Total
670 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-9094 | 1 Entropymine | 1 Imageworsener | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| The lzw_add_to_dict function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted image. | |||||
| CVE-2017-9352 | 1 Wireshark | 1 Wireshark | 2025-04-20 | 7.8 HIGH | 7.5 HIGH |
| In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bazaar dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by ensuring that backwards parsing cannot occur. | |||||
| CVE-2017-15223 | 1 Argosoft | 1 Mini Mail Server | 2025-04-20 | 5.0 MEDIUM | 5.3 MEDIUM |
| Denial-of-service vulnerability in ArGoSoft Mini Mail Server 1.0.0.2 and earlier allows remote attackers to waste CPU resources (memory consumption) via unspecified vectors, possibly triggering an infinite loop. | |||||
| CVE-2017-14519 | 1 Freedesktop | 1 Poppler | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| In Poppler 0.59.0, memory corruption occurs in a call to Object::streamGetChar in Object.h after a repeating series of Gfx::display, Gfx::go, Gfx::execOp, Gfx::opShowText, and Gfx::doShowText calls (aka a Gfx.cc infinite loop). | |||||
| CVE-2017-5973 | 3 Debian, Qemu, Redhat | 5 Debian Linux, Qemu, Enterprise Linux and 2 more | 2025-04-20 | 2.1 LOW | 5.5 MEDIUM |
| The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors related to control transfer descriptor sequence. | |||||
| CVE-2024-4854 | 2 Fedoraproject, Wireshark | 2 Fedora, Wireshark | 2025-04-18 | N/A | 6.4 MEDIUM |
| MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file | |||||
| CVE-2023-51075 | 1 Hutool | 1 Hutool | 2025-04-17 | N/A | 7.5 HIGH |
| hutool-core v5.8.23 was discovered to contain an infinite loop in the StrSplitter.splitByRegex function. This vulnerability allows attackers to cause a Denial of Service (DoS) via manipulation of the first two parameters. | |||||
| CVE-2023-53026 | 1 Linux | 1 Linux Kernel | 2025-04-15 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix ib block iterator counter overflow When registering a new DMA MR after selecting the best aligned page size for it, we iterate over the given sglist to split each entry to smaller, aligned to the selected page size, DMA blocks. In given circumstances where the sg entry and page size fit certain sizes and the sg entry is not aligned to the selected page size, the total size of the aligned pages we need to cover the sg entry is >= 4GB. Under this circumstances, while iterating page aligned blocks, the counter responsible for counting how much we advanced from the start of the sg entry is overflowed because its type is u32 and we pass 4GB in size. This can lead to an infinite loop inside the iterator function because the overflow prevents the counter to be larger than the size of the sg entry. Fix the presented problem by changing the advancement condition to eliminate overflow. Backtrace: [ 192.374329] efa_reg_user_mr_dmabuf [ 192.376783] efa_register_mr [ 192.382579] pgsz_bitmap 0xfffff000 rounddown 0x80000000 [ 192.386423] pg_sz [0x80000000] umem_length[0xc0000000] [ 192.392657] start 0x0 length 0xc0000000 params.page_shift 31 params.page_num 3 [ 192.399559] hp_cnt[3], pages_in_hp[524288] [ 192.403690] umem->sgt_append.sgt.nents[1] [ 192.407905] number entries: [1], pg_bit: [31] [ 192.411397] biter->__sg_nents [1] biter->__sg [0000000008b0c5d8] [ 192.415601] biter->__sg_advance [665837568] sg_dma_len[3221225472] [ 192.419823] biter->__sg_nents [1] biter->__sg [0000000008b0c5d8] [ 192.423976] biter->__sg_advance [2813321216] sg_dma_len[3221225472] [ 192.428243] biter->__sg_nents [1] biter->__sg [0000000008b0c5d8] [ 192.432397] biter->__sg_advance [665837568] sg_dma_len[3221225472] | |||||
| CVE-2020-35141 | 1 Faucet | 1 Ryu | 2025-04-15 | N/A | 7.5 HIGH |
| An issue was discovered in OFPQueueGetConfigReply in parser.py in Faucet SDN Ryu version 4.34, allows remote attackers to cause a denial of service (DoS) (infinite loop). | |||||
| CVE-2020-35139 | 1 Faucet | 1 Ryu | 2025-04-15 | N/A | 7.5 HIGH |
| An issue was discovered in OFPBundleCtrlMsg in parser.py in Faucet SDN Ryu version 4.34, allows remote attackers to cause a denial of service (DoS) (infinite loop). | |||||
| CVE-2024-28732 | 1 Facuet | 1 Ryu | 2025-04-15 | N/A | 7.5 HIGH |
| An issue was discovered in OFPMatch in parser.py in Faucet SDN Ryu version 4.34, allows remote attackers to cause a denial of service (DoS) (infinite loop). | |||||
| CVE-2024-34484 | 1 Facuet | 1 Ryu | 2025-04-15 | N/A | 5.3 MEDIUM |
| OFPBucket in parser.py in Faucet SDN Ryu 4.34 allows attackers to cause a denial of service (infinite loop) via action.len=0. | |||||
| CVE-2024-34487 | 1 Facuet | 1 Ryu | 2025-04-15 | N/A | 7.5 HIGH |
| OFPFlowStats in parser.py in Faucet SDN Ryu 4.34 allows attackers to cause a denial of service (infinite loop) via inst.length=0. | |||||
| CVE-2024-34488 | 1 Facuet | 1 Ryu | 2025-04-15 | N/A | 7.5 HIGH |
| OFPMultipartReply in parser.py in Faucet SDN Ryu 4.34 allows attackers to cause a denial of service (infinite loop) via b.length=0. | |||||
| CVE-2024-34489 | 1 Facuet | 1 Ryu | 2025-04-15 | N/A | 7.5 HIGH |
| OFPHello in parser.py in Faucet SDN Ryu 4.34 allows attackers to cause a denial of service (infinite loop) via length=0. | |||||
| CVE-2022-4104 | 1 Lepton Project | 1 Lepton | 2025-04-14 | N/A | 5.5 MEDIUM |
| A loop with an unreachable exit condition can be triggered by passing a crafted JPEG file to the Lepton image compression tool, resulting in a denial-of-service. | |||||
| CVE-2016-8910 | 4 Debian, Opensuse, Qemu and 1 more | 6 Debian Linux, Leap, Qemu and 3 more | 2025-04-12 | 2.1 LOW | 6.0 MEDIUM |
| The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) by leveraging failure to limit the ring descriptor count. | |||||
| CVE-2016-7909 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2025-04-12 | 4.9 MEDIUM | 4.4 MEDIUM |
| The pcnet_rdra_addr function in hw/net/pcnet.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by setting the (1) receive or (2) transmit descriptor ring length to 0. | |||||
| CVE-2016-8909 | 4 Debian, Opensuse, Qemu and 1 more | 6 Debian Linux, Leap, Qemu and 3 more | 2025-04-12 | 2.1 LOW | 6.0 MEDIUM |
| The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via an entry with the same value for buffer length and pointer position. | |||||
| CVE-2015-8558 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2025-04-12 | 4.9 MEDIUM | 5.5 MEDIUM |
| The ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular isochronous transfer descriptor (iTD) list. | |||||