Design/Logic Flaw

In Apache Thrift all versions up to and including 0.12.0, a server or client may run into an endless loop when feed with specific input data. Because the issue had already been partially fixed in version 0.11.0, depending on the installed version it affects only certain language bindings...

UBUNTU-CVE-2019-0205

In Apache Thrift all versions up to and including 0.12.0, a server or client may run into an endless loop when feed with specific input data. Because the issue had already been partially fixed in version 0.11.0, depending on the installed version it affects only certain language bindings...

Loop with Unreachable Exit Condition (Infinite Loop)

In Apache Thrift, a server or client may run into an endless loop when feed with specific input data...

CVE-2019-0205

CVE-2019-0205 affects Apache Thrift up to version 0.12.0, where a server or client may enter an endless loop when fed specific input data. The issue was partially fixed in 0.11.0, and depending on the language binding, only certain bindings are impacted. Exploitation details are not provided in t...

CVE-2019-0205

In Apache Thrift all versions up to and including 0.12.0, a server or client may run into an endless loop when feed with specific input data. Because the issue had already been partially fixed in version 0.11.0, depending on the installed version it affects only certain language bindings...

CVE-2019-0205

In Apache Thrift all versions up to and including 0.12.0, a server or client may run into an endless loop when feed with specific input data. Because the issue had already been partially fixed in version 0.11.0, depending on the installed version it affects only certain language bindings...

CVE-2019-14207

An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash when calling the clone function due to an endless loop resulting from confusing relationships between a child and parent object caused by an append error...

CVE-2019-14207

An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash when calling the clone function due to an endless loop resulting from confusing relationships between a child and parent object caused by an append error...

Design/Logic Flaw

An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash when calling the clone function due to an endless loop resulting from confusing relationships between a child and parent object caused by an append error...

CVE-2019-14207

CVE-2019-14207 affects Foxit PhantomPDF prior to 8.3.11. The issue is a crash caused by an infinite loop in the clone function, arising from confused relationships between a child and parent object due to an append error. This results in a denial of service-like crash when cloning objects. The vu...

CVE-2019-14207

An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash when calling the clone function due to an endless loop resulting from confusing relationships between a child and parent object caused by an append error...

Malicious Package

destroyer-of-worlds is a malicious package. A malicious bash script resides in the package which will execute as a postinstall script. The script deletes system files and creates a large file, fork bomb and an endless loop in an attempt to crash the host...

CVE-2017-3140

If named is configured to use Response Policy Zones RPZ an error processing some rule types can lead to a condition where BIND will endlessly loop while handling a query. Affects BIND 9.9.10, 9.10.5, 9.11.0-9.11.1, 9.9.10-S1, 9.10.5-S1...

ALPINE-CVE-2017-3140

If named is configured to use Response Policy Zones RPZ an error processing some rule types can lead to a condition where BIND will endlessly loop while handling a query. Affects BIND 9.9.10, 9.10.5, 9.11.0-9.11.1, 9.9.10-S1, 9.10.5-S1...

UBUNTU-CVE-2017-3140

If named is configured to use Response Policy Zones RPZ an error processing some rule types can lead to a condition where BIND will endlessly loop while handling a query. Affects BIND 9.9.10, 9.10.5, 9.11.0-9.11.1, 9.9.10-S1, 9.10.5-S1...

[ASA-201901-1] tar: denial of service

Arch Linux Security Advisory ASA-201901-1 ========================================= Severity: Low Date : 2019-01-08 CVE-ID : CVE-2018-20482 Package : tar Type : denial of service Remote : No Link : https://security.archlinux.org/AVG-841 Summary ======= The package tar before version 1.31-1 is...

CVE-2018-19826

In inspect.cpp in LibSass 3.5.5, a high memory footprint caused by an endless loop containing a Sass::Inspect::operatorSass::StringQuoted stack frame may cause a Denial of Service via crafted sass input files with stray '&' or '/' characters. NOTE: Upstream comments indicate this issue is closed ...

Security update for unzip (moderate)

This update for unzip fixes the following security issues: - CVE-2014-9913: Specially crafted zip files could trigger invalid memory writes possibly resulting in DoS or corruption bsc1013993 - CVE-2015-7696: Specially crafted zip files with password protection could trigger a crash and lead to...

MGASA-2018-0223 Updated libid3tag packages fix security vulnerabilities

id3utf16deserialize in utf16.c in libid3tag through 0.15.1b misparses ID3v2 tags encoded in UTF-16 with an odd number of bytes, triggering an endless loop allocating memory until an OOM condition is reached, leading to denial-of-service DoS. CVE-2004-2779 field.c in the libid3tag 0.15.0b library...

Updated libid3tag packages fix security vulnerabilities

id3utf16deserialize in utf16.c in libid3tag through 0.15.1b misparses ID3v2 tags encoded in UTF-16 with an odd number of bytes, triggering an endless loop allocating memory until an OOM condition is reached, leading to denial-of-service DoS. CVE-2004-2779 field.c in the libid3tag 0.15.0b library...