16572 matches found
CVE-2026-32777
libexpat before 2.7.5 allows an infinite loop while parsing DTD content...
UBUNTU-CVE-2026-32777
libexpat before 2.7.5 allows an infinite loop while parsing DTD content...
CVE-2026-32777
A flaw was found in libexpat. A remote attacker could exploit this vulnerability by providing specially crafted Document Type Definition DTD content. This could lead to an infinite loop during parsing, resulting in a Denial of Service DoS for the application using libexpat...
Infinite loop
Overview Affected versions of this package are vulnerable to Infinite loop in the DTD parsing process. An attacker can cause the application to enter an infinite loop by providing specially crafted DTD content. Remediation Upgrade expat to version 2.7.5 or higher. References - GitHub Commit -...
CVE-2026-32777
CVE-2026-32777 affects libexpat prior to 2.7.5, where parsing DTD content can trigger an infinite loop. This behavior can cause a denial of service if a system processes crafted DTDs. The available connected documents confirm the issue and its relation to libexpat’s DTD parsing loop, with no expl...
CVE-2026-32777
libexpat before 2.7.5 allows an infinite loop while parsing DTD content...
CVE-2026-32777
libexpat before 2.7.5 allows an infinite loop while parsing DTD content...
CVE-2026-32777
libexpat before 2.7.5 allows an infinite loop while parsing DTD content...
CVE-2026-32777
libexpat before 2.7.5 allows an infinite loop while parsing DTD content...
CVE-2026-32777
libexpat before 2.7.5 allows an infinite loop while parsing DTD content...
PT-2026-26174
Summary ewe's handle trailers function contains a bug where rejected trailer headers forbidden or undeclared cause an infinite loop. The function recurses with the original unparsed buffer instead of advancing past the rejected header, re-parsing the same header forever. Each malicious request...
EulerOS 2.0 SP10 : kernel (EulerOS-SA-2026-1313)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : scsi: mpt3sas: Fix crash in transport port remove by using iocinfoCVE-2025-40115 scsi: target: Fix WRITESAME No Data Buffer crashCVE-2022-21546...
OESA-2026-1585 zlib security update
Security Fixes: zlib before 1.3.2 allows CPU consumption via crc32combine64 and crc32combinegen64 because x2nmodp can do right shifts within a loop that has no termination condition.CVE-2026-27171...
OESA-2026-1583 zlib security update
Security Fixes: zlib before 1.3.2 allows CPU consumption via crc32combine64 and crc32combinegen64 because x2nmodp can do right shifts within a loop that has no termination condition.CVE-2026-27171...
EUVD-2026-12190
Issues in stm32 USB device driver drivers/usb/device/usbdcstm32.c can lead to an infinite while loop...
CVE-2026-4179 stm32: usb: Infinite while loop in Interrupt Handler
Issues in stm32 USB device driver drivers/usb/device/usbdcstm32.c can lead to an infinite while loop...
CVE-2026-4179 stm32: usb: Infinite while loop in Interrupt Handler
Issues in stm32 USB device driver drivers/usb/device/usbdcstm32.c can lead to an infinite while loop...
CVE-2026-4179
CVE-2026-4179 affects the STM32 USB device driver, specifically the USB interrupt handling path in drivers/usb/device/usb_dc_stm32.c. The issue is an infinite loop (infinite while loop) in the USB interrupt handler, as described across multiple sources (Red Hat, NVD, CVE listing, CVE enrichment)....
CVE-2026-4179
Issues in stm32 USB device driver drivers/usb/device/usbdcstm32.c can lead to an infinite while loop...
SUSE CVE-2026-4111
A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archivereaddata processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents forward progress. This...