CVE-2024-13930 Authenticated Unchecked Loop Condition

An Unchecked Loop Condition in ASPECT provides an attacker the ability to maliciously consume system resources if session administrator credentials become compromised This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03...

RT-Labs P-Net 安全漏洞

RT-Labs P-Net is an open source PROFINET protocol stack from RT-Labs that enables standard communication between industrial devices and PROFINET controllers. A security vulnerability exists in RT-Labs P-Net version 1.0.1 and prior versions, which stems from an unchecked loop condition that can be...

GHSA-GM2P-WF5C-W3PJ Infinite loop condition in Amazon.IonDotnet

Summary Amazon.IonDotnet ion-dotnet is a .NET library with an implementation of the Ion data serialization format. An issue exists in Amazon.IonDotnet and the RawBinaryReader class where, under certain conditions, an actor could trigger an infinite loop condition. Impact When reading binary Ion...

CVE-2024-43366

zkvyper is a Vyper compiler. Starting in version 1.3.12 and prior to version 1.5.3, since LLL IR has no Turing-incompletness restrictions, it is compiled to a loop with a much more late exit condition. It leads to a loss of funds or other unwanted behavior if the loop body contains it. However,...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the imx8mpblkctrlremove function not properly checking a loop condition when removing a device, which could...

CVE-2024-53134 pmdomain: imx93-blk-ctrl: correct remove path

In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx93-blk-ctrl: correct remove path The check condition should be 'i onecelldata.numdomains', not 'bc-onecelldata.numdomains' which will make the look never finish and cause kernel panic. Also disable runtime to address...

Unchecked Input for Loop Condition

Overview System.Formats.Nrbf is a package that exposes only one component: NrbfDecoder: a stateless, forward-only decoder class that can decode .NET Remoting Binary Format NRBF binary data from a stream. Affected versions of this package are vulnerable to Unchecked Input for Loop Condition via th...

kernel: drm/amd/display: fixed integer types and null check locations

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fixed integer types and null check locations why: issues fixed: - comparison with wider integer type in loop condition which can cause infinite loops - pointer dereference before null check...

UBUNTU-CVE-2022-48780

In the Linux kernel, the following vulnerability has been resolved: net/smc: Avoid overwriting the copies of clcsock callback functions The callback functions of clcsock will be saved and replaced during the fallback. But if the fallback happens more than once, then the copies of these callback...

The vulnerability of the bson_utf8_validate() function in the MongoDB C-Driver’s database management system allows a attacker to cause a service failure.

The vulnerability of the bsonutf8validate function in the MongoDB C-Driver database management system driver is related to a loop with an unreachable exit condition. Exploiting this vulnerability could allow a malicious actor to cause service failures...

DEBIAN-CVE-2024-26767

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fixed integer types and null check locations why: issues fixed: - comparison with wider integer type in loop condition which can cause infinite loops - pointer dereference before null check...

UBUNTU-CVE-2024-26767

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fixed integer types and null check locations why: issues fixed: - comparison with wider integer type in loop condition which can cause infinite loops - pointer dereference before null check...

The vulnerability of the Snort module of the microprogramming software for Cisco Firepower Threat Defense (FTD) allows a perpetrator to trigger a service failure.

The vulnerability of the Snort module of the Cisco Firepower Threat Defense FTD software lies in the execution of a loop with an unavailable exit condition. Exploiting this vulnerability could allow a malicious actor to cause a service failure...

CVE-2023-46737

A flaw was found in the cosign package. A attacker with control of a compromised registry or with privileges to make requests to the cluster can create a specific request that will trigger an infinite loop condition, resulting in a denial of service. Mitigation Mitigation for this issue is either...

No way out of the loop if operator not active

Lines of code Vulnerability details Impact There is no way out of the loop if operator not active. do if !operatorStructByIdi.active continue; uint256 remainingCapacity = validatorPerOperatorGreaterThanZero ? remainingOperatorCapacityi : getOperatorQueuedValidatorCounti; uint256 newSelectedCapaci...

byacc 安全漏洞

byacc is an open source syntax parser generation tool from openeuler. A security vulnerability exists in openEuler byacc, which stems from a dead loop in the nextinline function of the morecurly function when processing a file...

CVE-2023-22409

An Unchecked Input for Loop Condition vulnerability in a NAT library of Juniper Networks Junos OS allows a local authenticated attacker with low privileges to cause a Denial of Service DoS. When an inconsistent "deterministic NAT" configuration is present on an SRX, or MX with SPC3 and then a...

Race condition

An Unchecked Input for Loop Condition vulnerability in a NAT library of Juniper Networks Junos OS allows a local authenticated attacker with low privileges to cause a Denial of Service DoS. When an inconsistent "deterministic NAT" configuration is present on an SRX, or MX with SPC3 and then a...

Juniper Networks Junos OS 安全漏洞

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS that results in a denial of service due to an...

CVE-2023-22409 Junos OS: SRX Series, MX Series with SPC3: When an inconsistent NAT configuration exists and a specific CLI command is issued the SPC will reboot

An Unchecked Input for Loop Condition vulnerability in a NAT library of Juniper Networks Junos OS allows a local authenticated attacker with low privileges to cause a Denial of Service DoS. When an inconsistent "deterministic NAT" configuration is present on an SRX, or MX with SPC3 and then a...