Total
717 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-40675 | 1 Google | 1 Android | 2025-04-22 | N/A | 7.5 HIGH |
| In parseUriInternal of Intent.java, there is a possible infinite loop due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2022-33238 | 1 Qualcomm | 568 Apq8009, Apq8009 Firmware, Apq8017 and 565 more | 2025-04-22 | N/A | 7.5 HIGH |
| Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2017-6474 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a NetScaler file parser infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by validating record sizes. | |||||
| CVE-2017-11625 | 1 Qpdf Project | 1 Qpdf | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDF::resolveObjectsInStream function in QPDF.cc, aka an "infinite loop." | |||||
| CVE-2017-13756 | 2 Debian, Sleuthkit | 2 Debian Linux, The Sleuth Kit | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| In The Sleuth Kit (TSK) 4.4.2, opening a crafted disk image triggers infinite recursion in dos_load_ext_table() in tsk/vs/dos.c in libtskvs.a, as demonstrated by mmls. | |||||
| CVE-2017-7702 | 1 Wireshark | 1 Wireshark | 2025-04-20 | 7.8 HIGH | 7.5 HIGH |
| In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding length validation. | |||||
| CVE-2017-14229 | 1 Jasper Project | 1 Jasper | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| There is an infinite loop in the jpc_dec_tileinit function in jpc/jpc_dec.c of Jasper 2.0.13. It will lead to a remote denial of service attack. | |||||
| CVE-2017-9210 | 2 Canonical, Qpdf Project | 2 Ubuntu Linux, Qpdf | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, related to unparse functions, aka qpdf-infiniteloop3. | |||||
| CVE-2017-14741 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| The ReadCAPTIONImage function in coders/caption.c in ImageMagick 7.0.7-3 allows remote attackers to cause a denial of service (infinite loop) via a crafted font file. | |||||
| CVE-2017-17044 | 1 Xen | 1 Xen | 2025-04-20 | 4.9 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to cause a denial of service (infinite loop and host OS hang) by leveraging the mishandling of Populate on Demand (PoD) errors. | |||||
| CVE-2015-8903 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted VICAR file. | |||||
| CVE-2017-15024 | 1 Gnu | 1 Binutils | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| find_abstract_instance_name in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file. | |||||
| CVE-2017-6267 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2025-04-20 | 4.9 MEDIUM | 5.5 MEDIUM |
| NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where an incorrect initialization of internal objects can cause an infinite loop which may lead to a denial of service. | |||||
| CVE-2017-7542 | 1 Linux | 1 Linux Kernel | 2025-04-20 | 4.9 MEDIUM | 5.5 MEDIUM |
| The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket. | |||||
| CVE-2017-9330 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2025-04-20 | 1.9 LOW | 5.6 MEDIUM |
| QEMU (aka Quick Emulator) before 2.9.0, when built with the USB OHCI Emulation support, allows local guest OS users to cause a denial of service (infinite loop) by leveraging an incorrect return value, a different vulnerability than CVE-2017-6505. | |||||
| CVE-2017-9349 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2025-04-20 | 7.8 HIGH | 7.5 HIGH |
| In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DICOM dissector has an infinite loop. This was addressed in epan/dissectors/packet-dcm.c by validating a length value. | |||||
| CVE-2017-7704 | 1 Wireshark | 1 Wireshark | 2025-04-20 | 7.8 HIGH | 7.5 HIGH |
| In Wireshark 2.2.0 to 2.2.5, the DOF dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dof.c by using a different integer data type and adjusting a return value. | |||||
| CVE-2017-14519 | 1 Freedesktop | 1 Poppler | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| In Poppler 0.59.0, memory corruption occurs in a call to Object::streamGetChar in Object.h after a repeating series of Gfx::display, Gfx::go, Gfx::execOp, Gfx::opShowText, and Gfx::doShowText calls (aka a Gfx.cc infinite loop). | |||||
| CVE-2017-2417 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "CoreGraphics" component. It allows remote attackers to cause a denial of service (infinite recursion) via a crafted image. | |||||
| CVE-2017-8112 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2025-04-20 | 4.9 MEDIUM | 6.5 MEDIUM |
| hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and CPU consumption) via the message ring page count. | |||||