Total
547 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-22919 | 2025-02-19 | N/A | 6.5 MEDIUM | ||
| A reachable assertion in FFmpeg git-master commit N-113007-g8d24a28d06 allows attackers to cause a Denial of Service (DoS) via opening a crafted AAC file. | |||||
| CVE-2023-40462 | 2 Debian, Sierrawireless | 9 Debian Linux, Aleos, Es450 and 6 more | 2025-02-13 | N/A | 7.5 HIGH |
| The ACEManager component of ALEOS 4.16 and earlier does not perform input sanitization during authentication, which could potentially result in a Denial of Service (DoS) condition for ACEManager without impairing other router functions. ACEManager recovers from the DoS condition by restarting within ten seconds of becoming unavailable. | |||||
| CVE-2023-29935 | 1 Llvm | 1 Llvm | 2025-01-29 | N/A | 5.5 MEDIUM |
| llvm-project commit a0138390 was discovered to contain an assertion failure at !replacements.count(op) && "operation was already replaced. | |||||
| CVE-2023-37029 | 1 Linuxfoundation | 1 Magma | 2025-01-27 | N/A | 7.5 HIGH |
| Magma versions <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) are susceptible to an assertion-based crash when an oversized NAS packet is received. An attacker may leverage this behavior to repeatedly crash the MME via either a compromised base station or via an unauthenticated cellphone within range of a base station managed by the MME, causing a denial of service. | |||||
| CVE-2023-31919 | 1 Jerryscript | 1 Jerryscript | 2025-01-24 | N/A | 5.5 MEDIUM |
| Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the jcontext_raise_exception at jerry-core/jcontext/jcontext.c. | |||||
| CVE-2023-31918 | 1 Jerryscript | 1 Jerryscript | 2025-01-24 | N/A | 5.5 MEDIUM |
| Jerryscript 3.0 (commit 1a2c047) was discovered to contain an Assertion Failure via the parser_parse_function_arguments at jerry-core/parser/js/js-parser.c. | |||||
| CVE-2023-31913 | 1 Jerryscript | 1 Jerryscript | 2025-01-24 | N/A | 5.5 MEDIUM |
| Jerryscript 3.0 *commit 1a2c047) was discovered to contain an Assertion Failure via the component parser_parse_class at jerry-core/parser/js/js-parser-expr.c. | |||||
| CVE-2024-24427 | 1 Open5gs | 1 Open5gs | 2025-01-24 | N/A | 7.5 HIGH |
| A reachable assertion in the amf_ue_set_suci function of Open5GS <= 2.6.4 allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet. | |||||
| CVE-2024-24428 | 1 Open5gs | 1 Open5gs | 2025-01-24 | N/A | 7.5 HIGH |
| A reachable assertion in the oai_nas_5gmm_decode function of Open5GS <= 2.6.4 allows attackers to cause a Denial of Service (DoS) via a crafted NGAP packet. | |||||
| CVE-2023-31916 | 1 Jerryscript | 1 Jerryscript | 2025-01-24 | N/A | 5.5 MEDIUM |
| Jerryscript 3.0 (commit 1a2c047) was discovered to contain an Assertion Failure via the jmem_heap_finalize at jerry-core/jmem/jmem-heap.c. | |||||
| CVE-2023-31921 | 1 Jerryscript | 1 Jerryscript | 2025-01-24 | N/A | 5.5 MEDIUM |
| Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the ecma_big_uint_div_mod at jerry-core/ecma/operations/ecma-big-uint.c. | |||||
| CVE-2023-31920 | 1 Jerryscript | 1 Jerryscript | 2025-01-24 | N/A | 5.5 MEDIUM |
| Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the vm_loop at jerry-core/vm/vm.c. | |||||
| CVE-2023-37024 | 2025-01-23 | N/A | 7.5 HIGH | ||
| A reachable assertion in the Mobile Management Entity (MME) of Magma versions <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows remote attackers to crash the MME with an unauthenticated cellphone by sending a NAS packet containing an `Emergency Number List` Information Element. | |||||
| CVE-2023-23759 | 1 Facebook | 1 Fizz | 2025-01-21 | N/A | 7.5 HIGH |
| There is a vulnerability in the fizz library prior to v2023.01.30.00 where a CHECK failure can be triggered remotely. This behavior requires the client supported cipher advertisement changing between the original ClientHello and the second ClientHello, crashing the process (impact is limited to denial of service). | |||||
| CVE-2023-43529 | 1 Qualcomm | 322 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 319 more | 2025-01-15 | N/A | 7.5 HIGH |
| Transient DOS while processing IKEv2 Informational request messages, when a malformed fragment packet is received. | |||||
| CVE-2023-33096 | 1 Qualcomm | 204 315 5g Iot Modem, 315 5g Iot Modem Firmware, Ar8035 and 201 more | 2025-01-10 | N/A | 7.5 HIGH |
| Transient DOS while processing DL NAS Transport message, as specified in 3GPP 24.501 v16. | |||||
| CVE-2023-33095 | 1 Qualcomm | 204 315 5g Iot Modem, 315 5g Iot Modem Firmware, Ar8035 and 201 more | 2025-01-10 | N/A | 7.5 HIGH |
| Transient DOS while processing multiple payload container type with incorrect container length received in DL NAS transport OTA in NR. | |||||
| CVE-2024-56783 | 1 Linux | 1 Linux Kernel | 2025-01-09 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_socket: remove WARN_ON_ONCE on maximum cgroup level cgroup maximum depth is INT_MAX by default, there is a cgroup toggle to restrict this maximum depth to a more reasonable value not to harm performance. Remove unnecessary WARN_ON_ONCE which is reachable from userspace. | |||||
| CVE-2023-34867 | 1 Jerryscript | 1 Jerryscript | 2025-01-03 | N/A | 7.5 HIGH |
| Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the ecma_property_hashmap_create at jerry-core/ecma/base/ecma-property-hashmap.c. | |||||
| CVE-2023-34868 | 1 Jerryscript | 1 Jerryscript | 2025-01-02 | N/A | 7.5 HIGH |
| Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the parser_parse_for_statement_start at jerry-core/parser/js/js-parser-statm.c. | |||||