 3.0.0. | |||||
| CVE-2021-46517 | 1 Cesanta | 1 Mjs | 2024-02-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| There is an Assertion `mjs_stack_size(&mjs->scopes) > 0' failed at src/mjs_exec.c in Cesanta MJS v2.20.0. | |||||
| CVE-2021-46336 | 1 Jerryscript | 1 Jerryscript | 2024-02-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| There is an Assertion 'opts & PARSER_CLASS_LITERAL_CTOR_PRESENT' failed at /parser/js/js-parser-expr.c(parser_parse_class_body) in JerryScript 3.0.0. | |||||
| CVE-2021-46340 | 1 Jerryscript | 1 Jerryscript | 2024-02-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| There is an Assertion 'context_p->stack_top_uint8 == SCAN_STACK_TRY_STATEMENT || context_p->stack_top_uint8 == SCAN_STACK_CATCH_STATEMENT' failed at /parser/js/js-scanner.c(scanner_scan_statement_end) in JerryScript 3.0.0. | |||||