CWE-617

Reachable Assertion

Parent: CWE-705 - Incorrect Control Flow Scoping

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

750 vulnerabilities with CWE-617
CVE-2019-25037 HIGH
Unbound < 1.9.5 - Denial of Service via Invalid Packet in dname_pkt_copy
CVSS 7.5
CVE-2019-25036 HIGH
Unbound < 1.9.5 - Denial of Service via Reachable Assertion in synth_cname
CVSS 7.5
CVE-2019-14851 MEDIUM
nbdkit 1.12.7 1.14.1 1.15.1 - Denial of Service via Assertion Failure
CVSS 6.5
CVE-2019-14022 HIGH
Qualcomm Snapdragon Firmware - Reachable Assertion via IPv6 Header Length Check Bypass
CVSS 7.5
CVE-2019-14049 HIGH
ION System Allocation - Memory Corruption
CVSS 7.8
CVE-2019-20056 MEDIUM
stb_image.h 2.23 - Reachable Assertion in stbi__shiftsigned
CVSS 6.5
CVE-2019-18844 HIGH
ACRN < 2019w25.5-140000p - Denial of Service via Assertion Failure in PCI Core
CVSS 7.5
CVE-2019-6476 MEDIUM
BIND 9.14.0-9.14.6 and 9.15.0-9.15.4 - Reachable Assertion via QNAME Minimization Forwarder Referral
CVSS 5.9
CVE-2019-6473 MEDIUM
Kea 1.4.0-1.5.0 - Denial of Service via Invalid Hostname Option
CVSS 6.5
CVE-2019-6472 MEDIUM
Kea 1.4.0-1.5.0 - Denial of Service via Malformed DUID Packet
CVSS 6.5
CVE-2019-6471 MEDIUM
BIND 9.11.0-9.11.7, 9.12.0-9.12.4-P1, 9.14.0-9.14.2 - Denial of Service via Race Condition in Dispatch
CVSS 5.9
CVE-2019-6469 HIGH
BIND 9.10.5-S1-9.11.6-S1 - Reachable Assertion via Malformed RRSIGs in EDNS Client Subnet Feature
CVSS 7.5
CVE-2019-6468 HIGH
BIND Supported Preview Edition 9.10.5-S1-9.11.5-S5 - Reachable Assertion via nxdomain-redirect with ECS
CVSS 7.5
CVE-2019-6467 HIGH
BIND 9.12.0-9.12.4 and 9.14.0 - Reachable Assertion in NXDOMAIN Redirect Feature
CVSS 7.5
CVE-2019-9455 LOW
Android - Kernel Pointer Leak via Video Driver WARN_ON Statement
CVSS 2.3
CVE-2019-15892 HIGH
Varnish Cache <6.0.4 LTS, 6.1.x, 6.2.x - DoS
CVSS 7.5
CVE-2019-15758 MEDIUM
Binaryen < 89 - Denial of Service via Crafted Input in asmangle
CVSS 6.5
CVE-2019-10055 HIGH
Suricata 4.1.3 - Denial of Service via FTP PASV Response Length Mismatch
CVSS 7.5
CVE-2019-13223 MEDIUM
stb_vorbis < 2019-03-04 - Denial of Service via Crafted Ogg Vorbis File
CVSS 5.5
CVE-2019-5020 MEDIUM
Yara 3.8.1 - Denial of Service via Malicious Binary File
CVSS 5.5
CVE-2019-14383 MEDIUM
J2B libopenmpt <0.4.2 - Info Disclosure
CVSS 6.5
CVE-2019-14382 MEDIUM
libopenmpt <0.4.2 - Info Disclosure
CVSS 6.5
CVE-2019-1010173 HIGH
jsish 2.4.84 - Denial of Service via Jsi_ValueArrayIndex Assertion
CVSS 7.5
CVE-2019-13113 MEDIUM
exiv2 <= 0.27.1 - Denial of Service via Invalid CRW Image Data Location
CVSS 6.5
CVE-2019-12312 HIGH
libreswan < 3.28 - Denial of Service via IKEv2 INFORMATIONAL Exchange
CVSS 7.5
Details
Vulnerabilities 750
Links
MITRE CWE Entry Search this CWE With Exploits