Total
484 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-46337 | 1 Jerryscript | 1 Jerryscript | 2022-01-26 | 4.3 MEDIUM | 5.5 MEDIUM |
| There is an Assertion 'page_p != NULL' failed at /parser/js/js-parser-mem.c(parser_list_get) in JerryScript 3.0.0. | |||||
| CVE-2021-46336 | 1 Jerryscript | 1 Jerryscript | 2022-01-26 | 4.3 MEDIUM | 5.5 MEDIUM |
| There is an Assertion 'opts & PARSER_CLASS_LITERAL_CTOR_PRESENT' failed at /parser/js/js-parser-expr.c(parser_parse_class_body) in JerryScript 3.0.0. | |||||
| CVE-2021-46052 | 1 Webassembly | 1 Binaryen | 2022-01-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::Tuple::validate. | |||||
| CVE-2021-46054 | 1 Webassembly | 1 Binaryen | 2022-01-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::visitRethrow(wasm::Rethrow*). | |||||
| CVE-2021-46055 | 1 Webassembly | 1 Binaryen | 2022-01-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::visitRethrow(wasm::Rethrow*). | |||||
| CVE-2021-46048 | 1 Webassembly | 1 Binaryen | 2022-01-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::readFunctions. | |||||
| CVE-2021-30335 | 1 Qualcomm | 348 Apq8009w, Apq8009w Firmware, Aqt1000 and 345 more | 2022-01-12 | 7.2 HIGH | 7.8 HIGH |
| Possible assertion in QOS request due to improper validation when multiple add or update request are received simultaneously in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2021-30293 | 1 Qualcomm | 152 Ar6003, Ar6003 Firmware, Ar8035 and 149 more | 2022-01-12 | 5.0 MEDIUM | 7.5 HIGH |
| Possible assertion due to lack of input validation in PUSCH configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT | |||||
| CVE-2021-30273 | 1 Qualcomm | 148 Apq8009w, Apq8009w Firmware, Apq8096au and 145 more | 2022-01-11 | 5.0 MEDIUM | 7.5 HIGH |
| Possible assertion due to improper handling of IPV6 packet with invalid length in destination options header in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables | |||||
| CVE-2021-43849 | 3 Apple, Cordova Plugin Fingerprint All-in-one Project, Google | 3 Iphone Os, Cordova Plugin Fingerprint All-in-one, Android | 2022-01-11 | 2.1 LOW | 5.5 MEDIUM |
| cordova-plugin-fingerprint-aio is a plugin provides a single and simple interface for accessing fingerprint APIs on both Android 6+ and iOS. In versions prior to 5.0.1 The exported activity `de.niklasmerz.cordova.biometric.BiometricActivity` can cause the app to crash. This vulnerability occurred because the activity didn't handle the case where it is requested with invalid or empty data which results in a crash. Any third party app can constantly call this activity with no permission. A 3rd party app/attacker using event listener can continually stop the app from working and make the victim unable to open it. Version 5.0.1 of the cordova-plugin-fingerprint-aio doesn't export the activity anymore and is no longer vulnerable. If you want to fix older versions change the attribute android:exported in plugin.xml to false. Please upgrade to version 5.0.1 as soon as possible. | |||||
| CVE-2021-20217 | 1 Privoxy | 1 Privoxy | 2021-12-14 | 7.8 HIGH | 7.5 HIGH |
| A flaw was found in Privoxy in versions before 3.0.31. An assertion failure triggered by a crafted CGI request may lead to denial of service. The highest threat from this vulnerability is to system availability. | |||||
| CVE-2021-20272 | 2 Debian, Privoxy | 2 Debian Linux, Privoxy | 2021-12-07 | 5.0 MEDIUM | 7.5 HIGH |
| A flaw was found in privoxy before 3.0.32. An assertion failure could be triggered with a crafted CGI request leading to server crash. | |||||
| CVE-2021-44022 | 2 Microsoft, Trendmicro | 2 Windows, Apex One | 2021-12-06 | 2.1 LOW | 5.5 MEDIUM |
| A reachable assertion vulnerability in Trend Micro Apex One could allow an attacker to crash the program on affected installations, leading to a denial-of-service (DoS). Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
| CVE-2018-5269 | 2 Debian, Opencv | 2 Debian Linux, Opencv | 2021-11-30 | 4.3 MEDIUM | 5.5 MEDIUM |
| In OpenCV 3.3.1, an assertion failure happens in cv::RBaseStream::setPos in modules/imgcodecs/src/bitstrm.cpp because of an incorrect integer cast. | |||||
| CVE-2021-1982 | 1 Qualcomm | 144 Ar8035, Ar8035 Firmware, Qca6390 and 141 more | 2021-11-16 | 5.0 MEDIUM | 7.5 HIGH |
| Possible denial of service scenario due to improper input validation of received NAS OTA message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2021-41200 | 1 Google | 1 Tensorflow | 2021-11-09 | 2.1 LOW | 5.5 MEDIUM |
| TensorFlow is an open source platform for machine learning. In affected versions if `tf.summary.create_file_writer` is called with non-scalar arguments code crashes due to a `CHECK`-fail. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range. | |||||
| CVE-2021-33600 | 1 F-secure | 1 Internet Gatekeeper | 2021-10-08 | 5.0 MEDIUM | 7.5 HIGH |
| A denial-of-service (DoS) vulnerability was discovered in the web user interface of F-Secure Internet Gatekeeper. The vulnerability occurs because of an attacker can trigger assertion via malformed HTTP packet to web interface. An unauthenticated attacker could exploit this vulnerability by sending a large username parameter. A successful exploitation could lead to a denial-of-service of the product. | |||||
| CVE-2021-1971 | 1 Qualcomm | 242 Aqt1000, Aqt1000 Firmware, Ar8035 and 239 more | 2021-09-22 | 7.8 HIGH | 7.5 HIGH |
| Possible assertion due to lack of physical layer state validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2021-36691 | 1 Libjxl Project | 1 Libjxl | 2021-09-08 | 5.0 MEDIUM | 7.5 HIGH |
| libjxl v0.5.0 is affected by a Assertion failed issue in lib/jxl/image.cc jxl::PlaneBase::PlaneBase(). When encoding a malicous GIF file using cjxl, an attacker can trigger a denial of service. | |||||
| CVE-2021-21778 | 1 Mz-automation | 1 Lib60870 | 2021-08-31 | 5.0 MEDIUM | 7.5 HIGH |
| A denial of service vulnerability exists in the ASDU message processing functionality of MZ Automation GmbH lib60870.NET 2.2.0. A specially crafted network request can lead to loss of communications. An attacker can send an unauthenticated message to trigger this vulnerability. | |||||