CWE-617

Reachable Assertion

Parent: CWE-705 - Incorrect Control Flow Scoping

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

748 vulnerabilities with CWE-617
CVE-2020-23313 HIGH
JerryScript 2.2.0 - Info Disclosure
CVSS 7.5
CVE-2020-23312 HIGH
JerryScript 2.2.0 - Info Disclosure
CVSS 7.5
CVE-2020-23311 HIGH
JerryScript 2.2.0 - Info Disclosure
CVSS 7.5
CVE-2020-23310 HIGH
JerryScript 2.2.0 - Info Disclosure
CVSS 7.5
CVE-2020-23309 HIGH
JerryScript 2.2.0 - Info Disclosure
CVSS 7.5
CVE-2020-23308 HIGH
JerryScript 2.2.0 - Info Disclosure
CVSS 7.5
CVE-2020-36382 HIGH
OpenVPN Access Server 2.7.3-2.8.7 - Denial of Service via Incorrect Authentication Token Data
CVSS 7.5
CVE-2020-25710 HIGH
OpenLDAP < 2.4.56 - Denial of Service via csnNormalize23() Assertion Failure
CVSS 7.5
CVE-2020-20214 MEDIUM
Mikrotik RouterOS 6.44.6 - Authenticated Denial of Service via Crafted Packet
CVSS 6.5
CVE-2020-25709 HIGH
OpenLDAP < 2.4.56 - Denial of Service via Assertion Failure
CVSS 7.5
CVE-2020-11274 HIGH
Qualcomm Firmware - Denial of Service via Invalid Configuration Assert
CVSS 7.5
CVE-2020-11218 HIGH
Qualcomm APQ8017 Firmware - Denial of Service via LTE betaOffset-RI-Index Configuration
CVSS 7.5
CVE-2020-11296 HIGH
Qualcomm APQ8009 Firmware - Reachable Assertion via NOA IE Processing
CVSS 7.5
CVE-2020-11280 HIGH
Qualcomm AQT1000 Firmware - Denial of Service via FTMR Frame Processing
CVSS 7.5
CVE-2020-11278 HIGH
Qualcomm AQT1000 Firmware - Denial of Service via Host WMI Command
CVSS 7.5
CVE-2020-36230 HIGH
OpenLDAP < 2.4.57 - Denial of Service via X.509 DN Parsing Assertion Failure
CVSS 7.5
CVE-2020-36222 HIGH
OpenLDAP < 2.4.57 - Denial of Service via SASL AuthzTo Validation
CVSS 7.5
CVE-2020-29562 MEDIUM
glibc 2.30-2.32 - Denial of Service via Iconv UCS4 Character Conversion
CVSS 4.8
CVE-2020-25723 LOW
QEMU < 5.1.1 - Denial of Service via USB EHCI DMA Memory Map Failure
CVSS 3.2
CVE-2020-27617 MEDIUM
QEMU 4.2.1 - Denial of Service via Invalid Layer 3 Protocol Packet
CVSS 6.5
CVE-2020-27638 HIGH
fastd < 21.0 - Denial of Service via Invalid Packet Type Code
CVSS 7.5
CVE-2020-1681 MEDIUM
Juniper Junos OS Evolved < 20.1R2-EVO - Denial of Service via Malformed NDP Packet
CVSS 6.5
CVE-2020-15670 HIGH
Firefox < 80 and Firefox ESR < 78.2 - Memory Corruption
CVSS 8.8
CVE-2020-15197 MEDIUM
TensorFlow 2.3.0 - Denial of Service via SparseCountSparseOutput Invalid Tensor Rank
CVSS 6.3
CVE-2020-15194 MEDIUM
TensorFlow < 1.15.4 - Denial of Service via SparseFillEmptyRowsGrad Shape Validation Bypass
CVSS 5.3
Details
Vulnerabilities 748
Links
MITRE CWE Entry Search this CWE With Exploits