Total
868 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-10912 | 1 Redhat | 4 Jboss Single Sign On, Keycloak, Openshift Application Runtimes and 1 more | 2024-11-21 | 4.9 Medium |
| keycloak before version 4.0.0.final is vulnerable to a infinite loop in session replacement. A Keycloak cluster with multiple nodes could mishandle an expired session replacement and lead to an infinite loop. A malicious authenticated user could use this flaw to achieve Denial of Service on the server. | ||||
| CVE-2018-10546 | 5 Canonical, Debian, Netapp and 2 more | 5 Ubuntu Linux, Debian Linux, Storage Automation Store and 2 more | 2024-11-21 | N/A |
| An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. An infinite loop exists in ext/iconv/iconv.c because the iconv stream filter does not reject invalid multibyte sequences. | ||||
| CVE-2018-10289 | 2 Artifex, Debian | 2 Mupdf, Debian Linux | 2024-11-21 | 5.5 Medium |
| In MuPDF 1.13.0, there is an infinite loop in the fz_skip_space function of the pdf/pdf-xref.c file. A remote adversary could leverage this vulnerability to cause a denial of service via a crafted pdf file. | ||||
| CVE-2018-10177 | 3 Canonical, Imagemagick, Redhat | 3 Ubuntu Linux, Imagemagick, Enterprise Linux | 2024-11-21 | N/A |
| In ImageMagick 7.0.7-28, there is an infinite loop in the ReadOneMNGImage function of the coders/png.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted mng file. | ||||
| CVE-2018-1000864 | 2 Jenkins, Redhat | 3 Jenkins, Openshift, Openshift Container Platform | 2024-11-21 | N/A |
| A denial of service vulnerability exists in Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in CronTab.java that allows attackers with Overall/Read permission to have a request handling thread enter an infinite loop. | ||||
| CVE-2018-1000075 | 3 Debian, Redhat, Rubygems | 8 Debian Linux, Enterprise Linux, Rhel Aus and 5 more | 2024-11-21 | N/A |
| RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a infinite loop caused by negative size vulnerability in ruby gem package tar header that can result in a negative size could cause an infinite loop.. This vulnerability appears to have been fixed in 2.7.6. | ||||
| CVE-2017-3140 | 2 Isc, Netapp | 4 Bind, Data Ontap Edge, Element Software and 1 more | 2024-11-21 | N/A |
| If named is configured to use Response Policy Zones (RPZ) an error processing some rule types can lead to a condition where BIND will endlessly loop while handling a query. Affects BIND 9.9.10, 9.10.5, 9.11.0->9.11.1, 9.9.10-S1, 9.10.5-S1. | ||||
| CVE-2017-2670 | 2 Debian, Redhat | 6 Debian Linux, Enterprise Linux, Jboss Data Grid and 3 more | 2024-11-21 | N/A |
| It was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thread, effectively causing DoS. | ||||
| CVE-2017-2646 | 1 Redhat | 1 Keycloak | 2024-11-21 | N/A |
| It was found that when Keycloak before 2.5.5 receives a Logout request with a Extensions in the middle of the request, the SAMLSloRequestParser.parse() method ends in a infinite loop. An attacker could use this flaw to conduct denial of service attacks. | ||||
| CVE-2017-18361 | 1 Pylonsproject | 1 Colander | 2024-11-21 | N/A |
| In Pylons Colander through 1.6, the URL validator allows an attacker to potentially cause an infinite loop thereby causing a denial of service via an unclosed parenthesis. | ||||
| CVE-2017-18277 | 1 Qualcomm | 46 Mdm9206, Mdm9206 Firmware, Mdm9607 and 43 more | 2024-11-21 | N/A |
| When dynamic memory allocation fails, currently the process sleeps for one second and continues with infinite loop without retrying for memory allocation in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, QCN5502, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835. | ||||
| CVE-2017-18273 | 4 Canonical, Debian, Imagemagick and 1 more | 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more | 2024-11-21 | N/A |
| In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadTXTImage in coders/txt.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted image file that is mishandled in a GetImageIndexInList call. | ||||
| CVE-2017-18271 | 4 Canonical, Debian, Imagemagick and 1 more | 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more | 2024-11-21 | N/A |
| In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted MIFF image file. | ||||
| CVE-2017-18267 | 4 Canonical, Debian, Freedesktop and 1 more | 8 Ubuntu Linux, Debian Linux, Poppler and 5 more | 2024-11-21 | N/A |
| The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service (infinite recursion) via a crafted PDF file, as demonstrated by pdftops. | ||||
| CVE-2017-18261 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A |
| The arch_timer_reg_read_stable macro in arch/arm64/include/asm/arch_timer.h in the Linux kernel before 4.13 allows local users to cause a denial of service (infinite recursion) by writing to a file under /sys/kernel/debug in certain circumstances, as demonstrated by a scenario involving debugfs, ftrace, PREEMPT_TRACER, and FUNCTION_GRAPH_TRACER. | ||||
| CVE-2017-18257 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-11-21 | N/A |
| The __get_data_block function in fs/f2fs/data.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow and loop) via crafted use of the open and fallocate system calls with an FS_IOC_FIEMAP ioctl. | ||||
| CVE-2017-18238 | 3 Debian, Exempi Project, Redhat | 3 Debian Linux, Exempi, Enterprise Linux | 2024-11-21 | N/A |
| An issue was discovered in Exempi before 2.4.4. The TradQT_Manager::ParseCachedBoxes function in XMPFiles/source/FormatSupport/QuickTime_Support.cpp allows remote attackers to cause a denial of service (infinite loop) via crafted XMP data in a .qt file. | ||||
| CVE-2017-18236 | 4 Canonical, Debian, Exempi Project and 1 more | 4 Ubuntu Linux, Debian Linux, Exempi and 1 more | 2024-11-21 | N/A |
| An issue was discovered in Exempi before 2.4.4. The ASF_Support::ReadHeaderObject function in XMPFiles/source/FormatSupport/ASF_Support.cpp allows remote attackers to cause a denial of service (infinite loop) via a crafted .asf file. | ||||
| CVE-2017-18233 | 4 Canonical, Debian, Exempi Project and 1 more | 4 Ubuntu Linux, Debian Linux, Exempi and 1 more | 2024-11-21 | N/A |
| An issue was discovered in Exempi before 2.4.4. Integer overflow in the Chunk class in XMPFiles/source/FormatSupport/RIFF.cpp allows remote attackers to cause a denial of service (infinite loop) via crafted XMP data in a .avi file. | ||||
| CVE-2017-18208 | 2 Linux, Redhat | 8 Linux Kernel, Enterprise Linux, Enterprise Mrg and 5 more | 2024-11-21 | N/A |
| The madvise_willneed function in mm/madvise.c in the Linux kernel before 4.14.4 allows local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping. | ||||