Total
310 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-7515 | 1 Freedesktop | 1 Poppler | 2024-11-21 | N/A |
| poppler through version 0.55.0 is vulnerable to an uncontrolled recursion in pdfunite resulting into potential denial-of-service. | ||||
| CVE-2017-6181 | 1 Ruby-lang | 1 Ruby | 2024-11-21 | N/A |
| The parse_char_class function in regparse.c in the Onigmo (aka Oniguruma-mod) regular expression library, as used in Ruby 2.4.0, allows remote attackers to cause a denial of service (deep recursion and application crash) via a crafted regular expression. | ||||
| CVE-2017-5950 | 1 Yaml-cpp Project | 1 Yaml-cpp | 2024-11-21 | N/A |
| The SingleDocParser::HandleNode function in yaml-cpp (aka LibYaml-C++) 0.5.3 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file. | ||||
| CVE-2017-5839 | 2 Gstreamer Project, Redhat | 2 Gstreamer, Enterprise Linux | 2024-11-21 | N/A |
| The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 does not properly limit recursion, which allows remote attackers to cause a denial of service (stack overflow and crash) via vectors involving nested WAVEFORMATEX. | ||||
| CVE-2017-18267 | 4 Canonical, Debian, Freedesktop and 1 more | 8 Ubuntu Linux, Debian Linux, Poppler and 5 more | 2024-11-21 | N/A |
| The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service (infinite recursion) via a crafted PDF file, as demonstrated by pdftops. | ||||
| CVE-2017-18261 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A |
| The arch_timer_reg_read_stable macro in arch/arm64/include/asm/arch_timer.h in the Linux kernel before 4.13 allows local users to cause a denial of service (infinite recursion) by writing to a file under /sys/kernel/debug in certain circumstances, as demonstrated by a scenario involving debugfs, ftrace, PREEMPT_TRACER, and FUNCTION_GRAPH_TRACER. | ||||
| CVE-2017-16419 | 1 Adobe | 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more | 2024-11-21 | N/A |
| An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The issue is a stack exhaustion problem within the JavaScript API, where the computation does not correctly control the amount of recursion that can happen with respect to system resources. | ||||
| CVE-2017-15024 | 1 Gnu | 1 Binutils | 2024-11-21 | N/A |
| find_abstract_instance_name in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file. | ||||
| CVE-2017-14861 | 1 Exiv2 | 1 Exiv2 | 2024-11-21 | N/A |
| There is a stack consumption vulnerability in the Exiv2::Internal::stringFormat function of image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack. | ||||
| CVE-2017-12964 | 1 Libsass | 1 Libsass | 2024-11-21 | N/A |
| There is a stack consumption issue in LibSass 3.4.5 that is triggered in the function Sass::Eval::operator() in eval.cpp. It will lead to a remote denial of service attack. | ||||
| CVE-2017-11556 | 1 Libsass | 1 Libsass | 2024-11-21 | N/A |
| There is a stack consumption vulnerability in the Parser::advanceToNextToken function in parser.cpp in LibSass 3.4.5. A crafted input may lead to remote denial of service. | ||||
| CVE-2017-11554 | 1 Libsass | 1 Libsass | 2024-11-21 | N/A |
| There is a stack consumption vulnerability in the lex function in parser.hpp (as used in sassc) in LibSass 3.4.5. A crafted input will lead to a remote denial of service. | ||||
| CVE-2017-11164 | 1 Pcre | 1 Pcre | 2024-11-21 | N/A |
| In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression. | ||||
| CVE-2017-10910 | 1 Mqtt.js Project | 1 Mqtt.js | 2024-11-21 | N/A |
| MQTT.js 2.x.x prior to 2.15.0 issue in handling PUBLISH tickets may lead to an attacker causing a denial-of-service condition. | ||||
| CVE-2017-0886 | 1 Nextcloud | 1 Nextcloud Server | 2024-11-21 | 6.5 Medium |
| Nextcloud Server before 9.0.55 and 10.0.2 suffers from a Denial of Service attack. Due to an error in the application logic an authenticated adversary may trigger an endless recursion in the application leading to a potential Denial of Service. | ||||
| CVE-2017-0692 | 1 Google | 1 Android | 2024-11-21 | N/A |
| A denial of service vulnerability in the Android media framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36725407. | ||||
| CVE-2016-9626 | 1 Tats | 1 W3m | 2024-11-21 | N/A |
| An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page. | ||||
| CVE-2016-9625 | 1 Tats | 1 W3m | 2024-11-21 | N/A |
| An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page. | ||||
| CVE-2016-9598 | 2 Redhat, Xmlsoft | 2 Jboss Core Services, Libxml2 | 2024-11-21 | 6.5 Medium |
| libxml2, as used in Red Hat JBoss Core Services, allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted XML document. NOTE: this vulnerability exists because of a missing fix for CVE-2016-4483. | ||||
| CVE-2016-9597 | 6 Canonical, Debian, Hp and 3 more | 7 Ubuntu Linux, Debian Linux, Icewall Federation Agent and 4 more | 2024-11-21 | N/A |
| It was found that Red Hat JBoss Core Services erratum RHSA-2016:2957 for CVE-2016-3705 did not actually include the fix for the issue found in libxml2, making it vulnerable to a Denial of Service attack due to a Stack Overflow. This is a regression CVE for the same issue as CVE-2016-3705. | ||||