GHSA-39VW-QP34-RMWF Uncontrolled recursion leads to abort in deserialization

Affected versions of this crate did not properly check for recursion while deserializing aliases. This allows an attacker to make a YAML file with an alias referring to itself causing an abort. The flaw was corrected by checking the recursion depth...

Uncontrolled recursion leads to abort in deserialization

Affected versions of this crate did not properly check for recursion while deserializing aliases. This allows an attacker to make a YAML file with an alias referring to itself causing an abort. The flaw was corrected by checking the recursion depth...

Uncontrolled recursion in ammonia

An issue was discovered in the ammonia crate before 2.1.0 for Rust. There is uncontrolled recursion during HTML DOM tree serialization...

GHSA-5HP8-35WJ-M525 Uncontrolled recursion in ammonia

An issue was discovered in the ammonia crate before 2.1.0 for Rust. There is uncontrolled recursion during HTML DOM tree serialization...

GHSA-HV87-47H9-JCVQ Uncontrolled recursion in rust-yaml

Affected versions of this crate did not prevent deep recursion while deserializing data structures. This allows an attacker to make a YAML file with deeply nested structures that causes an abort while deserializing it. The flaw was corrected by checking the recursion depth...

Uncontrolled recursion in rust-yaml

Affected versions of this crate did not prevent deep recursion while deserializing data structures. This allows an attacker to make a YAML file with deeply nested structures that causes an abort while deserializing it. The flaw was corrected by checking the recursion depth...

SUSE-SU-2021:2789-1 Security update for qemu

This update for qemu fixes the following issues: Security issues fixed: - usbredir: free call on invalid pointer in bufpalloc bsc1189145, CVE-2021-3682 - NULL pointer dereference in ESP bsc1180433, CVE-2020-35504 bsc1180434, CVE-2020-35505 bsc1180435, CVE-2020-35506 - NULL pointer dereference iss...

PT-2021-5778 · Ntfs-3G +7 · Ntfs-3G +7

Name of the Vulnerable Software and Affected Versions: NTFS-3G versions prior to 2021.8.22 Description: The issue is related to the ntfs attr pwrite function in the NTFS-3G file system driver, which is affected by uncontrolled recursion. This can be exploited by an attacker using a specially...

Foxit PDF Reader 资源管理错误漏洞

Foxit PDF Reader is a PDF reader from Foxit China. versions prior to Foxit PDF Reader 11.0.1 and PDF Editor 11.0.1 have a security vulnerability that can be exploited by attackers stemming from the application allowing the use of stacks during recursive processing of embedded XML nodes...

CVE-2021-38380

Live555 through 1.08 mishandles huge requests for the same MP3 stream, leading to recursion and s stack-based buffer over-read. An attacker can leverage this to launch a DoS attack...

CVE-2021-38380

Live555 through 1.08 mishandles huge requests for the same MP3 stream, leading to recursion and s stack-based buffer over-read. An attacker can leverage this to launch a DoS attack...

UBUNTU-CVE-2021-38380

Live555 through 1.08 mishandles huge requests for the same MP3 stream, leading to recursion and s stack-based buffer over-read. An attacker can leverage this to launch a DoS attack...

Stack overflow

Live555 through 1.08 mishandles huge requests for the same MP3 stream, leading to recursion and s stack-based buffer over-read. An attacker can leverage this to launch a DoS attack...

CVE-2021-38380

Live555 through 1.08 mishandles huge requests for the same MP3 stream, leading to recursion and s stack-based buffer over-read. An attacker can leverage this to launch a DoS attack...

Live555 缓冲区错误漏洞

Live555 is a cross-platform C open source project that provides solutions for streaming media, which implements support for standard streaming media delivery protocols such as RTP/RTCP, RTSP, SIP, etc. A security vulnerability exists in Live555, which stems from improper handling of a large numbe...

Amazon Linux 2 : curl (ALAS-2021-1693)

The version of curl installed on the remote host is prior to 7.76.1-4. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1693 advisory. A flaw was found in libcurl from versions 7.29.0 through 7.71.1. An application that performs multiple requests with libcurl...

The vulnerability of the Moodle management system, related to uncontrolled recursion, allows a hacker to trigger a service failure.

The vulnerability of the Moodle administration system is related to an uncontrolled recursion. Exploiting this vulnerability could allow a malicious actor, operating remotely, to perform a denial-of-service attack by creating a specially crafted URL address...

OESA-2021-1285 wireshark security update

Wireshark is an open source tool for profiling network traffic and analyzing packets. Such a tool is often referred to as a network analyzer, network protocol analyzer or sniffer. Security Fixes: In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14, the dissection engine could crash...

OpenSSL Multiple Vulnerabilities (20140605 - 1) - Windows

OpenSSL is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2021-22144

In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that...