Stack overflow during recursive expression parsing

When parsing untrusted rulex expressions, the stack may overflow, possibly enabling a Denial of Service attack. This happens when parsing an expression with several hundred levels of nesting, causing the process to abort immediately. The flaw was corrected in commits 60aa2dc03a by adding a check ...

CVE-2020-36429

VariantencodeJson in open62541 1.x before 1.0.4 has an out-of-bounds write for a large recursion depth...

Uncontrolled recursion leads to abort in deserialization

Affected versions of this crate did not properly check for recursion while deserializing aliases. This allows an attacker to make a YAML file with an alias referring to itself causing an abort. The flaw was corrected by checking the recursion depth...

CVE-2020-36429

VariantencodeJson in open62541 1.x before 1.0.4 has an out-of-bounds write for a large recursion depth...

CVE-2020-36429

VariantencodeJson in open62541 1.x before 1.0.4 has an out-of-bounds write for a large recursion depth...

open62541 缓冲区错误漏洞

open62541 is an application software. An open source and free implementation of OPC UA OPC Unified Architecture, written in a common subset of the C99 and C++98 languages. A security vulnerability exists in open62541 prior to 1.0.4, which stems from the fact that X has out-of-bounds writes for...

SUSE: Security Advisory (SUSE-SU-2015:0488-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2021-18342 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow versions 2.4.2 and earlier TensorFlow versions 2.3.3 and earlier TensorFlow versions 2.2.3 and earlier TensorFlow versions 2.1.4 and earlier Description: TensorFlow is an end-to-end open source...

Huawei Mate 30 Denial of Service Vulnerability

Huawei Mate 30 is a smartphone from Huawei. A denial of service vulnerability exists in versions prior to Huawei Mate 30 10.1.0.150 C00E136R5P3. The vulnerability stems from the system not properly limiting the recursion depth. An attacker can exploit the vulnerability to cause a denial of servic...

CVE-2020-9243

HUAWEI Mate 30 with versions earlier than 10.1.0.150C00E136R5P3 have a denial of service vulnerability. The system does not properly limit the depth of recursion, an attacker should trick the user installing and execute a malicious application. Successful exploit could cause a denial of service...

CVE-2020-9243

HUAWEI Mate 30 with versions earlier than 10.1.0.150C00E136R5P3 have a denial of service vulnerability. The system does not properly limit the depth of recursion, an attacker should trick the user installing and execute a malicious application. Successful exploit could cause a denial of service...

Security Advisory - Denial of Service Vulnerability in Several Smartphones

There is a denial of service vulnerability in several smartphones. The system does not properly limit the depth of recursion, an attacker should trick the user installing and execute a malicious application. Successful exploit could cause a denial of service condition. Vulnerability ID:...

RUSTSEC-2018-0006 Uncontrolled recursion leads to abort in deserialization

Affected versions of this crate did not prevent deep recursion while deserializing data structures. This allows an attacker to make a YAML file with deeply nested structures that causes an abort while deserializing it. The flaw was corrected by checking the recursion depth. Note: clap 2.33 is not...

CVE-2018-13795

Gravity before 0.5.1 does not support a maximum recursion depth...

CVE-2018-13795

Gravity before 0.5.1 does not support a maximum recursion depth...

Design/Logic Flaw

Gravity before 0.5.1 does not support a maximum recursion depth...

CVE-2018-13795

CVE-2018-13795 affects Gravity prior to 0.5.1. The issue is described as: Gravity before 0.5.1 does not support a maximum recursion depth. Connected sources list Gravity-specific references with this description; no additional technical details (root cause, affected versions beyond the pre-0.5.1 ...

CVE-2018-9256

In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the LWAPP dissector could crash. This was addressed in epan/dissectors/packet-lwapp.c by limiting the encapsulation levels to restrict the recursion depth...

DEBIAN-CVE-2018-9262

In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the VLAN dissector could crash. This was addressed in epan/dissectors/packet-vlan.c by limiting VLAN tag nesting to restrict the recursion depth...

Design/Logic Flaw

In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the MP4 dissector could crash. This was addressed in epan/dissectors/file-mp4.c by restricting the box recursion depth...