2289 matches found
CVE-2026-7453
A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can cause a Stack Exhaustion vulnerability, leading to a denial-of-service condition...
CVE-2026-7453 WRL File Parsing Memory Exhaustion in Autodesk 3ds Max
A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can cause a Stack Exhaustion vulnerability, leading to a denial-of-service condition...
CVE-2026-7453
CVE-2026-7453 : A memory exhaustion issue occurs when parsing a malicious WRL file in Autodesk 3ds Max, causing a stack exhaustion and denial-of-service. The NVD entry confirms the description and lists a CVSSv3.1 base score of 5.3 (Medium) with local attack vector, low complexity, no privileges,...
EUVD-2026-31914
A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can cause a Stack Exhaustion vulnerability, leading to a denial-of-service condition...
PT-2026-43361
A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can cause a Stack Exhaustion vulnerability, leading to a denial-of-service condition...
Uncontrolled Recursion
Overview Affected versions of this package are vulnerable to Uncontrolled Recursion via Unbounded Recursion in Nested Blocks, Sequences, and Mappings. Symfony\Component\Yaml\Parser is the entry point for parsing YAML strings into PHP values via Yaml::parse. When the parser is exposed to...
Astra Linux – Vulnerability in ntfs-3g
A properly crafted NTFS image with an unallocated bitmap can lead to an endless recursive function call chain starting from ntfsattrpwrite, causing stack consumption in NTFS-3G 2021.8.22...
Astra Linux – Vulnerability in libproxy
In url.cpp within libproxy versions 0.4.x to 0.4.15, it is possible for a remote HTTP server to trigger uncontrolled recursion by sending a response that consists of an infinite stream without a newline character. This leads to a stack exhaustion issue...
Astra Linux – Vulnerability in Golang-1.19
Calling any of the Parse functions in Go source code that contains deeply nested literals can cause a panic due to stack exhaustion...
Astra Linux – Vulnerability in expat
In Expat also known as libexpat, before version 2.4.5, an attacker could trigger stack exhaustion in buildmodel by using a very deep nesting level within the DTD element...
Astra Linux – Vulnerability in binutils
A issue was discovered in cp-demangle.c within GNU libiberty, as part of the GNU Binutils 2.31 package. This issue involves stack exhaustion during the C++ demangling functions provided by libiberty. There is also a stack consumption problem caused by recursive stack frames: cplusdemangletype,...
Astra Linux – Vulnerability in libcroco
In libcroco version 0.6.13, there is excessive recursion in the cr parser function cr parserparseanycore in cr-parser.c, resulting in stack consumption...
Astra Linux – Vulnerability in Golang-1.19
Calling Decoder.Decode on a message that contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...
Astra Linux – Vulnerability in Golang-1.19
Using Parse with a build tag line like "// +build" and deeply nested expressions can lead to a panic due to stack exhaustion...
Astra Linux – Vulnerability in binutils
A issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in dcounttemplatesscopes in cp-demangle.c after multiple recursive calls...
Astra Linux – Vulnerability in bind9
The code that processes control channel messages sent to named recursively calls certain functions during packet parsing. The recursion depth is limited only by the maximum acceptable packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack...
Astra Linux – Vulnerability in libxml2
A flaw was identified in the RelaxNG parser of libxml2 regarding how external schema inclusions are handled. The parser does not enforce a limit on the inclusion depth when resolving nested directives. Specifically crafted or overly complex schemas can cause excessive recursion during parsing. Th...
Uncontrolled Recursion
Overview sqlfluffrs is a The SQL Linter for Humans Affected versions of this package are vulnerable to Uncontrolled Recursion through the ParseContext and parser recursion in the SQL parser components. An attacker can exhaust parser stack depth and force repeated parse failures by supplying deepl...
EUVD-2026-30039
protobufjs: Denial of Service via unbounded recursive JSON descriptor expansion...
SUSE-SU-2026:21794-1 Security update for agama
This update for agama fixes the following issue - CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion bsc1257930. Changes for agama: - Update "time" crate to version 0.3.47...