CWE-617

Reachable Assertion

Parent: CWE-705 - Incorrect Control Flow Scoping

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

748 vulnerabilities with CWE-617
CVE-2023-44175 MEDIUM
Juniper Junos OS and Junos OS Evolved - Denial of Service via PIM Packet Processing in rpd
CVSS 6.5
CVE-2023-44386 MEDIUM
Vapor 4.83.2-4.84.2 - Denial of Service via HTTP1 Error Handler
CVSS 5.3
CVE-2023-24843 HIGH
Qualcomm 315 5G IoT Modem Firmware - Denial of Service via 5G Cell Camping
CVSS 7.5
CVE-2023-32820 HIGH
Yocto - Remote Denial of Service via Improper Input Handling
CVSS 7.5
CVE-2023-4236 HIGH
BIND 9 <9.18.18-9.18.18.S1 - Use After Free
CVSS 7.5
CVE-2023-3301 MEDIUM
QEMU < 8.0.3 - Denial of Service via Hot-Unplug Race Condition
CVSS 5.6
CVE-2023-21653 HIGH
Qualcomm Modem Firmware - Denial of Service via RRC Reconfiguration
CVSS 7.5
CVE-2023-21646 HIGH
Qualcomm Modem Firmware - Denial of Service via Invalid System Information Block 1
CVSS 7.5
CVE-2023-38976 HIGH
weaviate 1.20.0-1.20.5 - Denial of Service via handleUnbatchedGraphQLRequest
CVSS 7.5
CVE-2023-39949 HIGH
eprosima Fast DDS 2.6.0-2.6.4 - Reachable Assertion via Improper Sequence Number Validation
CVSS 7.5
CVE-2023-39534 HIGH
eprosima Fast DDS < 2.10.0, < 2.9.2, < 2.6.5 - Denial of Service via Malformed GAP Submessage
CVSS 7.5
CVE-2023-36840 MEDIUM
Juniper Networks Junos OS <19.3R3-S10, 20.1 - DoS
CVSS 5.5
CVE-2023-37836 MEDIUM
libjpeg < 1.66 - Denial of Service via BitMapHook::BitMapHook
CVSS 6.5
CVE-2023-34868 HIGH
Jerryscript 3.0 - Reachable Assertion in Parser For Statement Start
CVSS 7.5
CVE-2023-34867 HIGH
Jerryscript 3.0 - Reachable Assertion in ecma_property_hashmap_create
CVSS 7.5
CVE-2023-1428 HIGH
grpc 1.51.0-1.52.4 - Reachable Assertion via Malformed HTTP/2 Headers
CVSS 7.5
CVE-2023-33199 MEDIUM
Rekor < 1.2.0 - Denial of Service via Malformed Intoto Proposed Entry
CVSS 5.3
CVE-2023-23759 HIGH
Facebook Fizz < 2023.01.30.00 - Denial of Service via ClientHello Cipher Advertisement Change
CVSS 7.5
CVE-2023-31921 MEDIUM
Jerryscript 3.0 - Reachable Assertion in ecma_big_uint_div_mod
CVSS 5.5
CVE-2023-31920 MEDIUM
Jerryscript 3.0 - Reachable Assertion via vm_loop
CVSS 5.5
CVE-2023-31919 MEDIUM
Jerryscript 3.0 - Reachable Assertion via jcontext_raise_exception
CVSS 5.5
CVE-2023-31918 MEDIUM
Jerryscript 3.0 - Reachable Assertion in Parser Function Arguments
CVSS 5.5
CVE-2023-31916 MEDIUM
Jerryscript 3.0 - Reachable Assertion via jmem_heap_finalize
CVSS 5.5
CVE-2023-31913 MEDIUM
Jerryscript 3.0 - Reachable Assertion in Class Parser
CVSS 5.5
CVE-2023-2156 HIGH
Linux Kernel >=5.7 <5.10.184 - Unauthenticated Denial of Service via RPL Protocol Handling
CVSS 7.5
Details
Vulnerabilities 748
Links
MITRE CWE Entry Search this CWE With Exploits