Total
655 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-15835 | 1 Google | 1 Android | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
| In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, While processing the RIC Data Descriptor IE in an artificially crafted 802.11 frame with IE length more than 255, an infinite loop may potentially occur resulting in a denial of service. | |||||
| CVE-2017-13195 | 1 Google | 1 Android | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| In the ihevcd_parse_sps function of ihevcd_parse_headers.c, several parameter values could be negative which could lead to negative indexes which could lead to an infinite loop. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-65398821. | |||||
| CVE-2017-13193 | 1 Google | 1 Android | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| In ihevcd_decode.c there is a possible infinite loop due to bytes for an sps of unsupported resolution resulting in the same sps being fed in over and over. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-65718319. | |||||
| CVE-2017-13192 | 1 Google | 1 Android | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| In the ihevcd_parse_slice_header function of ihevcd_parse_slice_header.c a slice address of zero after the first slice could result in an infinite loop. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-64380202. | |||||
| CVE-2017-13191 | 1 Google | 1 Android | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| In the ihevcd_decode function of ihevcd_decode.c, there is an infinite loop due to an incomplete frame error. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-64380403. | |||||
| CVE-2017-12626 | 1 Apache | 1 Poi | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Apache POI in versions prior to release 3.17 are vulnerable to Denial of Service Attacks: 1) Infinite Loops while parsing crafted WMF, EMF, MSG and macros (POI bugs 61338 and 61294), and 2) Out of Memory Exceptions while parsing crafted DOC, PPT and XLS (POI bugs 52372 and 61295). | |||||
| CVE-2017-12412 | 1 Ccn-lite | 1 Ccn-lite | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| ccn-lite-ccnb2xml in CCN-lite before 2.0.0 allows context-dependent attackers to have unspecified impact via a crafted file, which triggers infinite recursion and a stack overflow. | |||||
| CVE-2016-9581 | 1 Uclouvain | 1 Openjpeg | 2024-11-21 | 6.8 MEDIUM | 3.3 LOW |
| An infinite loop vulnerability in tiftoimage that results in heap buffer overflow in convert_32s_C1P1 was found in openjpeg 2.1.2. | |||||
| CVE-2015-6815 | 7 Arista, Canonical, Fedoraproject and 4 more | 11 Eos, Ubuntu Linux, Fedora and 8 more | 2024-11-21 | 2.7 LOW | 3.5 LOW |
| The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service (infinite loop and guest crash) via unspecified vectors. | |||||
| CVE-2015-5694 | 3 Debian, Openstack, Redhat | 3 Debian Linux, Designate, Enterprise Linux Openstack Platform | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Designate does not enforce the DNS protocol limit concerning record set sizes | |||||
| CVE-2015-5278 | 4 Arista, Canonical, Fedoraproject and 1 more | 4 Eos, Ubuntu Linux, Fedora and 1 more | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| The ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a denial of service (infinite loop and instance crash) or possibly execute arbitrary code via vectors related to receiving packets. | |||||
| CVE-2015-5239 | 5 Arista, Canonical, Fedoraproject and 2 more | 8 Eos, Ubuntu Linux, Fedora and 5 more | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop. | |||||
| CVE-2015-10103 | 1 Forget It Project | 1 Forget It | 2024-11-21 | 1.7 LOW | 2.8 LOW |
| A vulnerability, which was classified as problematic, was found in InternalError503 Forget It up to 1.3. This affects an unknown part of the file js/settings.js. The manipulation of the argument setForgetTime with the input 0 leads to infinite loop. It is possible to launch the attack on the local host. Upgrading to version 1.4 is able to address this issue. The patch is named adf0c7fd59b9c935b4fd675c556265620124999c. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-226119. | |||||
| CVE-2014-8561 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| imagemagick 6.8.9.6 has remote DOS via infinite loop | |||||
| CVE-2014-0148 | 2 Qemu, Redhat | 9 Qemu, Enterprise Linux Desktop, Enterprise Linux Eus and 6 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| Qemu before 2.0 block driver for Hyper-V VHDX Images is vulnerable to infinite loops and other potential issues when calculating BAT entries, due to missing bounds checks for block_size and logical_sector_size variables. These are used to derive other fields like 'sectors_per_block' etc. A user able to alter the Qemu disk image could ise this flaw to crash the Qemu instance resulting in DoS. | |||||
| CVE-2013-7488 | 2 Convert\, Fedoraproject | 2 \, Fedora | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| perl-Convert-ASN1 (aka the Convert::ASN1 module for Perl) through 0.27 allows remote attackers to cause an infinite loop via unexpected input. | |||||
| CVE-2013-3722 | 1 Opensips | 1 Opensips | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A Denial of Service (infinite loop) exists in OpenSIPS before 1.10 in lookup.c. | |||||
| CVE-2011-1474 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| A locally locally exploitable DOS vulnerability was found in pax-linux versions 2.6.32.33-test79.patch, 2.6.38-test3.patch, and 2.6.37.4-test14.patch. A bad bounds check in arch_get_unmapped_area_topdown triggered by programs doing an mmap after a MAP_GROWSDOWN mmap will create an infinite loop condition without releasing the VM semaphore eventually leading to a system crash. | |||||
| CVE-2010-0207 | 2 Debian, Xpdfreader | 2 Debian Linux, Xpdf | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| In xpdf, the xref table contains an infinite loop which allows remote attackers to cause a denial of service (application crash) in xpdf-based PDF viewers. | |||||
| CVE-2024-50321 | 1 Ivanti | 1 Avalanche | 2024-11-18 | N/A | 7.5 HIGH |
| An infinite loop in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service. | |||||