Code injection

In PCRE 8.41, the OPKETRMAX feature in the match function in pcreexec.c allows stack exhaustion uncontrolled recursion when processing a crafted regular expression...

CVE-2017-11164

In PCRE 8.41, the OPKETRMAX feature in the match function in pcreexec.c allows stack exhaustion uncontrolled recursion when processing a crafted regular expression...

CVE-2017-11164

The CVE-2017-11164 entry affects PCRE 8.41 where OP_KETRMAX in the match function (pcre_exec.c) can cause stack exhaustion (uncontrolled recursion) when processing a crafted regular expression. The connected IBM/collection remains at high impact with IBM X-Force CVSS vector showing HIGH/Network/N...

Stack overflow

In Wireshark 2.2.7, PROFINET IO data with a high recursion depth allows remote attackers to cause a denial of service stack exhaustion in the dissectIODWriteReq function in plugins/profinet/packet-dcerpc-pn-io.c...

DEBIAN-CVE-2017-9766

In Wireshark 2.2.7, PROFINET IO data with a high recursion depth allows remote attackers to cause a denial of service stack exhaustion in the dissectIODWriteReq function in plugins/profinet/packet-dcerpc-pn-io.c...

CVE-2017-9766

CVE-2017-9766 : In Wireshark, version 2.2.7 is vulnerable to a denial of service caused by stack exhaustion via PROFINET IO data with excessive recursion. The issue occurs in the dissect_IODWriteReq function (plugins/profinet/packet-dcerpc-pn-io.c). Remote attackers could trigger the vulnerabilit...

About the security content of tvOS 10.2 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...

CVE-2017-1000378

The NetBSD qsort function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort to deterministically recurse N/4 times. This allows attackers to consume arbitrary amounts of stack memory and manipulate stack memory to assist in...

Apache Thrift Client Library Denial of Service Vulnerability

Apache Thrift is an interface definition language and binary communication protocol for defining and creating services for multiple languages. The Apache Thrift client inventory is vulnerable to a denial of service. A remote authenticated user can cause a denial of service infinite recursion via ...

Design/Logic Flaw

The client libraries in Apache Thrift before 0.9.3 might allow remote authenticated users to cause a denial of service infinite recursion via vectors involving the skip function...

CVE-2015-3254

Removed by vendor...

CVE-2015-3254

Apache Thrift client libraries before 0.9.3 are affected by CVE-2015-3254, which could allow a remote authenticated user to trigger a denial of service via infinite recursion in the skip function. Impact is a partial denial of service (availability affected) with network access and no confidentia...

CVE-2017-9729

In uClibc 0.9.33.2, there is stack exhaustion uncontrolled recursion in the checkdstlimitscalcpos1 function in misc/regex/regexec.c when processing a crafted regular expression...

DEBIAN-CVE-2017-9729

In uClibc 0.9.33.2, there is stack exhaustion uncontrolled recursion in the checkdstlimitscalcpos1 function in misc/regex/regexec.c when processing a crafted regular expression...

PT-2017-6654 · Apache +1 · Apache Thrift +1

Name of the Vulnerable Software and Affected Versions: Apache Thrift versions prior to 0.9.3 Description: The issue allows remote authenticated users to cause a denial of service, specifically through infinite recursion, by exploiting vectors related to the skip function. Recommendations: For...

CVE-2017-9616

In Wireshark 2.2.7, overly deep mp4 chunks may cause stack exhaustion uncontrolled recursion in the dissectmp4box function in epan/dissectors/file-mp4.c...

CVE-2017-9616

In Wireshark 2.2.7, overly deep mp4 chunks may cause stack exhaustion uncontrolled recursion in the dissectmp4box function in epan/dissectors/file-mp4.c...

UBUNTU-CVE-2017-9617

In Wireshark 2.2.7, deeply nested DAAP data may cause stack exhaustion uncontrolled recursion in the dissectdaaponetag function in epan/dissectors/packet-daap.c in the DAAP dissector...

CVE-2017-9616

CVE-2017-9616 affects Wireshark up to version 2.2.7, where the mp4 dissector (epan/dissectors/file-mp4.c) is vulnerable to stack exhaustion caused by overly deep MP4 box chunks triggering uncontrolled recursion. The description in the Initial Document explicitly identifies this condition and the ...

CVE-2017-9617

In Wireshark 2.2.7, deeply nested DAAP data may cause stack exhaustion uncontrolled recursion in the dissectdaaponetag function in epan/dissectors/packet-daap.c in the DAAP dissector...