Total
581 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-9208 | 2 Canonical, Qpdf Project | 2 Ubuntu Linux, Qpdf | 2019-10-03 | N/A |
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, related to releaseResolved functions, aka qpdf-infiniteloop1. | ||||
CVE-2017-9209 | 2 Canonical, Qpdf Project | 2 Ubuntu Linux, Qpdf | 2019-10-03 | N/A |
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, related to QPDFObjectHandle::parseInternal, aka qpdf-infiniteloop2. | ||||
CVE-2017-9210 | 2 Canonical, Qpdf Project | 2 Ubuntu Linux, Qpdf | 2019-10-03 | N/A |
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, related to unparse functions, aka qpdf-infiniteloop3. | ||||
CVE-2018-20348 | 1 Libpff Project | 1 Libpff | 2019-10-03 | N/A |
libpff_item_tree_create_node in libpff_item_tree.c in libpff before experimental-20180714 allows attackers to cause a denial of service (infinite recursion) via a crafted file, related to libfdata_tree_get_node_value in libfdata_tree.c. | ||||
CVE-2017-9222 | 1 Audiocoding | 1 Freeware Advanced Audio Decoder 2 | 2019-10-03 | N/A |
The mp4ff_parse_tag function in common/mp4ff/mp4meta.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted mp4 file. | ||||
CVE-2017-9258 | 1 Surina | 1 Soundtouch | 2019-10-03 | N/A |
The TDStretch::processSamples function in source/SoundTouch/TDStretch.cpp in SoundTouch 1.9.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted wav file. | ||||
CVE-2018-1999012 | 1 Ffmpeg | 1 Ffmpeg | 2019-10-03 | N/A |
FFmpeg before commit 9807d3976be0e92e4ece3b4b1701be894cd7c2e1 contains a CWE-835: Infinite loop vulnerability in pva format demuxer that can result in a Vulnerability that allows attackers to consume excessive amount of resources like CPU and RAM. This attack appear to be exploitable via specially crafted PVA file has to be provided as input. This vulnerability appears to have been fixed in 9807d3976be0e92e4ece3b4b1701be894cd7c2e1 and later. | ||||
CVE-2017-9358 | 1 Asterisk | 2 Certified Asterisk, Open Source | 2019-10-03 | N/A |
A memory exhaustion vulnerability exists in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1 and Certified Asterisk 13.13 before 13.13-cert4, which can be triggered by sending specially crafted SCCP packets causing an infinite loop and leading to memory exhaustion (by message logging in that loop). | ||||
CVE-2018-18915 | 1 Exiv2 | 1 Exiv2 | 2019-10-03 | N/A |
There is an infinite loop in the Exiv2::Image::printIFDStructure function of image.cpp in Exiv2 0.27-RC1. A crafted input will lead to a remote denial of service attack. | ||||
CVE-2018-1000864 | 2 Jenkins, Redhat | 2 Jenkins, Openshift Container Platform | 2019-10-03 | N/A |
A denial of service vulnerability exists in Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in CronTab.java that allows attackers with Overall/Read permission to have a request handling thread enter an infinite loop. | ||||
CVE-2018-12913 | 1 Miniz Project | 1 Miniz | 2019-10-03 | N/A |
In Miniz 2.0.7, tinfl_decompress in miniz_tinfl.c has an infinite loop because sym2 and counter can both remain equal to zero. | ||||
CVE-2018-10546 | 4 Canonical, Debian, Netapp and 1 more | 4 Ubuntu Linux, Debian Linux, Storage Automation Store and 1 more | 2019-10-03 | N/A |
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. An infinite loop exists in ext/iconv/iconv.c because the iconv stream filter does not reject invalid multibyte sequences. | ||||
CVE-2018-18385 | 1 Asciidoctor | 1 Asciidoctor | 2019-10-03 | N/A |
Asciidoctor in versions < 1.5.8 allows remote attackers to cause a denial of service (infinite loop). The loop was caused by the fact that Parser.next_block was not exhausting all the lines in the reader as the while loop expected it would. This was happening because the regular expression that detects any list was not agreeing with the regular expression that detects a specific list type. So the line kept getting pushed back onto the reader, hence causing the loop. | ||||
CVE-2018-17042 | 1 Scalabium | 1 Dbf2txt | 2019-10-03 | N/A |
An issue has been found in dbf2txt through 2012-07-19. It is a infinite loop. | ||||
CVE-2018-10938 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2019-10-03 | N/A |
A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A certain non-default configuration of LSM (Linux Security Module) and NetLabel should be set up on a system before an attacker could leverage this flaw. | ||||
CVE-2018-10981 | 2 Debian, Xen | 2 Debian Linux, Xen | 2019-10-03 | N/A |
An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (host OS infinite loop) in situations where a QEMU device model attempts to make invalid transitions between states of a request. | ||||
CVE-2018-15856 | 2 Canonical, Xkbcommon | 2 Ubuntu Linux, Xkbcommon | 2019-10-03 | N/A |
An infinite loop when reaching EOL unexpectedly in compose/parser.c (aka the keymap parser) in xkbcommon before 0.8.1 could be used by local attackers to cause a denial of service during parsing of crafted keymap files. | ||||
CVE-2018-14445 | 1 Axiosys | 1 Bento4 | 2019-10-03 | N/A |
In Bento4 v1.5.1-624, AP4_File::ParseStream in Ap4File.cpp allows remote attackers to cause a denial of service (infinite loop) via a crafted MP4 file. | ||||
CVE-2018-12228 | 1 Asterisk | 1 Open Source | 2019-10-03 | N/A |
An issue was discovered in Asterisk Open Source 15.x before 15.4.1. When connected to Asterisk via TCP/TLS, if the client abruptly disconnects, or sends a specially crafted message, then Asterisk gets caught in an infinite loop while trying to read the data stream. This renders the system unusable. | ||||
CVE-2018-14347 | 2 Debian, Gnu | 2 Debian Linux, Libextractor | 2019-10-03 | N/A |
GNU Libextractor before 1.7 contains an infinite loop vulnerability in EXTRACTOR_mpeg_extract_method (mpeg_extractor.c). |