CVEbaza.plSłownik CWECWE-617
Common Weakness Enumeration

CWE-617

Reachable Assertion

Kategoria: BaseCVE: 872
Opis

Produkt zawiera instrukcję assert() lub podobną instrukcję, którą atakujący może wywołać, prowadząc do wyjścia aplikacji lub innego zachowania bardziej poważnego niż to konieczne. Ta luka umożliwia wznowienie ataku poprzez bezpośrednie wyzwolenie warunku asercji.

Description (EN)

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

Podatności CVE z CWE-617 (872)
10.0
CVSS
CRITICAL
CVE-2026-24826

W bibliotece graficznej turso3d (projekt cadaver) zidentyfikowano kilka krytycznych podatności związanych z zarządzaniem pamięcią i błędami arytmetycznymi, które wspólnie uzyskały ocenę CVSS 10.0. Ich obecność stwarza ryzyko przejęcia kontroli nad aplikacją lub jej destabilizacji.

pub. 2026-01-27
9.8
CVSS
CRITICAL
CVE-2020-3615

Valid deauth/disassoc frames is dropped in case if RMF is enabled and some rouge peer keep on sending rogue deauth/disassoc frames due to improper enum values used to check the frame subtype in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8009, APQ8053, APQ8096AU, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS605, SC8180X, SDM630, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM8150, SXR1130

pub. 2020-06-02
9.8
CVSS
CRITICAL
CVE-2019-9795

A vulnerability where type-confusion in the IonMonkey just-in-time (JIT) compiler could potentially be used by malicious JavaScript to trigger a potentially exploitable crash. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.

pub. 2019-04-26
9.2
CVSS
CRITICAL
CVE-2026-41584

Podatność w implementacji węzła Zcash o nazwie Zebra pozwala atakującemu zdalnie wywołać awarię (panic) procesu węzła poprzez przesłanie specjalnie spreparowanej transakcji Orchard. Jest to krytyczna podatność dostępności, ponieważ nie wymaga żadnego uwierzytelnienia ani interakcji użytkownika.

pub. 2026-05-08
8.8
CVSS
HIGH
CVE-2026-31739

In the Linux kernel, the following vulnerability has been resolved: crypto: tegra - Add missing CRYPTO_ALG_ASYNC The tegra crypto driver failed to set the CRYPTO_ALG_ASYNC on its asynchronous algorithms, causing the crypto API to select them for users that request only synchronous algorithms. This causes crashes (at least). Fix this by adding the flag like what the other drivers do. Also remove the unnecessary CRYPTO_ALG_TYPE_* flags, since those just get ignored and overridden by the registration function anyway.

pub. 2026-05-01
8.8
CVSS
HIGH
CVE-2020-15670

Mozilla developers reported memory safety bugs present in Firefox for Android 79. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 80, Firefox ESR < 78.2, Thunderbird < 78.2, and Firefox for Android < 80.

pub. 2020-10-01
8.8
CVSS
HIGH
CVE-2020-12417

Due to confusion about ValueTags on JavaScript Objects, an object may pass through the type barrier, resulting in memory corruption and a potentially exploitable crash. *Note: this issue only affects Firefox on ARM64 platforms.* This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0.

pub. 2020-07-09
8.8
CVSS
HIGH
CVE-2020-6617

stb stb_truetype.h through 1.22 has an assertion failure in stbtt__cff_int.

pub. 2020-01-08
8.8
CVSS
HIGH
CVE-2020-6619

stb stb_truetype.h through 1.22 has an assertion failure in stbtt__buf_seek.

pub. 2020-01-08
8.8
CVSS
HIGH
CVE-2020-6623

stb stb_truetype.h through 1.22 has an assertion failure in stbtt__cff_get_index.

pub. 2020-01-08
8.7
CVSS
HIGH
CVE-2026-29116

A vulnerability has been found in some Dahua products could allow an unauthenticated remote attacker to send a specially crafted packet, triggering an exception that causes the system to reboot unexpectedly, resulting in a denial of service.

pub. 2026-06-10
8.7
CVSS
HIGH
CVE-2025-34458

wb2osz/direwolf (Dire Wolf) versions up to and including 1.8, prior to commit 3658a87, contain a reachable assertion vulnerability in the APRS MIC-E decoder function aprs_mic_e() located in src/decode_aprs.c. When processing a specially crafted AX.25 frame containing a MIC-E message with an empty or truncated comment field, the application triggers an unhandled assertion checking for a non-empty comment. This assertion failure causes immediate process termination, allowing a remote, unauthenticated attacker to cause a denial of service by sending malformed APRS traffic.

pub. 2025-12-22
8.7
CVSS
HIGH
CVE-2025-41067

Reachable Assertion vulnerability in Open5GS up to version 2.7.6 allows attackers with connectivity to the NRF to cause a denial of service. An SBI request that deletes the NRF's own registry causes a check that ends up crashing the NRF process and renders the discovery service unavailable.

pub. 2025-10-27
8.7
CVSS
HIGH
CVE-2025-41068

Reachable Assertion vulnerability in Open5GS up to version 2.7.6 allows attackers with connectivity to the NRF to cause a denial of service. This is achieved by sending the creation of an NF with an invalid type via SBI and then requesting its data. The NRF executes a check that crashes the process, leaving the discovery service unresponsive.

pub. 2025-10-27
8.6
CVSS
HIGH
CVE-2023-37015

Open5GS MME versions <= 2.6.4 contains an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send a `Path Switch Request` message missing a required `MME_UE_S1AP_ID` field to repeatedly crash the MME, resulting in denial of service.

pub. 2025-01-22
8.6
CVSS
HIGH
CVE-2023-37016

Open5GS MME versions <= 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send a `UE Context Modification Response` message missing a required `MME_UE_S1AP_ID` field to repeatedly crash the MME, resulting in denial of service.

pub. 2025-01-22
8.6
CVSS
HIGH
CVE-2023-37017

Open5GS MME versions <= 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an `S1Setup Request` message missing a required `Global eNB ID` field to repeatedly crash the MME, resulting in denial of service.

pub. 2025-01-22
8.6
CVSS
HIGH
CVE-2023-37018

Open5GS MME versions <= 2.6.4 contains an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send a `UE Capability Info Indication` message missing a required `MME_UE_S1AP_ID` field to repeatedly crash the MME, resulting in denial of service.

pub. 2025-01-22
8.6
CVSS
HIGH
CVE-2023-37019

Open5GS MME versions <= 2.6.4 contains an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an `S1Setup Request` message missing a required `Supported TAs` field to repeatedly crash the MME, resulting in denial of service.

pub. 2025-01-22
8.6
CVSS
HIGH
CVE-2023-37020

Open5GS MME versions <= 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send a `UE Context Release Complete` message missing a required `MME_UE_S1AP_ID` field to repeatedly crash the MME, resulting in denial of service.

pub. 2025-01-22
Pokazano 20 z 872 podatności
Informacje
ID: CWE-617
Typ: Base
Podatności: 872
MITRE CWE ↗
← Słownik CWE
CWE-617 — Osiągalna Asercja | Słownik CWE | CVEbaza.pl