CWE-617

Reachable Assertion

Parent: CWE-705 - Incorrect Control Flow Scoping

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

750 vulnerabilities with CWE-617
CVE-2017-9499 MEDIUM
ImageMagick 7.0.5-7 - Denial of Service via Crafted File
CVSS 6.5
CVE-2017-8915 HIGH
SAP HANA XS 1.00 and 2.00 - Denial of Service via Package Filename with Special Characters
CVSS 7.5
CVE-2017-9142 MEDIUM
ImageMagick <7.0.5-7 - Buffer Overflow
CVSS 6.5
CVE-2017-9141 MEDIUM
ImageMagick <7.0.5-7 - Buffer Overflow
CVSS 6.5
CVE-2017-7479 MEDIUM
OpenVPN < 2.3.15 and < 2.4.2 - Authenticated Denial of Service via Packet-ID Counter Rollover
CVSS 6.5
CVE-2017-7478 HIGH
OpenVPN 2.3.12-2.3.14 - Unauthenticated Denial of Service via Large Control Packet
CVSS 7.5
CVE-2017-8372 MEDIUM
Underbit MAD libmad 0.15.1b - Denial of Service via Crafted Audio File
CVSS 4.7
CVE-2017-7605 HIGH
libaacplus 2.0.2 - Reachable Assertion in aacplusenc.c
CVSS 7.8
CVE-2017-5981 MEDIUM
zziplib 0.13.62 - Denial of Service via Crafted ZIP File
CVSS 5.5
CVE-2017-5986 MEDIUM
Linux Kernel < 4.9.11 - Denial of Service via SCTP Association Peeling Race Condition
CVSS 5.5
CVE-2016-9399 HIGH
JasPer - Reachable Assertion in calcstepsizes Function
CVSS 7.5
CVE-2016-9398 HIGH
JasPer < 1.900.17 - Denial of Service via jpc_floorlog2 Assertion Failure
CVSS 7.5
CVE-2016-9397 HIGH
JasPer 1.900.13 - Denial of Service via jpc_dequantize Assertion Failure
CVSS 7.5
CVE-2016-9388 MEDIUM
JasPer < 1.900.14 - Denial of Service via Crafted Image File
CVSS 5.5
CVE-2016-8864 HIGH
ISC BIND <9.9.9-P4, 9.10.x <9.10.4-P4, 9.11.x <9.11.0-P1 - DoS
CVSS 7.5
CVE-2015-8012 HIGH
lldpd < 0.8.0 - Denial of Service via Malformed Packet
CVSS 7.5
CVE-2015-8745 MEDIUM
QEMU < 2.4.1 - Denial of Service via VMXNET3 IMR Read
CVSS 5.5
CVE-2012-5521 MEDIUM
Quagga 0.99.21 - Denial of Service via OSPF6d Route Removal
CVSS 6.5
CVE-2011-3596 HIGH
Polipo < 1.0.4.1 - Denial of Service via HTTP POST/PUT Request
CVSS 7.5
CVE-2010-3411
Google Chrome < 6.0.472.59 - Denial of Service via Cursor Handling
CVE-2006-6767 HIGH
oftpd < 0.3.7 - Denial of Service via LPRT or LPASV Command
CVSS 7.5
CVE-2006-6811 MEDIUM
KsIRC 1.3.12 - Denial of Service via Long PRIVMSG String
CVSS 6.5
CVE-2006-5779 HIGH
OpenLDAP < 2.3.29 - Denial of Service via Long Authcid in LDAP BIND Request
CVSS 7.5
CVE-2006-4574 HIGH
Wireshark 0.10.1-0.99.3 - Denial of Service via MIME Multipart Dissector Off-by-one Error
CVSS 7.5
CVE-2006-4095 HIGH
BIND < 9.2.6-P1 and 9.3.x < 9.3.2-P1 - Denial of Service via SIG Query Assertion Failure
CVSS 7.5
Details
Vulnerabilities 750
Links
MITRE CWE Entry Search this CWE With Exploits