Lucene search
K

124 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:21 a.m.4 views

SUSE CVE-2018-19881

In Artifex MuPDF 1.14.0, svg/svg-run.c allows remote attackers to cause a denial of service recursive calls followed by a fitz/xml.c fzxmlatt crash from excessive stack consumption via a crafted svg file, as demonstrated by mupdf-gl...

5.5CVSS5.2AI score0.01571EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:16 a.m.4 views

SUSE CVE-2019-6293

An issue was discovered in the function markbeginningasnormal in nfa.c in flex 2.6.4. There is a stack exhaustion problem caused by the markbeginningasnormal function making recursive calls to itself in certain scenarios involving lots of '' characters. Remote attackers could leverage this...

5.5CVSS7.8AI score0.01588EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:5 a.m.2 views

SUSE CVE-2019-20016

libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead in fractalhead.c. NOTE: a download of v0.9 after 2019-12-06 should fully remediate this issue...

6.5CVSS7AI score0.01691EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 3:48 a.m.4 views

SUSE CVE-2021-3622

A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry hive file, which would cause hivex to recursively call the getchildren function, leading to a stack overflow. The highest threat from this vulnerability is to system availability...

4.3CVSS5.4AI score0.04794EPSS
Exploits1References9
BDU FSTEC
BDU FSTEC
added 2022/04/25 12:0 a.m.7 views

The vulnerability of the Zend/zend_exceptions.c component of the PHP programming language interpreter allows a attacker to cause a service failure.

The vulnerability of the Zend/zendexceptions.c component of the PHP programming language interpreter exists due to insufficient checking of input data. Exploiting this vulnerability can allow an attacker to cause service failures through recursive calls to methods...

7.8CVSS7.4AI score0.03881EPSS
Exploits1References6Affected Software3
OSV
OSV
added 2022/01/11 12:27 p.m.8 views

CLSA-2022-1641904053 Fix of 14 CVEs

CVE-2018-9138: Fix stack exhaustion - CVE-2018-12641: Fix stack exhaustion - CVE-2018-12697: Fix NULL pointer dereference - CVE-2018-12698: Fix memory consumption - CVE-2018-12699: Fix heap-based buffer overflow - CVE-2018-12700: Fix infinite recursion - CVE-2018-17794: Fix NULL pointer...

9.8CVSS6AI score0.0669EPSS
Exploits10References1
CloudLinux
CloudLinux
added 2022/01/11 12:27 p.m.47 views

Fix of 14 CVEs

CVE-2018-9138: Fix stack exhaustion - CVE-2018-12641: Fix stack exhaustion - CVE-2018-12697: Fix NULL pointer dereference - CVE-2018-12698: Fix memory consumption - CVE-2018-12699: Fix heap-based buffer overflow - CVE-2018-12700: Fix infinite recursion - CVE-2018-17794: Fix NULL pointer...

9.8CVSS4.1AI score0.0669EPSS
Exploits10References1
OSV
OSV
added 2021/12/29 3:10 p.m.9 views

CLSA-2021-1640790635 Fixed 14 CVEs in binutils

CVE-2018-9138: Fix stack exhaustion - CVE-2018-12641: Fix stack exhaustion - CVE-2018-12697: Fix NULL pointer dereference - CVE-2018-12698: Fix memory consumption - CVE-2018-12699: Fix heap-based buffer overflow - CVE-2018-12700: Fix infinite recursion - CVE-2018-17794: Fix NULL pointer...

9.8CVSS6.9AI score0.0669EPSS
Exploits10References1
CloudLinux
CloudLinux
added 2021/12/29 3:9 p.m.96 views

Fix of CVE: CVE-2021-45078, CVE-2018-9138, CVE-2018-17985, CVE-2018-12641, CVE-2018-12699, CVE-2018-12698, CVE-2018-12697, CVE-2018-12700, CVE-2018-18484, CVE-2018-18701, CVE-2018-12934, CVE-2018-18700, CVE-2018-17794, CVE-2018-18483

CVE-2018-9138: Fix stack exhaustion - CVE-2018-12641: Fix stack exhaustion - CVE-2018-12697: Fix NULL pointer dereference - CVE-2018-12698: Fix memory consumption - CVE-2018-12699: Fix heap-based buffer overflow - CVE-2018-12700: Fix infinite recursion - CVE-2018-17794: Fix NULL pointer...

7.5CVSS4.1AI score0.0669EPSS
Exploits10References1
ATTACKERKB
ATTACKERKB
added 2021/12/23 9:15 p.m.5 views

CVE-2021-3622

A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry hive file, which would cause hivex to recursively call the getchildren function, leading to a stack overflow. The highest threat from this vulnerability is to system availability...

4.3CVSS5.7AI score0.04794EPSS
Exploits1References8
OSV
OSV
added 2021/12/23 9:15 p.m.3 views

UBUNTU-CVE-2021-3622

A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry hive file, which would cause hivex to recursively call the getchildren function, leading to a stack overflow. The highest threat from this vulnerability is to system availability...

4.3CVSS5.8AI score0.04794EPSS
Exploits1References4
OSV
OSV
added 2021/08/11 10:15 p.m.5 views

CVE-2021-38569

An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows stack consumption via recursive function calls during the handling of XFA forms or link objects...

7.5CVSS7.1AI score0.00961EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2021/08/11 10:15 p.m.4 views

CVE-2021-38569

An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows stack consumption via recursive function calls during the handling of XFA forms or link objects...

7.5CVSS7.1AI score0.00961EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/07/06 12:0 a.m.48 views

EulerOS Virtualization 3.0.2.2 : perl (EulerOS-SA-2021-2157)

According to the versions of the perl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment...

8.6CVSS7.4AI score0.11334EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/06/17 11:35 a.m.12 views

curl: Malicious FTP server can trigger stack overflow when CURLOPT_CHUNK_BGN_FUNCTION is used

Libcurl offers a wildcard matching functionality, which allows a callback set with CURLOPTCHUNKBGNFUNCTION to return information back to libcurl on how to handle a specific entry in a directory when libcurl iterates over a list of all available entries. When this callback returns...

7.5CVSS7.2AI score0.09917EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2021/06/02 12:53 a.m.6 views

perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS

regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive Sstudychunk calls...

7.5CVSS7.1AI score0.05971EPSS
Exploits0References4
OSV
OSV
added 2021/05/26 10:15 p.m.5 views

DEBIAN-CVE-2021-30470

A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call among PdfTokenizer::ReadArray, PdfTokenizer::GetNextVariant and PdfTokenizer::ReadDataType functions can lead to a stack overflow...

5.5CVSS6.7AI score0.00691EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2021/05/21 12:0 a.m.209 views

Oracle Linux 6 : perl (ELSA-2021-9238)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9238 advisory. - Backport patch for CVE-2020-10543 Orabug: 32855589 - Backport patch for CVE-2020-10878 Orabug: 32855589 Tenable has extracted the preceding descripti...

8.6CVSS7.1AI score0.11334EPSS
Exploits0References4
Cvelist
Cvelist
added 2021/05/14 7:22 p.m.30 views

CVE-2021-29591 Stack overflow due to looping TFLite subgraph

TensorFlow is an end-to-end open source platform for machine learning. TFlite graphs must not have loops between nodes. However, this condition was not checked and an attacker could craft models that would result in infinite loop during evaluation. In certain cases, the infinite loop would be...

7.3CVSS7.9AI score0.00262EPSS
Exploits1References3
CVE
CVE
added 2021/05/14 7:22 p.m.95 views

CVE-2021-29591

TensorFlow/TfLite vulnerability CVE-2021-29591 stems from loops in TFlite subgraphs (example: While) allowing potential infinite recursion and stack exhaustion during evaluation. Affected: TensorFlow/TfLite; root cause: unchecked looping between body and loop subgraphs. Impact described as stack ...

7.8CVSS7.3AI score0.00262EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder