1055 matches found
CVE-2026-2887
A security vulnerability has been detected in aardappel lobster up to 2025.4. This impacts the function lobster::TypeName in the library dev/src/lobster/idents.h. Such manipulation leads to uncontrolled recursion. The attack can only be performed from a local environment. The exploit has been...
CVE-2026-2887 aardappel lobster idents.h TypeName recursion
A security vulnerability has been detected in aardappel lobster up to 2025.4. This impacts the function lobster::TypeName in the library dev/src/lobster/idents.h. Such manipulation leads to uncontrolled recursion. The attack can only be performed from a local environment. The exploit has been...
Lobster 安全漏洞
Lobster is a programming language developed by Wouter van Oortmerssen. Versions of Lobster prior to 2.25 contain security vulnerabilities, which stem from uncontrolled recursion in the lobster::TypeName function...
CVE-2026-2641
A weakness has been identified in universal-ctags ctags up to 6.2.1. The affected element is the function parseExpression/parseExprList of the file parsers/v.c of the component V Language Parser. Executing a manipulation can lead to uncontrolled recursion. It is possible to launch the attack on t...
CVE-2026-2641
A weakness has been identified in universal-ctags ctags up to 6.2.1. The affected element is the function parseExpression/parseExprList of the file parsers/v.c of the component V Language Parser. Executing a manipulation can lead to uncontrolled recursion. It is possible to launch the attack on t...
CVE-2026-2641
CVE-2026-2641 affects universal-ctags ctags up to 6.2.1. The vulnerability lies in the V Language Parser’s component, specifically the function sequence in parsers/v.c (parseExpression/parseExprList). Manipulating input can trigger uncontrolled recursion, allowing a local attacker to exploit it o...
PT-2026-20354
A weakness has been identified in universal-ctags ctags up to 6.2.1. The affected element is the function parseExpression/parseExprList of the file parsers/v.c of the component V Language Parser. Executing a manipulation can lead to uncontrolled recursion. It is possible to launch the attack on t...
Security Bulletin: IBM Sterling External Authentication Server is vulnerable to multiple issues
Summary Multiple vulnerabilities affect IBM Sterling External Authentication Server and are addressed in the latest release and fixpack Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang:...
Siemens SIMATIC S7-1500 Uncontrolled Recursion (CVE-2025-39795)
In the Linux kernel, the following vulnerability has been resolved: block: avoid possible overflow for chunksectors check in blkstacklimits In blkstacklimits, we check that the t-chunksectors value is a multiple of the t-physicalblocksize value. However, by finding the chunksectors value in bytes...
ROS-20260216-73-0045
Vulnerability in opensearch related to uncontrolled recursion. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in commons-lang-2.6.jar
Summary IBM Watson Discovery Cartridge affected by vulnerability in commons-lang-2.6.jar Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with commons-lang:commons-lang 2.0 to 2.6,...
ROS-20260203-73-0009
A vulnerability in the mtkstaremac.c component of the Linux operating system kernel is related to uncontrolled recursion. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
CVE-2025-36001
IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an authenticated user to cause a denial of service using a specially crafted SQL statement including XML that performs uncontrolled recursion...
CVE-2025-36001
CVE-2025-36001 affects IBM Db2 for Linux, UNIX and Windows (including Db2 Connect Server) - versions 11.5.0–11.5.9 and 12.1.0–12.1.3. The issue allows an authenticated user to cause a denial of service by sending a specially crafted SQL statement that includes XML and triggers uncontrolled recurs...
CVE-2025-36001 IBM Db2 Denial of Service
IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an authenticated user to cause a denial of service using a specially crafted SQL statement including XML that performs uncontrolled recursion...
Uncontrolled Recursion
Overview org.webjars.npm:eslint is a pluggable linting utility for JavaScript and JSX Affected versions of this package are vulnerable to Uncontrolled Recursion in the isSerializable function when handling objects with circular references during the serialization process. An attacker can cause th...
Uncontrolled Recursion
Overview eslint is a pluggable linting utility for JavaScript and JSX Affected versions of this package are vulnerable to Uncontrolled Recursion in the isSerializable function when handling objects with circular references during the serialization process. An attacker can cause the application to...
Uncontrolled Recursion
Overview Affected versions of this package are vulnerable to Uncontrolled Recursion via the lookuphandlecname function when processing an unsolicited mDNS response containing a recursive CNAME record, where the alias and canonical name are identical. An attacker can cause a crash and exhaust the...
CVE-2026-24401 Avahi has Uncontrolled Recursion in lookup_handle_cname function
Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions 0.9rc2 and below, avahi-daemon can be crashed via a segmentation fault by sending an unsolicited mDNS response containing a recursive CNAME record, where the alias and canonica...
Uncontrolled Recursion
Overview Affected versions of this package are vulnerable to Uncontrolled Recursion in the ParseDict function, when handling deeply nested google.protobuf.Any messages. An attacker can bypass maxrecursiondepth to exhaust the recursion stack and trigger a RecursionError. Remediation Upgrade protob...