Total
601 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-48363 | 1 Linuxfoundation | 1 Automotive Grade Linux | 2025-03-11 | N/A | 7.5 HIGH |
| In MPD before 0.23.8, as used on Automotive Grade Linux and other platforms, the PipeWire output plugin mishandles a Drain call in certain situations involving truncated files. Eventually there is an assertion failure in libmpdclient because libqtappfw passes in a NULL pointer. | |||||
| CVE-2023-27783 | 1 Broadcom | 1 Tcpreplay | 2025-02-26 | N/A | 7.5 HIGH |
| An issue found in TCPreplay tcprewrite v.4.4.3 allows a remote attacker to cause a denial of service via the tcpedit_dlt_cleanup function at plugins/dlt_plugins.c. | |||||
| CVE-2023-27789 | 1 Broadcom | 1 Tcpreplay | 2025-02-26 | N/A | 7.5 HIGH |
| An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the cidr2cidr function at the cidr.c:178 endpoint. | |||||
| CVE-2023-27788 | 1 Broadcom | 1 Tcpreplay | 2025-02-26 | N/A | 7.5 HIGH |
| An issue found in TCPrewrite v.4.4.3 allows a remote attacker to cause a denial of service via the ports2PORT function at the portmap.c:69 endpoint. | |||||
| CVE-2024-34036 | 2025-02-25 | N/A | 4.3 MEDIUM | ||
| An issue was discovered in O-RAN Near Realtime RIC I-Release. To exploit this vulnerability, an attacker can disrupt the initial connection between a gNB and the Near RT-RIC by inundating the system with a high volume of subscription requests via an xApp. | |||||
| CVE-2024-34035 | 2025-02-25 | N/A | 5.7 MEDIUM | ||
| An issue was discovered in O-RAN Near Realtime RIC H-Release. To trigger the crashing of the e2mgr, an adversary must flood the system with a significant quantity of E2 Subscription Requests originating from an xApp. | |||||
| CVE-2024-34034 | 2025-02-25 | N/A | 5.7 MEDIUM | ||
| An issue was discovered in FlexRIC 2.0.0. It crashes during a Subscription Request denial-of-service (DoS) attack, triggered by an assertion error. An attacker must send a high number of E42 Subscription Requests to the Near-RT RIC component. | |||||
| CVE-2023-40462 | 2 Debian, Sierrawireless | 9 Debian Linux, Aleos, Es450 and 6 more | 2025-02-13 | N/A | 7.5 HIGH |
| The ACEManager component of ALEOS 4.16 and earlier does not perform input sanitization during authentication, which could potentially result in a Denial of Service (DoS) condition for ACEManager without impairing other router functions. ACEManager recovers from the DoS condition by restarting within ten seconds of becoming unavailable. | |||||
| CVE-2023-29935 | 1 Llvm | 1 Llvm | 2025-01-29 | N/A | 5.5 MEDIUM |
| llvm-project commit a0138390 was discovered to contain an assertion failure at !replacements.count(op) && "operation was already replaced. | |||||
| CVE-2023-37029 | 1 Linuxfoundation | 1 Magma | 2025-01-27 | N/A | 7.5 HIGH |
| Magma versions <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) are susceptible to an assertion-based crash when an oversized NAS packet is received. An attacker may leverage this behavior to repeatedly crash the MME via either a compromised base station or via an unauthenticated cellphone within range of a base station managed by the MME, causing a denial of service. | |||||
| CVE-2023-31919 | 1 Jerryscript | 1 Jerryscript | 2025-01-24 | N/A | 5.5 MEDIUM |
| Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the jcontext_raise_exception at jerry-core/jcontext/jcontext.c. | |||||
| CVE-2023-31918 | 1 Jerryscript | 1 Jerryscript | 2025-01-24 | N/A | 5.5 MEDIUM |
| Jerryscript 3.0 (commit 1a2c047) was discovered to contain an Assertion Failure via the parser_parse_function_arguments at jerry-core/parser/js/js-parser.c. | |||||
| CVE-2023-31913 | 1 Jerryscript | 1 Jerryscript | 2025-01-24 | N/A | 5.5 MEDIUM |
| Jerryscript 3.0 *commit 1a2c047) was discovered to contain an Assertion Failure via the component parser_parse_class at jerry-core/parser/js/js-parser-expr.c. | |||||
| CVE-2024-24427 | 1 Open5gs | 1 Open5gs | 2025-01-24 | N/A | 7.5 HIGH |
| A reachable assertion in the amf_ue_set_suci function of Open5GS <= 2.6.4 allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet. | |||||
| CVE-2024-24428 | 1 Open5gs | 1 Open5gs | 2025-01-24 | N/A | 7.5 HIGH |
| A reachable assertion in the oai_nas_5gmm_decode function of Open5GS <= 2.6.4 allows attackers to cause a Denial of Service (DoS) via a crafted NGAP packet. | |||||
| CVE-2023-31916 | 1 Jerryscript | 1 Jerryscript | 2025-01-24 | N/A | 5.5 MEDIUM |
| Jerryscript 3.0 (commit 1a2c047) was discovered to contain an Assertion Failure via the jmem_heap_finalize at jerry-core/jmem/jmem-heap.c. | |||||
| CVE-2023-31921 | 1 Jerryscript | 1 Jerryscript | 2025-01-24 | N/A | 5.5 MEDIUM |
| Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the ecma_big_uint_div_mod at jerry-core/ecma/operations/ecma-big-uint.c. | |||||
| CVE-2023-31920 | 1 Jerryscript | 1 Jerryscript | 2025-01-24 | N/A | 5.5 MEDIUM |
| Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the vm_loop at jerry-core/vm/vm.c. | |||||
| CVE-2023-37024 | 2025-01-23 | N/A | 7.5 HIGH | ||
| A reachable assertion in the Mobile Management Entity (MME) of Magma versions <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows remote attackers to crash the MME with an unauthenticated cellphone by sending a NAS packet containing an `Emergency Number List` Information Element. | |||||
| CVE-2023-23759 | 1 Facebook | 1 Fizz | 2025-01-21 | N/A | 7.5 HIGH |
| There is a vulnerability in the fizz library prior to v2023.01.30.00 where a CHECK failure can be triggered remotely. This behavior requires the client supported cipher advertisement changing between the original ClientHello and the second ClientHello, crashing the process (impact is limited to denial of service). | |||||