Total
703 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-9122 | 1 Libquicktime | 1 Libquicktime | 2025-04-20 | 7.1 HIGH | 6.5 MEDIUM |
| The quicktime_read_moov function in moov.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted mp4 file. | |||||
| CVE-2017-15871 | 1 Serialize-to-js Project | 1 Serialize-to-js | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| The deserialize function in serialize-to-js through 1.1.1 allows attackers to cause a denial of service via vectors involving an Immediately Invoked Function Expression "function()" substring, as demonstrated by a "function(){console.log(" call or a simple infinite loop. NOTE: the vendor agrees that denial of service can occur but notes that deserialize is explicitly listed as "harmful" within the README.md file | |||||
| CVE-2017-6014 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2025-04-20 | 7.8 HIGH | 7.5 HIGH |
| In Wireshark 2.2.4 and earlier, a crafted or malformed STANAG 4607 capture file will cause an infinite loop and memory exhaustion. If the packet size field in a packet header is null, the offset to read from will not advance, causing continuous attempts to read the same zero length packet. This will quickly exhaust all system memory. | |||||
| CVE-2016-4970 | 3 Apache, Netty, Redhat | 4 Cassandra, Netty, Jboss Data Grid and 1 more | 2025-04-20 | 7.8 HIGH | 7.5 HIGH |
| handler/ssl/OpenSslEngine.java in Netty 4.0.x before 4.0.37.Final and 4.1.x before 4.1.1.Final allows remote attackers to cause a denial of service (infinite loop). | |||||
| CVE-2017-11338 | 1 Exiv2 | 1 Exiv2 | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| There is an infinite loop in the Exiv2::Image::printIFDStructure function of image.cpp in Exiv2 0.26. A crafted input will lead to a remote denial of service attack. | |||||
| CVE-2017-10986 | 1 Freeradius | 1 Freeradius | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| An FR-GV-303 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - Infinite read in dhcp_attr2vp()" and a denial of service. | |||||
| CVE-2017-6056 | 2 Canonical, Debian | 2 Ubuntu Linux, Debian Linux | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| It was discovered that a programming error in the processing of HTTPS requests in the Apache Tomcat servlet and JSP engine may result in denial of service via an infinite loop. The denial of service is easily achievable as a consequence of backporting a CVE-2016-6816 fix but not backporting the fix for Tomcat bug 57544. Distributions affected by this backporting issue include Debian (before 7.0.56-3+deb8u8 and 8.0.14-1+deb8u7 in jessie) and Ubuntu. | |||||
| CVE-2017-6474 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a NetScaler file parser infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by validating record sizes. | |||||
| CVE-2017-8871 | 2 Gnome, Opensuse | 2 Libcroco, Leap | 2025-04-20 | 7.1 HIGH | 6.5 MEDIUM |
| The cr_parser_parse_selector_core function in cr-parser.c in libcroco 0.6.12 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted CSS file. | |||||
| CVE-2020-35141 | 1 Faucet | 1 Ryu | 2025-04-15 | N/A | 7.5 HIGH |
| An issue was discovered in OFPQueueGetConfigReply in parser.py in Faucet SDN Ryu version 4.34, allows remote attackers to cause a denial of service (DoS) (infinite loop). | |||||
| CVE-2020-35139 | 1 Faucet | 1 Ryu | 2025-04-15 | N/A | 7.5 HIGH |
| An issue was discovered in OFPBundleCtrlMsg in parser.py in Faucet SDN Ryu version 4.34, allows remote attackers to cause a denial of service (DoS) (infinite loop). | |||||
| CVE-2024-28732 | 1 Facuet | 1 Ryu | 2025-04-15 | N/A | 7.5 HIGH |
| An issue was discovered in OFPMatch in parser.py in Faucet SDN Ryu version 4.34, allows remote attackers to cause a denial of service (DoS) (infinite loop). | |||||
| CVE-2024-34484 | 1 Facuet | 1 Ryu | 2025-04-15 | N/A | 5.3 MEDIUM |
| OFPBucket in parser.py in Faucet SDN Ryu 4.34 allows attackers to cause a denial of service (infinite loop) via action.len=0. | |||||
| CVE-2024-34487 | 1 Facuet | 1 Ryu | 2025-04-15 | N/A | 7.5 HIGH |
| OFPFlowStats in parser.py in Faucet SDN Ryu 4.34 allows attackers to cause a denial of service (infinite loop) via inst.length=0. | |||||
| CVE-2024-34488 | 1 Facuet | 1 Ryu | 2025-04-15 | N/A | 7.5 HIGH |
| OFPMultipartReply in parser.py in Faucet SDN Ryu 4.34 allows attackers to cause a denial of service (infinite loop) via b.length=0. | |||||
| CVE-2024-34489 | 1 Facuet | 1 Ryu | 2025-04-15 | N/A | 7.5 HIGH |
| OFPHello in parser.py in Faucet SDN Ryu 4.34 allows attackers to cause a denial of service (infinite loop) via length=0. | |||||
| CVE-2022-4104 | 1 Lepton Project | 1 Lepton | 2025-04-14 | N/A | 5.5 MEDIUM |
| A loop with an unreachable exit condition can be triggered by passing a crafted JPEG file to the Lepton image compression tool, resulting in a denial-of-service. | |||||
| CVE-2016-9776 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2025-04-12 | 2.1 LOW | 5.5 MEDIUM |
| QEMU (aka Quick Emulator) built with the ColdFire Fast Ethernet Controller emulator support is vulnerable to an infinite loop issue. It could occur while receiving packets in 'mcf_fec_receive'. A privileged user/process inside guest could use this issue to crash the QEMU process on the host leading to DoS. | |||||
| CVE-2016-7908 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2025-04-12 | 2.1 LOW | 4.4 MEDIUM |
| The mcf_fec_do_tx function in hw/net/mcf_fec.c in QEMU (aka Quick Emulator) does not properly limit the buffer descriptor count when transmitting packets, which allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via vectors involving a buffer descriptor with a length of 0 and crafted values in bd.flags. | |||||
| CVE-2016-4453 | 3 Canonical, Debian, Qemu | 3 Ubuntu Linux, Debian Linux, Qemu | 2025-04-12 | 4.9 MEDIUM | 4.4 MEDIUM |
| The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a VGA command. | |||||