Vulnerabilities (CVE)

Filtered by CWE-835
Total 471 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-17349 2 Debian, Xen 2 Debian Linux, Xen 2023-02-03 4.9 MEDIUM 5.5 MEDIUM
An issue was discovered in Xen through 4.12.x allowing Arm domU attackers to cause a denial of service (infinite loop) involving a LoadExcl or StoreExcl operation.
CVE-2019-17350 2 Debian, Xen 2 Debian Linux, Xen 2023-02-03 4.9 MEDIUM 5.5 MEDIUM
An issue was discovered in Xen through 4.12.x allowing Arm domU attackers to cause a denial of service (infinite loop) involving a compare-and-exchange operation.
CVE-2019-6638 1 F5 13 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 10 more 2023-02-03 4.0 MEDIUM 6.5 MEDIUM
On BIG-IP 14.1.0-14.1.0.5 and 14.0.0-14.0.0.4, Malformed http requests made to an undisclosed iControl REST endpoint can lead to infinite loop of the restjavad process.
CVE-2020-10675 2 Fedoraproject, Jsonparser Project 2 Fedora, Jsonparser 2023-02-03 5.0 MEDIUM 7.5 HIGH
The Library API in buger jsonparser through 2019-12-04 allows attackers to cause a denial of service (infinite loop) via a Delete call.
CVE-2022-42721 3 Debian, Fedoraproject, Linux 3 Debian Linux, Fedora, Linux Kernel 2023-02-03 N/A 5.5 MEDIUM
A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code.
CVE-2020-16845 4 Debian, Fedoraproject, Golang and 1 more 4 Debian Linux, Fedora, Go and 1 more 2023-02-03 5.0 MEDIUM 7.5 HIGH
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.
CVE-2020-15654 2 Canonical, Mozilla 4 Ubuntu Linux, Firefox, Firefox Esr and 1 more 2023-02-02 4.3 MEDIUM 6.5 MEDIUM
When in an endless loop, a website specifying a custom cursor using CSS could make it look like the user is interacting with the user interface, when they are not. This could lead to a perceived broken state, especially when interactions with existing browser dialogs and warnings do not work. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.
CVE-2021-3416 4 Debian, Fedoraproject, Qemu and 1 more 4 Debian Linux, Fedora, Qemu and 1 more 2023-02-02 2.1 LOW 6.0 MEDIUM
A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU process on the host resulting in DoS scenario.
CVE-2021-20257 4 Debian, Fedoraproject, Qemu and 1 more 8 Debian Linux, Fedora, Qemu and 5 more 2023-02-02 2.1 LOW 6.5 MEDIUM
An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits (tx) descriptors in process_tx_desc if various descriptor fields are initialized with invalid values. This flaw allows a guest to consume CPU cycles on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.
CVE-2019-3900 7 Canonical, Debian, Fedoraproject and 4 more 15 Ubuntu Linux, Debian Linux, Fedora and 12 more 2023-02-02 6.8 MEDIUM 7.7 HIGH
An infinite loop issue was found in the vhost_net kernel module while handling incoming packets in handle_rx(). The infinite loop could occur if one end sends packets faster than the other end can process them. A guest user, maybe a remote one, could use this flaw to stall the vhost_net kernel thread, resulting in a DoS scenario.
CVE-2019-3833 3 Fedoraproject, Opensuse, Openwsman Project 3 Fedora, Leap, Openwsman 2023-02-02 5.0 MEDIUM 7.5 HIGH
Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in process_connection() when parsing specially crafted HTTP requests. A remote, unauthenticated attacker can exploit this vulnerability by sending malicious HTTP request to cause denial of service to openwsman server.
CVE-2016-8910 4 Debian, Opensuse, Qemu and 1 more 6 Debian Linux, Leap, Qemu and 3 more 2023-02-02 2.1 LOW 6.0 MEDIUM
CVE-2016-8910 Qemu: net: rtl8139: infinite loop while transmit in C+ mode
CVE-2016-8909 4 Debian, Opensuse, Qemu and 1 more 6 Debian Linux, Leap, Qemu and 3 more 2023-02-02 2.1 LOW 6.0 MEDIUM
CVE-2016-8909 Qemu: audio: intel-hda: infinite loop in processing dma buffer stream
CVE-2017-7542 1 Linux 1 Linux Kernel 2023-02-02 4.9 MEDIUM 5.5 MEDIUM
An integer overflow vulnerability in ip6_find_1stfragopt() function was found. A local attacker that has privileges (of CAP_NET_RAW) to open raw socket can cause an infinite loop inside the ip6_find_1stfragopt() function.
CVE-2016-1981 2 Debian, Qemu 2 Debian Linux, Qemu 2023-02-02 2.1 LOW 5.5 MEDIUM
An infinite loop flaw was found in the way QEMU's e1000 NIC emulation implementation processed data using transmit or receive descriptors under certain conditions. A privileged user inside a guest could use this flaw to crash the QEMU instance.
CVE-2021-33642 1 Openeuler 1 Byacc 2023-02-02 N/A 7.5 HIGH
When a file is processed, an infinite loop occurs in next_inline() of the more_curly() function.
CVE-2009-2906 2 Canonical, Samba 2 Ubuntu Linux, Samba 2023-02-02 4.0 MEDIUM N/A
CVE-2009-2906 samba: infinite loop flaw in smbd on unexpected oplock break notification reply
CVE-2021-3737 6 Canonical, Fedoraproject, Netapp and 3 more 17 Ubuntu Linux, Fedora, Hci and 14 more 2023-02-02 7.1 HIGH 7.5 HIGH
A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability.
CVE-2021-42715 2 Fedoraproject, Nothings 2 Fedora, Stb Image.h 2023-02-01 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in stb stb_image.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An attacker could potentially have caused denial of service in applications using stb_image by submitting crafted HDR files.
CVE-2023-23617 2023-01-30 N/A N/A
OpenMage LTS is an e-commerce platform. Versions prior to 19.4.22 and 20.0.19 contain an infinite loop in malicious code filter in certain conditions. Versions 19.4.22 and 20.0.19 have a fix for this issue. There are no known workarounds.