UBUNTU-CVE-2018-16426

Endless recursion when handling responses from an IAS-ECC card in iaseccselectfile in libopensc/card-iasecc.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to hang or crash the opensc library using programs...

USN-3683-1: Bind vulnerability

Andrew Skalski discovered that Bind could incorrectly enable recursion when the "allow-recursion" setting wasn't specified. This issue could improperly permit recursion to all clients, contrary to expectations...

UBUNTU-CVE-2018-11254

An issue was discovered in PoDoFo 0.9.5. There is an Excessive Recursion in the PdfPagesTree::GetPageNode function of PdfPagesTree.cpp. Remote attackers could leverage this vulnerability to cause a denial of service through a crafted pdf file, a related issue to CVE-2017-8054...

UBUNTU-CVE-2017-7515

poppler through version 0.55.0 is vulnerable to an uncontrolled recursion in pdfunite resulting into potential denial-of-service...

CVE-2017-8054

The function PdfPagesTree::GetPageNodeFromArray in PdfPageTree.cpp:464 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service infinite recursion and application crash via a crafted PDF document...

PT-2017-10687 · Nextcloud · Nextcloud Server

Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 9.0.55 Nextcloud Server versions prior to 10.0.2 Description: The issue allows an authenticated adversary to trigger an endless recursion in the application, leading to a potential Denial of Service attack d...

UBUNTU-CVE-2016-6874

The arrayrecursive functions in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors, related to recursion...

CVE-2016-9626

An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page...

CVE-2016-9439

An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page...

CVE-2016-9626

An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page...

CVE-2016-9439

An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page...

PT-2016-3397 · Php +2 · Php +2

Name of the Vulnerable Software and Affected Versions: PHP versions prior to 5.4.44 PHP versions 5.5.x prior to 5.5.28 PHP versions 5.6.x prior to 5.6.12 Description: The issue is related to a stack consumption problem in the Zend/zend exceptions.c component of PHP, caused by insufficient input...

SUSE-SU-2016:1204-1 Security update for libxml2

This update for libxml2 fixes two security issues: - libxml2 limits the number of recursions an XML document can contain so to protect against the 'Billion Laughs' denial-of-service attack. Unfortunately, the underlying counter was not incremented properly in all necessary locations. Therefore,...

DEBIAN-CVE-2015-2328

PCRE before 8.36 mishandles the /?Ra|?1+/ pattern and related patterns with certain recursion, which allows remote attackers to cause a denial of service segmentation fault or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object...

CVE-2015-6806

The MScrollV function in ansi.c in GNU screen 4.3.1 and earlier does not properly limit recursion, which allows remote attackers to cause a denial of service stack consumption via an escape sequence with a large repeat count value...

EUVD-2014-7962

softmagic.c in file before 5.21 does not properly limit recursion, which allows remote attackers to cause a denial of service CPU consumption or crash via unspecified vectors...

CVE-2011-1754

jabberd14 1.6.1.1 and earlier does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service memory and CPU consumption via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564...

mingw32-libxml2: Stack overflow by parsing root XML element DTD definition

Stack consumption vulnerability in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allows context-dependent attackers to cause a denial of service application crash via a large depth of element declarations in a DTD, related to a function recursion, as demonstrated by the...

recursion causes OOM with bad DN in dn2ancestor

dn2ancestor in the LDAP component in Fedora Directory Server 1.0 allows remote attackers to cause a denial of service CPU and memory consumption via a ModDN operation with a DN that contains a large number of "," comma characters, which results in a large amount of recursion, as demonstrated usin...

CVE-2002-1902

CGIForum 1.0 through 1.05 allows remote attackers to cause a denial of service infinite recursion by creating a message board post that is a child of an outdated parent...