13670 matches found
BIT-PILLOW-2026-59203 Pillow EpsImagePlugin negative %%BeginBinary byte count causes infinite loop denial of service
Pillow is a Python imaging library. From 12.0.0 through 12.2.0, Pillow's EPS parser in PIL/EpsImagePlugin.py accepts a negative byte count in the %%BeginBinary directive, allowing a crafted EPS file to cause Image.open to seek backwards to the same directive and parse it repeatedly in an infinite...
CVE-2026-54119
Loop with unreachable exit condition 'infinite loop' in Windows Active Directory allows an unauthorized attacker to deny service over a network...
CVE-2026-50653
CVE-2026-50653 describes an infinite loop with an unreachable exit condition in Azure Active Directory that can allow a network-based denial of service. The provided documents confirm the issue and its impact as a denial of service via network, but do not include specific exploitation details, af...
CVE-2026-54119
CVE-2026-54119 describes a loop with an unreachable exit condition in Windows Active Directory that can be exploited to cause a network-based denial of service by an unauthorized attacker. The affected component is Windows Active Directory; the vulnerability stems from an infinite loop, leading t...
DEBIAN-CVE-2026-59203
Pillow is a Python imaging library. From 12.0.0 through 12.2.0, Pillow's EPS parser in PIL/EpsImagePlugin.py accepts a negative byte count in the %%BeginBinary directive, allowing a crafted EPS file to cause Image.open to seek backwards to the same directive and parse it repeatedly in an infinite...
CVE-2026-62642
The data identifies Roundcube Webmail as affected. Vulnerable component: the TNEF decoder, with an infinite loop leading to denial of service when opening emails containing TNEF attachments. Affected versions are Roundcube Webmail before 1.6.17 and before 1.7.2 (1.7.x). Remediation: upgrade to Ro...
CVE-2026-59203 Pillow EpsImagePlugin negative %%BeginBinary byte count causes infinite loop denial of service
Pillow is a Python imaging library. From 12.0.0 through 12.2.0, Pillow's EPS parser in PIL/EpsImagePlugin.py accepts a negative byte count in the %%BeginBinary directive, allowing a crafted EPS file to cause Image.open to seek backwards to the same directive and parse it repeatedly in an infinite...
CVE-2026-59203 Pillow EpsImagePlugin negative %%BeginBinary byte count causes infinite loop denial of service
Pillow is a Python imaging library. From 12.0.0 through 12.2.0, Pillow's EPS parser in PIL/EpsImagePlugin.py accepts a negative byte count in the %%BeginBinary directive, allowing a crafted EPS file to cause Image.open to seek backwards to the same directive and parse it repeatedly in an infinite...
Security Bulletin: IBM® Db2® is vulnerable to a trap when compiling specially crafted statements containing subqueries could lead to a denial of service (CVE-2026-7771)
Summary IBM® Db2® is vulnerable to a trap when compiling specially crafted statements containing subqueries could lead to a denial of service. Vulnerability Details CVEID:CVE-2026-7771 DESCRIPTION: IBM Db2 is vulnerable to a trap when compiling a specially crafted statements containing subqueries...
PT-2026-58091
Name of the Vulnerable Software and Affected Versions Pillow versions 12.0.0 through 12.2.0 Description The EPS parser in PIL/EpsImagePlugin.py accepts a negative byte count within the %%BeginBinary directive. A specially crafted EPS file can trigger the Image.open function to seek backwards to t...
PT-2026-58210
Name of the Vulnerable Software and Affected Versions Azure Active Directory versions prior to 8.19.2 Description An infinite loop occurs when an unreachable exit condition is triggered, allowing an unauthorized attacker to remotely cause a denial of service over a network. Recommendations Update...
CVE-2026-59935
A flaw was found in pypdf, a pure-python PDF library. A remote attacker can craft a malicious PDF file containing an unterminated inline image within the page content stream. When this crafted PDF is parsed, it can lead to an infinite loop, resulting in a denial of service DoS due to resource...
Loop with Unreachable Exit Condition in GNU patch
...
CVE-2026-59874
A flaw was found in node-tar, a tar archive manipulation library for Node.js. A remote attacker could exploit this vulnerability by providing a specially crafted tar archive with a negative entry size in its header. This malformed header causes the archive scanner to enter an infinite loop,...
CVE-2026-55865
Python Liquid is a Python engine for the Liquid template language. Prior to 2.2.1, given a malformed % case % tag without an associated % when % or % else % block and no terminating % endcase % tag, Python Liquid hangs in an infinite loop at parse time because liquid.TokenStream.eof did not give...
EUVD-2026-38358
pypdf: Possible infinite loop when processing threads/articles in writer...
CVE-2026-55865
Python Liquid is a Python engine for the Liquid template language. Prior to 2.2.1, given a malformed % case % tag without an associated % when % or % else % block and no terminating % endcase % tag, Python Liquid hangs in an infinite loop at parse time because liquid.TokenStream.eof did not give...
CVE-2026-55865
CVE-2026-55865 concerns the Python Liquid template engine. Before version 2.2.1, a malformed {% case %} tag without a corresponding {% when %} or {% else %} and without a terminating {% endcase %} could cause an infinite loop during parsing, due to an incorrect EOF token handling in liquid.TokenS...
CVE-2026-55865 Python Liquid: Infinite loop when parsing malformed `{% case %}` tags
Python Liquid is a Python engine for the Liquid template language. Prior to 2.2.1, given a malformed % case % tag without an associated % when % or % else % block and no terminating % endcase % tag, Python Liquid hangs in an infinite loop at parse time because liquid.TokenStream.eof did not give...
DEBIAN-CVE-2026-56289
GNU patch is vulnerable to a denial of service DoS due to improper validation of hunk single block of changes in diff line offsets in unified-diff input. A specially crafted patch can specify an extremely large line number, causing the application to enter an effectively infinite processing loop...