16572 matches found
libpng: LIBPNG has a heap buffer overflow in png_set_quantize
A heap based buffer overflow flaw has been discovered in LibPNG. Prior to version 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of colors in the palette is more than twice the maximum supported b...
libpng: LIBPNG has a heap buffer overflow in png_set_quantize
A heap based buffer overflow flaw has been discovered in LibPNG. Prior to version 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of colors in the palette is more than twice the maximum supported b...
libpng: LIBPNG has a heap buffer overflow in png_set_quantize
A heap based buffer overflow flaw has been discovered in LibPNG. Prior to version 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of colors in the palette is more than twice the maximum supported b...
libpng: LIBPNG has a heap buffer overflow in png_set_quantize
A heap based buffer overflow flaw has been discovered in LibPNG. Prior to version 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of colors in the palette is more than twice the maximum supported b...
Libarchive: infinite loop denial of service in rar5 decompression via archive_read_data() in libarchive
...
ROS-20260317-73-0026
A vulnerability in the mptcpdofallback function of the mptcp component of the mptcp component of the Linux operating system kernel involves an infinite loop. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
Unity Linux 20.1060e / 20.1070e Security Update: udisks2 (UTSA-2026-006231)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006231 advisory. A flaw was found in the Udisks daemon, where it allows unprivileged users to create loop devices using the D-BUS system. This is achieved via the loop device handler...
Apache Airflow 安全漏洞
Apache Airflow is the United States Apache Apache Foundation's set of open source platform with the creation, management and monitoring of workflow functions. The platform is scalable and dynamic monitoring and other features. Apache Airflow suffers from a security bypass vulnerability that stems...
PT-2026-25979
Summary music-metadata's ASF parser parseExtensionObject in lib/asf/AsfParser.ts:112-158 enters an infinite loop when a sub-object inside the ASF Header Extension Object has objectSize = 0. Root Cause When objectSize is 0: 1. remaining = 0 - 24 = -24 2. tokenizer.ignore-24 moves the read position...
PT-2026-25893
Apache Airflow versions 3.1.0 through 3.1.7 missing authorization vulnerability in the Execution API's Human-in-the-Loop HITL endpoints that allows any authenticated task instance to read, approve, or reject HITL workflows belonging to any other task instance. Users are recommended to upgrade to...
PT-2026-28438
Name of the Vulnerable Software and Affected Versions versions prior to 2026-32287 Description Boolean XPath expressions that evaluate to true can cause an infinite loop within the logicalQuery.Select function, resulting in 100% CPU utilization. This condition can be initiated by top-level...
PT-2026-26093
Name of the Vulnerable Software and Affected Versions UltraJSON versions 5.10 through 5.11.0 Description UltraJSON, a fast JSON encoder and decoder written in C, is susceptible to a buffer overflow or infinite loop when processing large indent values. Specifically, the ujson.dumps function can...
GHSA-4W98-XF39-23GP Loop with Unreachable Exit Condition ('Infinite Loop') in ewe
Summary ewe's handletrailers function contains a bug where rejected trailer headers forbidden or undeclared cause an infinite loop. The function recurses with the original unparsed buffer instead of advancing past the rejected header, re-parsing the same header forever. Each malicious request...
Loop with Unreachable Exit Condition ('Infinite Loop') in ewe
Summary ewe's handletrailers function contains a bug where rejected trailer headers forbidden or undeclared cause an infinite loop. The function recurses with the original unparsed buffer instead of advancing past the rejected header, re-parsing the same header forever. Each malicious request...
SUSE CVE-2026-32777
libexpat before 2.7.5 allows an infinite loop while parsing DTD content...
EUVD-2026-12349
libexpat before 2.7.5 allows an infinite loop while parsing DTD content...
CVE-2026-4179
Issues in stm32 USB device driver drivers/usb/device/usbdcstm32.c can lead to an infinite while loop...
CVE-2026-32777
libexpat before 2.7.5 allows an infinite loop while parsing DTD content...
ALPINE-CVE-2026-32777
libexpat before 2.7.5 allows an infinite loop while parsing DTD content...
CVE-2026-32777
libexpat before 2.7.5 allows an infinite loop while parsing DTD content...