Total
717 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-9094 | 1 Entropymine | 1 Imageworsener | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| The lzw_add_to_dict function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted image. | |||||
| CVE-2017-11171 | 1 Gnome | 1 Gnome-session | 2025-04-20 | 4.9 MEDIUM | 5.5 MEDIUM |
| Bad reference counting in the context of accept_ice_connection() in gsm-xsmp-server.c in old versions of gnome-session up until version 2.29.92 allows a local attacker to establish ICE connections to gnome-session with invalid authentication data (an invalid magic cookie). Each failed authentication attempt will leak a file descriptor in gnome-session. When the maximum number of file descriptors is exhausted in the gnome-session process, it will enter an infinite loop trying to communicate without success, consuming 100% of the CPU. The graphical session associated with the gnome-session process will stop working correctly, because communication with gnome-session is no longer possible. | |||||
| CVE-2017-9023 | 1 Strongswan | 1 Strongswan | 2025-04-20 | 4.3 MEDIUM | 7.5 HIGH |
| The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE types when the x509 plugin is enabled, which allows remote attackers to cause a denial of service (infinite loop) via a crafted certificate. | |||||
| CVE-2017-12852 | 1 Numpy | 1 Numpy | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| The numpy.pad function in Numpy 1.13.1 and older versions is missing input validation. An empty list or ndarray will stick into an infinite loop, which can allow attackers to cause a DoS attack. | |||||
| CVE-2020-35139 | 1 Faucet | 1 Ryu | 2025-04-15 | N/A | 7.5 HIGH |
| An issue was discovered in OFPBundleCtrlMsg in parser.py in Faucet SDN Ryu version 4.34, allows remote attackers to cause a denial of service (DoS) (infinite loop). | |||||
| CVE-2020-35141 | 1 Faucet | 1 Ryu | 2025-04-15 | N/A | 7.5 HIGH |
| An issue was discovered in OFPQueueGetConfigReply in parser.py in Faucet SDN Ryu version 4.34, allows remote attackers to cause a denial of service (DoS) (infinite loop). | |||||
| CVE-2024-28732 | 1 Facuet | 1 Ryu | 2025-04-15 | N/A | 7.5 HIGH |
| An issue was discovered in OFPMatch in parser.py in Faucet SDN Ryu version 4.34, allows remote attackers to cause a denial of service (DoS) (infinite loop). | |||||
| CVE-2024-34484 | 1 Facuet | 1 Ryu | 2025-04-15 | N/A | 5.3 MEDIUM |
| OFPBucket in parser.py in Faucet SDN Ryu 4.34 allows attackers to cause a denial of service (infinite loop) via action.len=0. | |||||
| CVE-2024-34487 | 1 Facuet | 1 Ryu | 2025-04-15 | N/A | 7.5 HIGH |
| OFPFlowStats in parser.py in Faucet SDN Ryu 4.34 allows attackers to cause a denial of service (infinite loop) via inst.length=0. | |||||
| CVE-2024-34488 | 1 Facuet | 1 Ryu | 2025-04-15 | N/A | 7.5 HIGH |
| OFPMultipartReply in parser.py in Faucet SDN Ryu 4.34 allows attackers to cause a denial of service (infinite loop) via b.length=0. | |||||
| CVE-2024-34489 | 1 Facuet | 1 Ryu | 2025-04-15 | N/A | 7.5 HIGH |
| OFPHello in parser.py in Faucet SDN Ryu 4.34 allows attackers to cause a denial of service (infinite loop) via length=0. | |||||
| CVE-2022-4104 | 1 Lepton Project | 1 Lepton | 2025-04-14 | N/A | 5.5 MEDIUM |
| A loop with an unreachable exit condition can be triggered by passing a crafted JPEG file to the Lepton image compression tool, resulting in a denial-of-service. | |||||
| CVE-2016-9776 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2025-04-12 | 2.1 LOW | 5.5 MEDIUM |
| QEMU (aka Quick Emulator) built with the ColdFire Fast Ethernet Controller emulator support is vulnerable to an infinite loop issue. It could occur while receiving packets in 'mcf_fec_receive'. A privileged user/process inside guest could use this issue to crash the QEMU process on the host leading to DoS. | |||||
| CVE-2015-8785 | 2 Linux, Suse | 2 Linux Kernel, Linux Enterprise Real Time Extension | 2025-04-12 | 4.9 MEDIUM | 6.2 MEDIUM |
| The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel before 4.4 allows local users to cause a denial of service (infinite loop) via a writev system call that triggers a zero length for the first segment of an iov. | |||||
| CVE-2016-1981 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2025-04-12 | 2.1 LOW | 5.5 MEDIUM |
| QEMU (aka Quick Emulator) built with the e1000 NIC emulation support is vulnerable to an infinite loop issue. It could occur while processing data via transmit or receive descriptors, provided the initial receive/transmit descriptor head (TDH/RDH) is set outside the allocated descriptor buffer. A privileged user inside guest could use this flaw to crash the QEMU instance resulting in DoS. | |||||
| CVE-2016-8909 | 4 Debian, Opensuse, Qemu and 1 more | 6 Debian Linux, Leap, Qemu and 3 more | 2025-04-12 | 2.1 LOW | 6.0 MEDIUM |
| The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via an entry with the same value for buffer length and pointer position. | |||||
| CVE-2015-8558 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2025-04-12 | 4.9 MEDIUM | 5.5 MEDIUM |
| The ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular isochronous transfer descriptor (iTD) list. | |||||
| CVE-2016-4453 | 3 Canonical, Debian, Qemu | 3 Ubuntu Linux, Debian Linux, Qemu | 2025-04-12 | 4.9 MEDIUM | 4.4 MEDIUM |
| The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a VGA command. | |||||
| CVE-2016-8910 | 4 Debian, Opensuse, Qemu and 1 more | 6 Debian Linux, Leap, Qemu and 3 more | 2025-04-12 | 2.1 LOW | 6.0 MEDIUM |
| The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) by leveraging failure to limit the ring descriptor count. | |||||
| CVE-2016-7909 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2025-04-12 | 4.9 MEDIUM | 4.4 MEDIUM |
| The pcnet_rdra_addr function in hw/net/pcnet.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by setting the (1) receive or (2) transmit descriptor ring length to 0. | |||||