CWE-617

Reachable Assertion

Parent: CWE-705 - Incorrect Control Flow Scoping

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

750 vulnerabilities with CWE-617
CVE-2020-15197 MEDIUM
TensorFlow 2.3.0 - Denial of Service via SparseCountSparseOutput Invalid Tensor Rank
CVSS 6.3
CVE-2020-15194 MEDIUM
TensorFlow < 1.15.4 - Denial of Service via SparseFillEmptyRowsGrad Shape Validation Bypass
CVSS 5.3
CVE-2020-6097 HIGH
atftp <0.7.git20120829-3.1+b1 - DoS
CVSS 7.5
CVE-2020-11135 HIGH
Qualcomm Snapdragon - Reachable Assertion in APE Clips Parser
CVSS 7.5
CVE-2020-13595 MEDIUM
Espressif ESP-IDF 4.0-4.2 - Denial of Service via BLE Packet MIC Failure
CVSS 6.5
CVE-2020-8623 HIGH
BIND 9.10.0-9.11.21, 9.12.0-9.16.5, 9.17.0-9.17.3 - Reachable Assertion via Crafted Query Packet
CVSS 7.5
CVE-2020-8622 MEDIUM
BIND 9.0.0-9.11.21, 9.12.0-9.16.5, 9.17.0-9.17.3 - Reachable Assertion via Truncated TSIG Response
CVSS 6.5
CVE-2020-8621 HIGH
BIND 9.14.0-9.16.5, 9.17.0-9.17.3 - DoS
CVSS 7.5
CVE-2020-8620 HIGH
BIND 9.15.6-9.16.5 and 9.17.0-9.17.3 - Reachable Assertion via TCP Connection
CVSS 7.5
CVE-2020-16092 LOW
QEMU < 5.0.0 - Denial of Service via Network Packet Processing Assertion Failure
CVSS 3.8
CVE-2020-12417 HIGH
Firefox < 78.0 - Memory Corruption via JavaScript ValueTag Confusion
CVSS 8.8
CVE-2020-8618 MEDIUM
BIND >=9.16.0 <9.16.3 - Denial of Service via Zone Transfer Assertion Failure
CVSS 4.9
CVE-2020-10761 MEDIUM
QEMU < 5.0.1 - Denial of Service via NBD Server Request Length Boundary
CVSS 5.0
CVE-2020-3645 HIGH
Qualcomm Snapdragon Firmware - Reachable Assertion via FILS IE Encrypted Data Length
CVSS 7.5
CVE-2020-3615 CRITICAL
Snapdragon Auto Snapdragon Compute Snapdragon Consumer Electronics ...
CVSS 9.8
CVE-2020-3958 MEDIUM
VMware Fusion 11.0.0-11.5.1 and Workstation 15.0.0-15.5.1 - Denial of Service via Shader Functionality
CVSS 5.5
CVE-2020-13649 HIGH
JerryScript 2.2.0 - Denial of Service via Out-of-Memory Error Handling
CVSS 7.5
CVE-2020-13622 HIGH
JerryScript 2.2.0 - Denial of Service via Proxy Object Property Key Query
CVSS 7.5
CVE-2020-8617 HIGH
BIND 9.0.0-9.11.17 - Denial of Service via TSIG Key Assertion Failure
CVSS 7.5
CVE-2020-3651 HIGH
Snapdragon Auto Snapdragon Compute Snapdragon Consumer Electronics ...
CVSS 7.5
CVE-2020-11653 HIGH
Varnish Cache 6.0.0-6.0.5, 6.1.0-6.2.2, 6.3.0-6.3.1 - Reachable Assertion via PROXY v2 TLS Termination
CVSS 7.5
CVE-2020-6623 HIGH
stb_truetype.h < 1.22 - Reachable Assertion in stbtt__cff_get_index
CVSS 8.8
CVE-2020-6619 HIGH
stb stb_truetype.h < 1.22 - Reachable Assertion in stbtt__buf_seek
CVSS 8.8
CVE-2020-6617 HIGH
stb_truetype.h < 1.22 - Reachable Assertion in stbtt__cff_int
CVSS 8.8
CVE-2019-25041 HIGH
Unbound < 1.9.5 - Reachable Assertion via Compressed Name in dname_pkt_copy
CVSS 7.5
Details
Vulnerabilities 750
Links
MITRE CWE Entry Search this CWE With Exploits