ImageMagick has XMP profile write that triggers hang due to unbounded loop

Summary Infinite lines occur when writing during a specific XMP file conversion command Details 0 GetXmpNumeratorAndDenominator denominator=, numerator=, value= at MagickCore/profile.c:2578 1 GetXmpNumeratorAndDenominator denominator=, numerator=, value=720000000000000 at MagickCore/profile.c:256...

CVE-2025-53015

CVE-2025-53015 affects ImageMagick prior to 7.1.2-0, where a specific XMP file conversion command can cause an unbounded loop in the WriteImage path, triggering an infinite hang (Denial of Service). The PoC demonstrates the hang via a command like magick hang a.mng. Impact is described as a hang ...

ImageMagick 安全漏洞

ImageMagick is a suite of open source image processing software from ImageMagick Open Source. It can read, convert or write images in many formats. A security vulnerability exists in versions prior to ImageMagick 7.1.2-0 that stems from an infinite loop in a specific XMP file conversion command...

page_pool: avoid infinite loop to schedule delayed worker

...

Apache Commons Compress: Denial of service caused by an infinite loop for a corrupted DUMP file

...

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in nanoid-2.1.11.tgz

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of nanoid-2.1.11.tgz Vulnerability Details CVEID:CVE-2024-55565 DESCRIPTION: nanoid aka Nano ID before 5.0.9 mishandles non-integer values. 3.3.8 is also a fixed version. CWE:CWE-835: Loop with Unreachable Exit Condition...

Security Bulletin: Zipp Path Module Denial of Service via Malformed ZIP File

Summary zipp is vulnerable to a denial of service, caused by an infinite loop flaw in the Path module. By using a specially crafted zip file, a local attacker could exploit this vulnerability to cause a denial of service condition. Vulnerability Details CVEID:CVE-2024-5569 DESCRIPTION: zipp is...

CVE-2025-2962

A denial-of-service issue in the dns implemenation could cause an infinite loop...

Undertow: Infinite loop in SslConduit during close

A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in SslConduit, where the loop never terminates...

CVE-2025-2962

A denial-of-service issue in the dns implemenation could cause an infinite loop...

CVE-2025-2962

A denial-of-service issue in the dns implemenation could cause an infinite loop...

CVE-2025-2962 Infinite loop in dns_copy_qname

A denial-of-service issue in the dns implemenation could cause an infinite loop...

CVE-2025-2962

CVE-2025-2962 affects Zephyr RTOS (Zephyr project)

CVE-2025-2962 Infinite loop in dns_copy_qname

A denial-of-service issue in the dns implemenation could cause an infinite loop...

Zephyr 安全漏洞

Zephyr is an extensible real-time operating system RTOS open-sourced by Zephyr. A security vulnerability exists in Zephyr 4.1 and earlier versions, which stems from a flawed DNS implementation that could lead to an infinite loop...

PT-2025-26697 · Zephyrproject Rtos · Zephyr

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A denial-of-service issue in the dns implementation could cause an infinite loop. Recommendations: At the moment, there is no information about a newer version that contains a fix for this...

CVE-2022-50008

In the Linux kernel, the following vulnerability has been resolved: kprobes: don't call disarmkprobe for disabled kprobes The assumption in disablekprobe is wrong, and it could try to disarm an already disarmed kprobe and fire the WARNONCE below. 0 We can easily reproduce this issue. 1. Write 0 t...

SUSE CVE-2022-50008

In the Linux kernel, the following vulnerability has been resolved: kprobes: don't call disarmkprobe for disabled kprobes The assumption in disablekprobe is wrong, and it could try to disarm an already disarmed kprobe and fire the WARNONCE below. 0 We can easily reproduce this issue. 1. Write 0 t...

CVE-2022-50008

In the Linux kernel, the following vulnerability has been resolved: kprobes: don't call disarmkprobe for disabled kprobes The assumption in disablekprobe is wrong, and it could try to disarm an already disarmed kprobe and fire the WARNONCE below. 0 We can easily reproduce this issue. 1. Write 0 t...

CVE-2022-50008 kprobes: don't call disarm_kprobe() for disabled kprobes

In the Linux kernel, the following vulnerability has been resolved: kprobes: don't call disarmkprobe for disabled kprobes The assumption in disablekprobe is wrong, and it could try to disarm an already disarmed kprobe and fire the WARNONCE below. 0 We can easily reproduce this issue. 1. Write 0 t...