16673 matches found
📄 zlib crc32_combine_gen64 Denial of Service
zlib versions prior to 1.3.2 has an infinite loop vulnerability in the crc32combinegen64 function that can result in a denial of service condition. ============================================================================================================================================= | Title...
Linux Distros Unpatched Vulnerability : CVE-2026-24485
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, when a PCD file does no...
DEBIAN-CVE-2026-27951
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the function StreamEnsureCapacity can create an endless blocking loop. This may affect all client and server implementations using FreeRDP. For practical exploitation this will only work on 32bit systems whe...
CVE-2026-27951
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the function StreamEnsureCapacity can create an endless blocking loop. This may affect all client and server implementations using FreeRDP. For practical exploitation this will only work on 32bit systems whe...
CVE-2026-27951 FreeRDP has possible Integer overflow in Stream_EnsureCapacity
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the function StreamEnsureCapacity can create an endless blocking loop. This may affect all client and server implementations using FreeRDP. For practical exploitation this will only work on 32bit systems whe...
CVE-2026-27951 FreeRDP has possible Integer overflow in Stream_EnsureCapacity
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the function StreamEnsureCapacity can create an endless blocking loop. This may affect all client and server implementations using FreeRDP. For practical exploitation this will only work on 32bit systems whe...
CVE-2026-27951
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the function StreamEnsureCapacity can create an endless blocking loop. This may affect all client and server implementations using FreeRDP. For practical exploitation this will only work on 32bit systems whe...
ImageMagick: Malicious PCD files trigger 1‑byte heap Out-of-bounds Read and DoS
The PCD coder’s DecodeImage loop allows a crafted PCD file to trigger a 1‑byte heap out-of-bounds read when decoding an image Denial of service and potential disclosure of adjacent heap byte...
EUVD-2026-8669
A vulnerability with the Ethernet VPN EVPN Layer 2 ingress packet processing of Cisco Nexus 3600 Platform Switches and Cisco Nexus 9500-R Series Switching Platforms could allow an unauthenticated, adjacent attacker to trigger a Layer 2 traffic loop. This vulnerability is due to a logic error when...
CVE-2026-20051
A vulnerability with the Ethernet VPN EVPN Layer 2 ingress packet processing of Cisco Nexus 3600 Platform Switches and Cisco Nexus 9500-R Series Switching Platforms could allow an unauthenticated, adjacent attacker to trigger a Layer 2 traffic loop. This vulnerability is due to a logic error when...
CVE-2026-20051
Summary: CVE-2026-20051 affects Cisco Nexus 3600 Series switches and Nexus 9500-R Series platforms, where a logic error in Ethernet VPN (EVPN) Layer 2 ingress packet processing can be triggered by a crafted Layer 2 frame. An unauthenticated, adjacent attacker could induce a Layer 2 traffic loop t...
CVE-2026-20051
A vulnerability with the Ethernet VPN EVPN Layer 2 ingress packet processing of Cisco Nexus 3600 Platform Switches and Cisco Nexus 9500-R Series Switching Platforms could allow an unauthenticated, adjacent attacker to trigger a Layer 2 traffic loop. This vulnerability is due to a logic error when...
CVE-2026-20051 Cisco Nexus 3600-R and 9500-R Series Switching Platforms Layer 2 Loop Denial of Service Vulnerability
A vulnerability with the Ethernet VPN EVPN Layer 2 ingress packet processing of Cisco Nexus 3600 Platform Switches and Cisco Nexus 9500-R Series Switching Platforms could allow an unauthenticated, adjacent attacker to trigger a Layer 2 traffic loop. This vulnerability is due to a logic error when...
GHSA-2RW7-X74F-JG35 pypdf has a possible infinite loop when loading circular /Prev entries in cross-reference streams
Impact An attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires reading the file. Patches This has been fixed in pypdf==6.7.2. Workarounds If users cannot upgrade yet, consider applying the changes from PR 3655...
pypdf has a possible infinite loop when loading circular /Prev entries in cross-reference streams
Impact An attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires reading the file. Patches This has been fixed in pypdf==6.7.2. Workarounds If users cannot upgrade yet, consider applying the changes from PR 3655...
EUVD-2026-8601
pypdf has a possible infinite loop when loading circular /Prev entries in cross-reference streams...
Cisco Nexus 3600 and 9500-R Series Switching Platforms Layer 2 Loop Denial of Service Vulnerability
A vulnerability with the Ethernet VPN EVPN Layer 2 ingress packet processing of Cisco Nexus 3600 Platform Switches and Cisco Nexus 9500-R Series Switching Platforms could allow an unauthenticated, adjacent attacker to trigger a Layer 2 traffic loop. This vulnerability is due to a logic error when...
This affects versions of the package bn.js before 5.2.3. Calling maskn(0) on any BN instance corrupts the internal state, causing toString(), divmod(), and other methods to enter an infinite loop, hanging the process indefinitely.
...
Infinite loop
Overview pypdf is an A pure-python PDF library capable of splitting, merging, cropping, and transforming PDF files Affected versions of this package are vulnerable to Infinite loop in reader.py, when loading circular /Prev entries in cross-reference streams. An attacker can cause the application ...
DEBIAN-CVE-2026-27628
pypdf is a free and open-source pure-python PDF library. Prior to 6.7.2, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires reading the file. This has been fixed in pypdf 6.7.2. As a workaround, one may apply the patch manually...