Total
310 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-28243 | 2024-11-21 | 6.5 Medium | ||
| KaTeX is a JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions could encounter malicious input using `\edef` that causes a near-infinite loop, despite setting `maxExpand` to avoid such loops. This can be used as an availability attack, where e.g. a client rendering another user's KaTeX input will be unable to use the site due to memory overflow, tying up the main thread, or stack overflow. Upgrade to KaTeX v0.16.10 to remove this vulnerability. | ||||
| CVE-2024-27454 | 2024-11-21 | 7.5 High | ||
| orjson.loads in orjson before 3.9.15 does not limit recursion for deeply nested JSON documents. | ||||
| CVE-2024-25112 | 1 Exiv2 | 1 Exiv2 | 2024-11-21 | 5.5 Medium |
| Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A denial-of-service was found in Exiv2 version v0.28.1: an unbounded recursion can cause Exiv2 to crash by exhausting the stack. The vulnerable function, `QuickTimeVideo::multipleEntriesDecoder`, was new in v0.28.0, so Exiv2 versions before v0.28 are _not_ affected. The denial-of-service is triggered when Exiv2 is used to read the metadata of a crafted video file. This bug is fixed in version v0.28.2. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2024-20311 | 2024-11-21 | 8.6 High | ||
| A vulnerability in the Locator ID Separation Protocol (LISP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. This vulnerability is due to the incorrect handling of LISP packets. An attacker could exploit this vulnerability by sending a crafted LISP packet to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition. Note: This vulnerability could be exploited over either IPv4 or IPv6 transport. | ||||
| CVE-2024-1899 | 2024-11-21 | 5.3 Medium | ||
| An issue in the anchors subparser of Showdownjs versions <= 2.1.0 could allow a remote attacker to cause denial of service conditions. | ||||
| CVE-2024-0211 | 1 Wireshark | 1 Wireshark | 2024-11-21 | 7.8 High |
| DOCSIS dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file | ||||
| CVE-2024-0210 | 1 Wireshark | 1 Wireshark | 2024-11-21 | 7.8 High |
| Zigbee TLV dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file | ||||
| CVE-2024-0208 | 1 Wireshark | 1 Wireshark | 2024-11-21 | 7.8 High |
| GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file | ||||
| CVE-2023-52079 | 1 Kriszyp | 1 Msgpackr | 2024-11-21 | 6.8 Medium |
| msgpackr is a fast MessagePack NodeJS/JavaScript implementation. Prior to 1.10.1, when decoding user supplied MessagePack messages, users can trigger stuck threads by crafting messages that keep the decoder stuck in a loop. The fix is available in v1.10.1. Exploits seem to require structured cloning, replacing the 0x70 extension with your own (that throws an error or does something other than recursive referencing) should mitigate the issue. | ||||
| CVE-2023-51803 | 2024-11-21 | 9.8 Critical | ||
| LinuxServer.io Heimdall before 2.5.7 does not prevent use of icons that have non-image data such as the "<?php ?>" substring. | ||||
| CVE-2023-50262 | 1 Dompdf Project | 1 Dompdf | 2024-11-21 | 5.3 Medium |
| Dompdf is an HTML to PDF converter for PHP. When parsing SVG images Dompdf performs an initial validation to ensure that paths within the SVG are allowed. One of the validations is that the SVG document does not reference itself. However, prior to version 2.0.4, a recursive chained using two or more SVG documents is not correctly validated. Depending on the system configuration and attack pattern this could exhaust the memory available to the executing process and/or to the server itself. php-svg-lib, when run in isolation, does not support SVG references for `image` elements. However, when used in combination with Dompdf, php-svg-lib will process SVG images referenced by an `image` element. Dompdf currently includes validation to prevent self-referential `image` references, but a chained reference is not checked. A malicious actor may thus trigger infinite recursion by chaining references between two or more SVG images. When Dompdf parses a malicious payload, it will crash due after exceeding the allowed execution time or memory usage. An attacker sending multiple request to a system can potentially cause resource exhaustion to the point that the system is unable to handle incoming request. Version 2.0.4 contains a fix for this issue. | ||||
| CVE-2023-50251 | 1 Dompdf | 1 Php-svg-lib | 2024-11-21 | 5.3 Medium |
| php-svg-lib is an SVG file parsing / rendering library. Prior to version 0.5.1, when parsing the attributes passed to a `use` tag inside an svg document, an attacker can cause the system to go to an infinite recursion. Depending on the system configuration and attack pattern this could exhaust the memory available to the executing process and/or to the server itself. An attacker sending multiple request to a system to render the above payload can potentially cause resource exhaustion to the point that the system is unable to handle incoming request. Version 0.5.1 contains a patch for this issue. | ||||
| CVE-2023-4512 | 1 Wireshark | 1 Wireshark | 2024-11-21 | 5.3 Medium |
| CBOR dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file | ||||
| CVE-2023-49800 | 1 Johannschopplich | 1 Nuxt Api Party | 2024-11-21 | 7.5 High |
| `nuxt-api-party` is an open source module to proxy API requests. The library allows the user to send many options directly to `ofetch`. There is no filter on which options are available. We can abuse the retry logic to cause the server to crash from a stack overflow. fetchOptions are obtained directly from the request body. A malicious user can construct a URL known to not fetch successfully, then set the retry attempts to a high value, this will cause a stack overflow as ofetch error handling works recursively resulting in a denial of service. This issue has been addressed in version 0.22.1. Users are advised to upgrade. Users unable to upgrade should limit ofetch options. | ||||
| CVE-2023-31794 | 1 Artifex | 1 Mupdf | 2024-11-21 | 5.5 Medium |
| MuPDF v1.21.1 was discovered to contain an infinite recursion in the component pdf_mark_list_push. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PDF file. | ||||
| CVE-2023-22617 | 1 Powerdns | 1 Recursor | 2024-11-21 | 7.5 High |
| A remote attacker might be able to cause infinite recursion in PowerDNS Recursor 4.8.0 via a DNS query that retrieves DS records for a misconfigured domain, because QName minimization is used in QM fallback mode. This is fixed in 4.8.1. | ||||
| CVE-2023-0412 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2024-11-21 | 6.3 Medium |
| TIPC dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file | ||||
| CVE-2022-48545 | 1 Xpdfreader | 1 Xpdf | 2024-11-21 | 5.5 Medium |
| An infinite recursion in Catalog::findDestInTree can cause denial of service for xpdf 4.02. | ||||
| CVE-2022-47662 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| GPAC MP4Box 2.1-DEV-rev649-ga8f438d20 has a segment fault (/stack overflow) due to infinite recursion in Media_GetSample isomedia/media.c:662 | ||||
| CVE-2022-47374 | 1 Siemens | 18 6ag1414-3em07-7ab0, 6ag1414-3em07-7ab0 Firmware, 6ag1416-3es07-7ab0 and 15 more | 2024-11-21 | 7.5 High |
| A vulnerability has been identified in SIMATICÂ PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions), SINAMICS S120 (incl. SIPLUS variants) (All versions < V5.2 SP3 HF15), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions). The affected products do not handle HTTP(S) requests to the web server correctly. This could allow an attacker to exhaust system resources and create a denial of service condition for the device. | ||||