CVE-2016-6873

Self recursion in compact in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors...

Design/Logic Flaw

Infinite recursion in wddx in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors...

UBUNTU-CVE-2016-6873

Self recursion in compact in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors...

CVE-2016-6875

Infinite recursion in wddx in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors...

CVE-2016-6873

CVE-2016-6873 affects Facebook HHVM before 3.15.0. The vulnerability is caused by self recursion in the compact function, leading to unspecified impact via unknown vectors. Public records (NVD/NSS OSV) describe a high-severity, network-exploitable issue with potential partial confidentiality/inte...

CVE-2016-6874

CVE-2016-6874 affects Facebook HHVM (before 3.15.0) via the array_*_recursive functions, enabling unspecified impact through recursion. The available connected docs confirm the affected component and root cause (recursion in specific functions) but do not provide concrete exploit details, vectors...

CVE-2016-6873

Self recursion in compact in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors...

CVE-2016-6874

The arrayrecursive functions in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors, related to recursion...

CVE-2016-6875

CVE-2016-6875 corresponds to an infinite recursion in WDDX handling in Facebook HHVM prior to 3.15.0. The vulnerability statement notes an unspecified impact via unknown vectors. The linked metrics assign a high base score (CVSSv2: 7.5; CVSSv3: 9.8) with network access and low attack complexity, ...

ALPINE-CVE-2017-5839

The gstriffcreateaudiocaps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 does not properly limit recursion, which allows remote attackers to cause a denial of service stack overflow and crash via vectors involving nested WAVEFORMATEX...

UBUNTU-CVE-2017-5839

The gstriffcreateaudiocaps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 does not properly limit recursion, which allows remote attackers to cause a denial of service stack overflow and crash via vectors involving nested WAVEFORMATEX...

Denial Of Service (DoS) Through Recursion

OpenSSL is vulnerable to denial of service DoS attacks. These attacks can be made using an invalid DTLS handshake causing OpenSSL to go into a recursive loop...

Denial of Service attack (NC-SA-2017-004)

Due to an error in the application logic an authenticated adversary may trigger an endless recursion in the application leading to a potential Denial of Service...

Denial Of Service (DoS)

Jansson is vulnerable to denial of service DoS attacks. These attacks are possible though JSON data, causing deep recursion, stack consumption and eventually crashing the application...

shopify-scripts: Recursion causing uninitialized memory reads leading to a segfault

The following code produces a segfault without causing a stack overflow, affecting the sandbox: def fnn return ensure if n == 0 else fnn-1 end end fn24 When the n parameter is less than 24, there is no segfault. However, investigating with a memory sanitizer shows that uninitialized read errors...

F5 Networks BIG-IP : libxml2 vulnerabilities (K54225343)

CVE-2016-3627 The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a denial of service infinite recursion, stack consumption, and application crash via a crafted XML document CVE-2016-3705 The 1...

libxml2: stack overflow before detecting invalid XML file

Missing incrementation of recursion depth counter were found in the xmlParserEntityCheck and xmlParseAttValueComplex functions used for parsing XML data. An attacker could launch a Denial of Service attack by passing specially crafted XML data to an application, forcing it to crash due to stack...

CVE-2016-9933

An infinite recursion flaw was found in the gdImageFillToBorder function from the gd library; also used by PHP imagefilltoborder function, when passing a negative integer as the color parameter, triggering a stack overflow. A remote attacker with ability to force a negative color identifier when...

DEBIAN-CVE-2016-9626

An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page...

CVE-2016-9626

An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page...