Total
471 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-17349 | 2 Debian, Xen | 2 Debian Linux, Xen | 2023-02-03 | 4.9 MEDIUM | 5.5 MEDIUM |
An issue was discovered in Xen through 4.12.x allowing Arm domU attackers to cause a denial of service (infinite loop) involving a LoadExcl or StoreExcl operation. | |||||
CVE-2019-17350 | 2 Debian, Xen | 2 Debian Linux, Xen | 2023-02-03 | 4.9 MEDIUM | 5.5 MEDIUM |
An issue was discovered in Xen through 4.12.x allowing Arm domU attackers to cause a denial of service (infinite loop) involving a compare-and-exchange operation. | |||||
CVE-2019-6638 | 1 F5 | 13 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 10 more | 2023-02-03 | 4.0 MEDIUM | 6.5 MEDIUM |
On BIG-IP 14.1.0-14.1.0.5 and 14.0.0-14.0.0.4, Malformed http requests made to an undisclosed iControl REST endpoint can lead to infinite loop of the restjavad process. | |||||
CVE-2020-10675 | 2 Fedoraproject, Jsonparser Project | 2 Fedora, Jsonparser | 2023-02-03 | 5.0 MEDIUM | 7.5 HIGH |
The Library API in buger jsonparser through 2019-12-04 allows attackers to cause a denial of service (infinite loop) via a Delete call. | |||||
CVE-2022-42721 | 3 Debian, Fedoraproject, Linux | 3 Debian Linux, Fedora, Linux Kernel | 2023-02-03 | N/A | 5.5 MEDIUM |
A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code. | |||||
CVE-2020-16845 | 4 Debian, Fedoraproject, Golang and 1 more | 4 Debian Linux, Fedora, Go and 1 more | 2023-02-03 | 5.0 MEDIUM | 7.5 HIGH |
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs. | |||||
CVE-2020-15654 | 2 Canonical, Mozilla | 4 Ubuntu Linux, Firefox, Firefox Esr and 1 more | 2023-02-02 | 4.3 MEDIUM | 6.5 MEDIUM |
When in an endless loop, a website specifying a custom cursor using CSS could make it look like the user is interacting with the user interface, when they are not. This could lead to a perceived broken state, especially when interactions with existing browser dialogs and warnings do not work. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1. | |||||
CVE-2021-3416 | 4 Debian, Fedoraproject, Qemu and 1 more | 4 Debian Linux, Fedora, Qemu and 1 more | 2023-02-02 | 2.1 LOW | 6.0 MEDIUM |
A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU process on the host resulting in DoS scenario. | |||||
CVE-2021-20257 | 4 Debian, Fedoraproject, Qemu and 1 more | 8 Debian Linux, Fedora, Qemu and 5 more | 2023-02-02 | 2.1 LOW | 6.5 MEDIUM |
An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits (tx) descriptors in process_tx_desc if various descriptor fields are initialized with invalid values. This flaw allows a guest to consume CPU cycles on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability. | |||||
CVE-2019-3900 | 7 Canonical, Debian, Fedoraproject and 4 more | 15 Ubuntu Linux, Debian Linux, Fedora and 12 more | 2023-02-02 | 6.8 MEDIUM | 7.7 HIGH |
An infinite loop issue was found in the vhost_net kernel module while handling incoming packets in handle_rx(). The infinite loop could occur if one end sends packets faster than the other end can process them. A guest user, maybe a remote one, could use this flaw to stall the vhost_net kernel thread, resulting in a DoS scenario. | |||||
CVE-2019-3833 | 3 Fedoraproject, Opensuse, Openwsman Project | 3 Fedora, Leap, Openwsman | 2023-02-02 | 5.0 MEDIUM | 7.5 HIGH |
Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in process_connection() when parsing specially crafted HTTP requests. A remote, unauthenticated attacker can exploit this vulnerability by sending malicious HTTP request to cause denial of service to openwsman server. | |||||
CVE-2016-8910 | 4 Debian, Opensuse, Qemu and 1 more | 6 Debian Linux, Leap, Qemu and 3 more | 2023-02-02 | 2.1 LOW | 6.0 MEDIUM |
CVE-2016-8910 Qemu: net: rtl8139: infinite loop while transmit in C+ mode | |||||
CVE-2016-8909 | 4 Debian, Opensuse, Qemu and 1 more | 6 Debian Linux, Leap, Qemu and 3 more | 2023-02-02 | 2.1 LOW | 6.0 MEDIUM |
CVE-2016-8909 Qemu: audio: intel-hda: infinite loop in processing dma buffer stream | |||||
CVE-2017-7542 | 1 Linux | 1 Linux Kernel | 2023-02-02 | 4.9 MEDIUM | 5.5 MEDIUM |
An integer overflow vulnerability in ip6_find_1stfragopt() function was found. A local attacker that has privileges (of CAP_NET_RAW) to open raw socket can cause an infinite loop inside the ip6_find_1stfragopt() function. | |||||
CVE-2016-1981 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2023-02-02 | 2.1 LOW | 5.5 MEDIUM |
An infinite loop flaw was found in the way QEMU's e1000 NIC emulation implementation processed data using transmit or receive descriptors under certain conditions. A privileged user inside a guest could use this flaw to crash the QEMU instance. | |||||
CVE-2021-33642 | 1 Openeuler | 1 Byacc | 2023-02-02 | N/A | 7.5 HIGH |
When a file is processed, an infinite loop occurs in next_inline() of the more_curly() function. | |||||
CVE-2009-2906 | 2 Canonical, Samba | 2 Ubuntu Linux, Samba | 2023-02-02 | 4.0 MEDIUM | N/A |
CVE-2009-2906 samba: infinite loop flaw in smbd on unexpected oplock break notification reply | |||||
CVE-2021-3737 | 6 Canonical, Fedoraproject, Netapp and 3 more | 17 Ubuntu Linux, Fedora, Hci and 14 more | 2023-02-02 | 7.1 HIGH | 7.5 HIGH |
A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability. | |||||
CVE-2021-42715 | 2 Fedoraproject, Nothings | 2 Fedora, Stb Image.h | 2023-02-01 | 4.3 MEDIUM | 5.5 MEDIUM |
An issue was discovered in stb stb_image.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An attacker could potentially have caused denial of service in applications using stb_image by submitting crafted HDR files. | |||||
CVE-2023-23617 | 2023-01-30 | N/A | N/A | ||
OpenMage LTS is an e-commerce platform. Versions prior to 19.4.22 and 20.0.19 contain an infinite loop in malicious code filter in certain conditions. Versions 19.4.22 and 20.0.19 have a fix for this issue. There are no known workarounds. |