316 matches found
CVE-2022-2833
Technical details about CVE-2022-2833 are not publicly available in the provided documents. Monitor for updates from vendors/security advisories.
CVE-2022-2833
Endless Infinite loop in Blender-thumnailing due to logical bugs...
CVE-2022-35724
CVE-2022-35724 affects Rust applications using the Apache Avro Rust SDK prior to 0.14.0. The issue allows crafted input data to cause the reader to loop in cycles, consuming CPU and enabling denial of service. The fix is upgrading to apache-avro version 0.14.0 (or later). No exploitation details ...
Out-Of-Bounds Read
When GNOME Dia before 2019-11-27 is launched with a filename argument that is not a valid codepoint in the current encoding, it enters an endless loop, thus endlessly writing text to stdout. If this launch is from a thumbnailer service, this output will usually be written to disk via the system's...
DEBIAN-CVE-2022-27781
libcurl provides the CURLOPTCERTINFO option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation...
GHSA-RJ7P-RFGP-852X Loop with Unreachable Exit Condition in Apache Thrift
In Apache Thrift all versions up to and including 0.12.0, a server or client may run into an endless loop when feed with specific input data. Because the issue had already been partially fixed in version 0.11.0, depending on the installed version it affects only certain language bindings...
Loop with Unreachable Exit Condition in Apache Thrift
In Apache Thrift all versions up to and including 0.12.0, a server or client may run into an endless loop when feed with specific input data. Because the issue had already been partially fixed in version 0.11.0, depending on the installed version it affects only certain language bindings...
GHSA-7PWF-JG34-HXWP Improper path handling in Kustomization files allows for denial of service
The kustomize-controller enables the use of Kustomize’s functionality when applying Kubernetes declarative state onto a cluster. A malicious user can use a specially crafted kustomization.yaml to cause Denial of Service at controller level. In multi-tenancy deployments this can lead to multiple...
Improper path handling in Kustomization files allows for denial of service
The kustomize-controller enables the use of Kustomize’s functionality when applying Kubernetes declarative state onto a cluster. A malicious user can use a specially crafted kustomization.yaml to cause Denial of Service at controller level. In multi-tenancy deployments this can lead to multiple...
GSD-2022-1001433 gfs2: Fix gfs2_file_buffered_write endless loop workaround
gfs2: Fix gfs2filebufferedwrite endless loop workaround This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.19 by commit...
The vulnerability of the RTMPT traffic analyzer of Wireshark allows a hacker to cause a service failure.
The vulnerability of the RTMPT traffic analyzer in Wireshark relates to the execution of a loop with an unavailable exit condition. Exploiting this vulnerability allows a malicious actor to cause a service failure by sending specially crafted packets...
SUSE-SU-2022:0577-1 Security update for php72
This update for php72 fixes the following issues: - CVE-2015-9253: Fixed endless loop when the master process restarts a child process using program execution functions bsc1081790. - CVE-2017-8923: Fixed denial of service application crash when using .= with a long string zendstringextend func in...
Use After Free
libpjsip.so is affected by a use-after-free vulnerability. This vulnerability is due to the usage of invalid inputs in the pjsipuaunregisterdlg function in sipualayer.c file allowing to register to hash table multiple times with different keys resulting in dialog list collision and leading to an...
ALPINE-CVE-2022-23608
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions up to and including 2.11.1 when in a dialog set or forking scenario, a hash key shared by multiple UAC dialogs can...
UBUNTU-CVE-2022-23608
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions up to and including 2.11.1 when in a dialog set or forking scenario, a hash key shared by multiple UAC dialogs can...
Denial of service
An issue was discovered in Zammad before 4.1.1. An attacker with valid agent credentials may send a series of crafted requests that cause an endless loop and thus cause denial of service...
CVE-2021-39194
kaml is an open source implementation of the YAML format with support for kotlinx.serialization. In affected versions attackers that could provide arbitrary YAML input to an application that uses kaml could cause the application to endlessly loop while parsing the input. This could result in...
Design/Logic Flaw
kaml is an open source implementation of the YAML format with support for kotlinx.serialization. In affected versions attackers that could provide arbitrary YAML input to an application that uses kaml could cause the application to endlessly loop while parsing the input. This could result in...
ISC BIND DoS Vulnerability (CVE-2017-3140) - Windows
ISC BIND is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
Denial Of Service
xstreamis vulnerable to is vulnerable to Denial Of Service. An attacker can manipulate the processed input stream and replace or inject objects, that result in an endless loop causing denial of service...