CWE-617 · Reachable Assertion
759 CVEs classified under CWE-617 (Reachable Assertion). Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-3615 | Critical | 9.8 | 2020-06-02 | Valid deauth/disassoc frames is dropped in case if RMF is enabled and some rouge peer keep on sending rogue deauth/disassoc frames due to improper enum values… |
CVE-2019-9795 | Critical | 9.8 | 2019-04-26 | A vulnerability where type-confusion in the IonMonkey just-in-time (JIT) compiler could potentially be used by malicious JavaScript to trigger a potentially ex… |
CVE-2026-27809 | Critical | 9.1 | 2026-02-26 | psd-tools is a Python package for working with Adobe Photoshop PSD files. Prior to version 1.12.2, when a PSD file contains malformed RLE-compressed image data… |
CVE-2026-31739 | High | 8.8 | 2026-05-01 | In the Linux kernel, the following vulnerability has been resolved: crypto: tegra - Add missing CRYPTO_ALG_ASYNC The tegra crypto driver failed to set the CR… |
CVE-2020-15670 | High | 8.8 | 2020-10-01 | Mozilla developers reported memory safety bugs present in Firefox for Android 79. Some of these bugs showed evidence of memory corruption and we presume that w… |
CVE-2020-12417 | High | 8.8 | 2020-07-09 | Due to confusion about ValueTags on JavaScript Objects, an object may pass through the type barrier, resulting in memory corruption and a potentially exploitab… |
CVE-2020-6623 | High | 8.8 | 2020-01-08 | stb stb_truetype.h through 1.22 has an assertion failure in stbtt__cff_get_index. |
CVE-2020-6619 | High | 8.8 | 2020-01-08 | stb stb_truetype.h through 1.22 has an assertion failure in stbtt__buf_seek. |
CVE-2020-6617 | High | 8.8 | 2020-01-08 | stb stb_truetype.h through 1.22 has an assertion failure in stbtt__cff_int. |
CVE-2024-24429 | High | 8.6 | 2025-01-22 | A reachable assertion in the nas_eps_send_emm_to_esm function of Open5GS <= 2.6.4 allows attackers to cause a Denial of Service (DoS) via a crafted NGAP packet. |
CVE-2024-34235 | High | 8.6 | 2025-01-22 | Open5GS MME versions <= 2.6.4 contains an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send a… |
CVE-2023-37023 | High | 8.6 | 2025-01-22 | Open5GS MME versions <= 2.6.4 contain a reachable assertion in the `Uplink NAS Transport` packet handler. A packet missing its `MME_UE_S1AP_ID` field causes Op… |
CVE-2023-37021 | High | 8.6 | 2025-01-22 | Open5GS MME version <= 2.6.4 contains an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send a… |
CVE-2023-37020 | High | 8.6 | 2025-01-22 | Open5GS MME versions <= 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send a… |
CVE-2023-37019 | High | 8.6 | 2025-01-22 | Open5GS MME versions <= 2.6.4 contains an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send a… |
CVE-2023-37018 | High | 8.6 | 2025-01-22 | Open5GS MME versions <= 2.6.4 contains an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send a… |
CVE-2023-37017 | High | 8.6 | 2025-01-22 | Open5GS MME versions <= 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an… |
CVE-2023-37016 | High | 8.6 | 2025-01-22 | Open5GS MME versions <= 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send a… |
CVE-2023-37015 | High | 8.6 | 2025-01-22 | Open5GS MME versions <= 2.6.4 contains an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send a… |
CVE-2024-39697 | High | 8.6 | 2024-07-09 | phonenumber is a library for parsing, formatting and validating international phone numbers. Since 0.3.4, the phonenumber parsing code may panic due to a panic… |