Total
525 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-27938 | 1 Libsixel Project | 1 Libsixel | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| stb_image.h (aka the stb image loader) 2.19, as used in libsixel and other products, has a reachable assertion in stbi__create_png_image_raw. | |||||
| CVE-2022-27448 | 2 Debian, Mariadb | 2 Debian Linux, Mariadb | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| There is an Assertion failure in MariaDB Server v10.9 and below via 'node->pcur->rel_pos == BTR_PCUR_ON' at /row/row0mysql.cc. | |||||
| CVE-2022-27382 | 1 Mariadb | 1 Mariadb | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component Item_field::used_tables/update_depend_map_for_order. | |||||
| CVE-2022-25484 | 1 Broadcom | 1 Tcpreplay | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| tcpprep v4.4.1 has a reachable assertion (assert(l2len > 0)) in packet2tree() at tree.c in tcpprep v4.4.1. | |||||
| CVE-2022-24777 | 1 Linuxfoundation | 1 Grpc Swift | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| grpc-swift is the Swift language implementation of gRPC, a remote procedure call (RPC) framework. Prior to version 1.7.2, a grpc-swift server is vulnerable to a denial of service attack via a reachable assertion. This is due to incorrect logic when handling GOAWAY frames. The attack is low-effort: it takes very little resources to construct and send the required sequence of frames. The impact on availability is high as the server will crash, dropping all in flight connections and requests. This issue is fixed in version 1.7.2. There are currently no known workarounds. | |||||
| CVE-2022-24272 | 1 Mongodb | 1 Mongodb | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| An authenticated user may trigger an invariant assertion during command dispatch due to incorrect validation on the $external database. This may result in mongod denial of service or server crash. This issue affects: MongoDB Inc. MongoDB Server v5.0 versions, prior to and including v5.0.6. | |||||
| CVE-2022-23588 | 1 Google | 1 Tensorflow | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a `SavedModel` such that Grappler optimizer would attempt to build a tensor using a reference `dtype`. This would result in a crash due to a `CHECK`-fail in the `Tensor` constructor as reference types are not allowed. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. | |||||
| CVE-2022-23586 | 1 Google | 1 Tensorflow | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a `SavedModel` such that assertions in `function.cc` would be falsified and crash the Python interpreter. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. | |||||
| CVE-2022-23582 | 1 Google | 1 Tensorflow | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a `SavedModel` such that `TensorByteSize` would trigger `CHECK` failures. `TensorShape` constructor throws a `CHECK`-fail if shape is partial or has a number of elements that would overflow the size of an `int`. The `PartialTensorShape` constructor instead does not cause a `CHECK`-abort if the shape is partial, which is exactly what this function needs to be able to return `-1`. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. | |||||
| CVE-2022-23581 | 1 Google | 1 Tensorflow | 2024-11-21 | 5.0 MEDIUM | 6.5 MEDIUM |
| Tensorflow is an Open Source Machine Learning Framework. The Grappler optimizer in TensorFlow can be used to cause a denial of service by altering a `SavedModel` such that `IsSimplifiableReshape` would trigger `CHECK` failures. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. | |||||
| CVE-2022-23579 | 1 Google | 1 Tensorflow | 2024-11-21 | 5.0 MEDIUM | 6.5 MEDIUM |
| Tensorflow is an Open Source Machine Learning Framework. The Grappler optimizer in TensorFlow can be used to cause a denial of service by altering a `SavedModel` such that `SafeToRemoveIdentity` would trigger `CHECK` failures. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. | |||||
| CVE-2022-23572 | 1 Google | 1 Tensorflow | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, TensorFlow can fail to specialize a type during shape inference. This case is covered by the `DCHECK` function however, `DCHECK` is a no-op in production builds and an assertion failure in debug builds. In the first case execution proceeds to the `ValueOrDie` line. This results in an assertion failure as `ret` contains an error `Status`, not a value. In the second case we also get a crash due to the assertion failure. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, and TensorFlow 2.6.3, as these are also affected and still in supported range. | |||||
| CVE-2022-23571 | 1 Google | 1 Tensorflow | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Tensorflow is an Open Source Machine Learning Framework. When decoding a tensor from protobuf, a TensorFlow process can encounter cases where a `CHECK` assertion is invalidated based on user controlled arguments, if the tensors have an invalid `dtype` and 0 elements or an invalid shape. This allows attackers to cause denial of services in TensorFlow processes. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. | |||||
| CVE-2022-23570 | 1 Google | 1 Tensorflow | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Tensorflow is an Open Source Machine Learning Framework. When decoding a tensor from protobuf, TensorFlow might do a null-dereference if attributes of some mutable arguments to some operations are missing from the proto. This is guarded by a `DCHECK`. However, `DCHECK` is a no-op in production builds and an assertion failure in debug builds. In the first case execution proceeds to the dereferencing of the null pointer, whereas in the second case it results in a crash due to the assertion failure. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, and TensorFlow 2.6.3, as these are also affected and still in supported range. | |||||
| CVE-2022-23565 | 1 Google | 1 Tensorflow | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Tensorflow is an Open Source Machine Learning Framework. An attacker can trigger denial of service via assertion failure by altering a `SavedModel` on disk such that `AttrDef`s of some operation are duplicated. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. | |||||
| CVE-2022-23564 | 1 Google | 1 Tensorflow | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Tensorflow is an Open Source Machine Learning Framework. When decoding a resource handle tensor from protobuf, a TensorFlow process can encounter cases where a `CHECK` assertion is invalidated based on user controlled arguments. This allows attackers to cause denial of services in TensorFlow processes. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. | |||||
| CVE-2022-22901 | 1 Jerryscript | 1 Jerryscript | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| There is an Assertion in 'context_p->next_scanner_info_p->type == SCANNER_TYPE_FUNCTION' failed at parser_parse_function_arguments in /js/js-parser.c of JerryScript commit a6ab5e9. | |||||
| CVE-2022-22892 | 1 Jerryscript | 1 Jerryscript | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| There is an Assertion 'ecma_is_value_undefined (value) || ecma_is_value_null (value) || ecma_is_value_boolean (value) || ecma_is_value_number (value) || ecma_is_value_string (value) || ecma_is_value_bigint (value) || ecma_is_value_symbol (value) || ecma_is_value_object (value)' failed at jerry-core/ecma/base/ecma-helpers-value.c in Jerryscripts 3.0.0. | |||||
| CVE-2022-22890 | 1 Jerryscript | 1 Jerryscript | 2024-11-21 | 5.0 MEDIUM | 5.5 MEDIUM |
| There is an Assertion 'arguments_type != SCANNER_ARGUMENTS_PRESENT && arguments_type != SCANNER_ARGUMENTS_PRESENT_NO_REG' failed at /jerry-core/parser/js/js-scanner-util.c in Jerryscript 3.0.0. | |||||
| CVE-2022-22060 | 1 Qualcomm | 148 315 5g Iot Modem, 315 5g Iot Modem Firmware, Ar8035 and 145 more | 2024-11-21 | N/A | 7.5 HIGH |
| Assertion occurs while processing Reconfiguration message due to improper validation | |||||