The vulnerability of the encode_structured_data method in the PyPI eth-account package allows a attacker to cause a service failure.

The vulnerability of the encodestructureddata method in the PyPI package eth-account is related to incorrect data input used as a condition for loop execution. Exploiting this vulnerability could allow an attacker to cause service failures...

The vulnerability in the implementation of the CURLOPT_CERTINFO option for SSL certificates in the cURL command-line utility allows a attacker to cause a service failure.

The vulnerability in the implementation of the CURLOPTCERTINFO option for SSL certificates in the cURL command-line utility is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability could allow a remote attacker to cause service failures...

GSD-2022-1002281 f2fs: quota: fix loop condition at f2fs_quota_sync()

f2fs: quota: fix loop condition at f2fsquotasync This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.189 by commit...

GSD-2022-1002141 f2fs: quota: fix loop condition at f2fs_quota_sync()

f2fs: quota: fix loop condition at f2fsquotasync This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.110 by commit...

GSD-2022-1001930 f2fs: quota: fix loop condition at f2fs_quota_sync()

f2fs: quota: fix loop condition at f2fsquotasync This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.33 by commit...

GSD-2022-1001622 f2fs: quota: fix loop condition at f2fs_quota_sync()

f2fs: quota: fix loop condition at f2fsquotasync This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.19 by commit...

GSD-2022-1001319 f2fs: quota: fix loop condition at f2fs_quota_sync()

f2fs: quota: fix loop condition at f2fsquotasync This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.2 by commit...

The vulnerability of the X509_verify_cert() function in the OpenSSL library, related to the execution of a loop with an unreachable exit condition, allows a hacker to cause a service failure.

The vulnerability of the X509verifycert function in the OpenSSL library is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability could allow a malicious actor to cause service failures...

The vulnerability of the Exiv2 metadata management library, related to the execution of a loop with an unreachable exit condition, allows a hacker to cause a service failure.

The vulnerability of the Exiv2 media metadata management library lies in the execution of a loop with an unreachable exit condition. Exploiting this vulnerability allows a remote attacker to trigger a service failure using a specially created image file...

The vulnerability in the configuration of Junos OS operating system-based ACX5800, EX9200, MX10000, MX240, MX480, and MX960 routers allows a attacker to cause service interruptions.

The vulnerability of the configuration of Junos OS operating system routers of the ACX5800, EX9200, MX10000, MX240, MX480, and MX960 series is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability can allow a malicious actor to cause service failures...

The vulnerability of the `n_tty_receive_char_special` function in Linux operating systems allows a hacker to cause a service failure.

The vulnerability of the nttyreceivecharspecial function in Linux operating systems is related to incorrect data input used as a condition for loop execution. Exploiting this vulnerability can allow an attacker to cause a service failure...

CVE-2020-25674

WriteOnePNGImage from coders/png.c the PNG coder has a for loop with an improper exit condition that can allow an out-of-bounds READ via heap-buffer-overflow. This occurs because it is possible for the colormap to have less than 256 valid values but the loop condition will loop 256 times,...

CVE-2020-25674

A flaw was found in ImageMagick. When the colormap has less than 256 valid values, the loop condition will continue to loop 256 times, attempting to pass invalid colormap data to the event logger, leading to an improper exit condition and an out-of-bounds read via heap-buffer-overflow. The highes...

SGN - Encoder Ported Into Go With Several Improvements

SGN is a polymorphic binary encoder for offensive security purposes such as generating statically undetecable binary payloads. It uses a additive feedback loop to encode given binary instructions similar to LSFR. This project is the reimplementation of the original Shikata ga nai in golang with...

JDK: Failure to privatize a value pulled out of the loop by versioning

All builds of Eclipse OpenJ9 prior to 0.15 contain a bug where the loop versioner may fail to privatize a value that is pulled out of the loop by versioning - for example if there is a condition that is moved out of the loop that reads a field we may not privatize the value of that field in the...

Wireshark 2.2.x < 2.2.8 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.2.8. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.2.8 advisory. - In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the openSAFETY dissector could crash or exhaust...

Apple macOS/iOS Kernel 10.12.3 (16D32) - SIOCGIFORDER Socket ioctl Off-by-One Memory Corruption

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1111 SIOCSIFORDER and SIOCGIFORDER allow userspace programs to build and maintain the ifnetorderedhead linked list of interfaces. SIOCSIFORDER clears the existing list and allows userspace to specify an array of interface indexes...

HP System Management Homepage Multiple Vulnerabilities (HPSBMU03593)

According to its banner, the version of HP System Management Homepage SMH hosted on the remote web server is affected by the following vulnerabilities : - A denial of service vulnerability exists in the Apache HTTP Server due to the lack of the modreqtimeout module. An unauthenticated, remote...

SUSE-SU-2015:0882-1 Security update for clamav

The ClamAV antivirus engine was updated to version 0.98.7 to fix several security and non security issues. The following vulnerabilities were fixed bsc929192: CVE-2015-2170: Fix crash in upx decoder with crafted file. Discovered and patch supplied by Sebastian Andrzej Siewior. CVE-2015-2221: Fix...

Multiple vendors ZOO file decompression infinite loop DoS

Topic: Multiple vendors ZOO file decompression infinite loop DoS Announced: 2007-05-04 Credits: Jean-Sebastien Guay-Leroux Products: Multiple see section III Impact: DoS 99 CPU utilisation CVE ID: CVE-2007-1669, CVE-2007-1670, CVE-2007-1671, CVE-2007-1672, CVE-2007-1673 I. BACKGROUND Zoo is a...