Total
609 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-23565 | 1 Google | 1 Tensorflow | 2024-11-21 | 6.5 Medium |
| Tensorflow is an Open Source Machine Learning Framework. An attacker can trigger denial of service via assertion failure by altering a `SavedModel` on disk such that `AttrDef`s of some operation are duplicated. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. | ||||
| CVE-2022-23564 | 1 Google | 1 Tensorflow | 2024-11-21 | 6.5 Medium |
| Tensorflow is an Open Source Machine Learning Framework. When decoding a resource handle tensor from protobuf, a TensorFlow process can encounter cases where a `CHECK` assertion is invalidated based on user controlled arguments. This allows attackers to cause denial of services in TensorFlow processes. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. | ||||
| CVE-2022-22901 | 1 Jerryscript | 1 Jerryscript | 2024-11-21 | 5.5 Medium |
| There is an Assertion in 'context_p->next_scanner_info_p->type == SCANNER_TYPE_FUNCTION' failed at parser_parse_function_arguments in /js/js-parser.c of JerryScript commit a6ab5e9. | ||||
| CVE-2022-22892 | 1 Jerryscript | 1 Jerryscript | 2024-11-21 | 5.5 Medium |
| There is an Assertion 'ecma_is_value_undefined (value) || ecma_is_value_null (value) || ecma_is_value_boolean (value) || ecma_is_value_number (value) || ecma_is_value_string (value) || ecma_is_value_bigint (value) || ecma_is_value_symbol (value) || ecma_is_value_object (value)' failed at jerry-core/ecma/base/ecma-helpers-value.c in Jerryscripts 3.0.0. | ||||
| CVE-2022-22890 | 1 Jerryscript | 1 Jerryscript | 2024-11-21 | 5.5 Medium |
| There is an Assertion 'arguments_type != SCANNER_ARGUMENTS_PRESENT && arguments_type != SCANNER_ARGUMENTS_PRESENT_NO_REG' failed at /jerry-core/parser/js/js-scanner-util.c in Jerryscript 3.0.0. | ||||
| CVE-2022-22060 | 1 Qualcomm | 164 315 5g Iot Modem, 315 5g Iot Modem Firmware, Ar8035 and 161 more | 2024-11-21 | 7.5 High |
| Assertion occurs while processing Reconfiguration message due to improper validation | ||||
| CVE-2022-20694 | 1 Cisco | 1 Ios Xe | 2024-11-21 | 6.8 Medium |
| A vulnerability in the implementation of the Resource Public Key Infrastructure (RPKI) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the Border Gateway Protocol (BGP) process to crash, resulting in a denial of service (DoS) condition. This vulnerability is due to the incorrect handling of a specific RPKI to Router (RTR) Protocol packet header. An attacker could exploit this vulnerability by compromising the RPKI validator server and sending a specifically crafted RTR packet to an affected device. Alternatively, the attacker could use man-in-the-middle techniques to impersonate the RPKI validator server and send a crafted RTR response packet over the established RTR TCP connection to the affected device. A successful exploit could allow the attacker to cause a DoS condition because the BGP process could constantly restart and BGP routing could become unstable. | ||||
| CVE-2022-1183 | 2 Isc, Netapp | 11 Bind, H300s, H300s Firmware and 8 more | 2024-11-21 | 7.5 High |
| On vulnerable configurations, the named daemon may, in some circumstances, terminate with an assertion failure. Vulnerable configurations are those that include a reference to http within the listen-on statements in their named.conf. TLS is used by both DNS over TLS (DoT) and DNS over HTTPS (DoH), but configurations using DoT alone are unaffected. Affects BIND 9.18.0 -> 9.18.2 and version 9.19.0 of the BIND 9.19 development branch. | ||||
| CVE-2022-0865 | 5 Debian, Fedoraproject, Libtiff and 2 more | 5 Debian Linux, Fedora, Libtiff and 2 more | 2024-11-21 | 5.5 Medium |
| Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 5e180045. | ||||
| CVE-2022-0667 | 2 Isc, Netapp | 17 Bind, H300e, H300e Firmware and 14 more | 2024-11-21 | 7.5 High |
| When the vulnerability is triggered the BIND process will exit. BIND 9.18.0 | ||||
| CVE-2022-0635 | 2 Isc, Netapp | 17 Bind, H300e, H300e Firmware and 14 more | 2024-11-21 | 7.5 High |
| Versions affected: BIND 9.18.0 When a vulnerable version of named receives a series of specific queries, the named process will eventually terminate due to a failed assertion check. | ||||
| CVE-2021-46784 | 3 Debian, Redhat, Squid-cache | 5 Debian Linux, Enterprise Linux, Rhel E4s and 2 more | 2024-11-21 | 6.5 Medium |
| In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses. | ||||
| CVE-2021-46666 | 2 Mariadb, Redhat | 4 Mariadb, Enterprise Linux, Rhel Eus and 1 more | 2024-11-21 | 5.5 Medium |
| MariaDB before 10.6.2 allows an application crash because of mishandling of a pushdown from a HAVING clause to a WHERE clause. | ||||
| CVE-2021-46517 | 1 Cesanta | 1 Mjs | 2024-11-21 | 5.5 Medium |
| There is an Assertion `mjs_stack_size(&mjs->scopes) > 0' failed at src/mjs_exec.c in Cesanta MJS v2.20.0. | ||||
| CVE-2021-46515 | 1 Cesanta | 1 Mjs | 2024-11-21 | 5.5 Medium |
| There is an Assertion `mjs_stack_size(&mjs->scopes) >= scopes_len' failed at src/mjs_exec.c in Cesanta MJS v2.20.0. | ||||
| CVE-2021-46514 | 1 Cesanta | 1 Mjs | 2024-11-21 | 5.5 Medium |
| There is an Assertion 'ppos != NULL && mjs_is_number(*ppos)' failed at src/mjs_core.c in Cesanta MJS v2.20.0. | ||||
| CVE-2021-46511 | 1 Cesanta | 1 Mjs | 2024-11-21 | 5.5 Medium |
| There is an Assertion `m->len >= sizeof(v)' failed at src/mjs_core.c in Cesanta MJS v2.20.0. | ||||
| CVE-2021-46510 | 1 Cesanta | 1 Mjs | 2024-11-21 | 5.5 Medium |
| There is an Assertion `s < mjs->owned_strings.buf + mjs->owned_strings.len' failed at src/mjs_gc.c in Cesanta MJS v2.20.0. | ||||
| CVE-2021-46508 | 1 Cesanta | 1 Mjs | 2024-11-21 | 5.5 Medium |
| There is an Assertion `i < parts_cnt' failed at src/mjs_bcode.c in Cesanta MJS v2.20.0. | ||||
| CVE-2021-46506 | 1 Jsish | 1 Jsish | 2024-11-21 | 5.5 Medium |
| There is an Assertion 'v->d.lval != v' failed at src/jsiValue.c in Jsish v3.5.0. | ||||