Total
878 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-4617 | 3 Debian, Gnupg, Opensuse | 3 Debian Linux, Gnupg, Opensuse | 2025-04-12 | N/A |
| The do_uncompress function in g10/compress.c in GnuPG 1.x before 1.4.17 and 2.x before 2.0.24 allows context-dependent attackers to cause a denial of service (infinite loop) via malformed compressed packets, as demonstrated by an a3 01 5b ff byte sequence. | ||||
| CVE-2015-8041 | 2 Opensuse, W1.fi | 3 Opensuse, Hostapd, Wpa Supplicant | 2025-04-12 | N/A |
| Multiple integer overflows in the NDEF record parser in hostapd before 2.5 and wpa_supplicant before 2.5 allow remote attackers to cause a denial of service (process crash or infinite loop) via a large payload length field value in an (1) WPS or (2) P2P NFC NDEF record, which triggers an out-of-bounds read. | ||||
| CVE-2016-7909 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2025-04-12 | 4.4 Medium |
| The pcnet_rdra_addr function in hw/net/pcnet.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by setting the (1) receive or (2) transmit descriptor ring length to 0. | ||||
| CVE-2016-0741 | 2 Fedoraproject, Redhat | 6 389 Directory Server, Enterprise Linux, Enterprise Linux Desktop and 3 more | 2025-04-12 | N/A |
| slapd/connection.c in 389 Directory Server (formerly Fedora Directory Server) 1.3.4.x before 1.3.4.7 allows remote attackers to cause a denial of service (infinite loop and connection blocking) by leveraging an abnormally closed connection. | ||||
| CVE-2014-3619 | 3 Gluster, Opensuse, Redhat | 4 Glusterfs, Opensuse, Rhel Common and 1 more | 2025-04-12 | N/A |
| The __socket_proto_state_machine function in GlusterFS 3.5 allows remote attackers to cause a denial of service (infinite loop) via a "00000000" fragment header. | ||||
| CVE-2014-3598 | 2 Opensuse, Python | 2 Opensuse, Pillow | 2025-04-12 | N/A |
| The Jpeg2KImagePlugin plugin in Pillow before 2.5.3 allows remote attackers to cause a denial of service via a crafted image. | ||||
| CVE-2016-8910 | 4 Debian, Opensuse, Qemu and 1 more | 6 Debian Linux, Leap, Qemu and 3 more | 2025-04-12 | 6.0 Medium |
| The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) by leveraging failure to limit the ring descriptor count. | ||||
| CVE-2014-3584 | 2 Apache, Redhat | 2 Cxf, Jboss Fuse | 2025-04-12 | N/A |
| The SamlHeaderInHandler in Apache CXF before 2.6.11, 2.7.x before 2.7.8, and 3.0.x before 3.0.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted SAML token in the authorization header of a request to a JAX-RS service. | ||||
| CVE-2015-3809 | 1 Wireshark | 1 Wireshark | 2025-04-12 | N/A |
| The dissect_lbmr_pser function in epan/dissectors/packet-lbmr.c in the LBMR dissector in Wireshark 1.12.x before 1.12.5 does not properly track the current offset, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. | ||||
| CVE-2015-0410 | 6 Canonical, Debian, Novell and 3 more | 12 Ubuntu Linux, Debian Linux, Suse Linux Enterprise Desktop and 9 more | 2025-04-12 | N/A |
| Unspecified vulnerability in the Java SE, Java SE Embedded, JRockit component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows remote attackers to affect availability via unknown vectors related to Security. | ||||
| CVE-2015-6525 | 2 Debian, Libevent Project | 2 Debian Linux, Libevent | 2025-04-12 | N/A |
| Multiple integer overflows in the evbuffer API in Libevent 2.0.x before 2.0.22 and 2.1.x before 2.1.5-beta allow context-dependent attackers to cause a denial of service or possibly have other unspecified impact via "insanely large inputs" to the (1) evbuffer_add, (2) evbuffer_prepend, (3) evbuffer_expand, (4) exbuffer_reserve_space, or (5) evbuffer_read function, which triggers a heap-based buffer overflow or an infinite loop. NOTE: this identifier was SPLIT from CVE-2014-6272 per ADT3 due to different affected versions. | ||||
| CVE-2014-9718 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2025-04-12 | N/A |
| The (1) BMDMA and (2) AHCI HBA interfaces in the IDE functionality in QEMU 1.0 through 2.1.3 have multiple interpretations of a function's return value, which allows guest OS users to cause a host OS denial of service (memory consumption or infinite loop, and system crash) via a PRDT with zero complete sectors, related to the bmdma_prepare_buf and ahci_dma_prepare_buf functions. | ||||
| CVE-2013-10005 | 1 Socks5 Project | 1 Socks5 | 2025-04-11 | 7.5 High |
| The RemoteAddr and LocalAddr methods on the returned net.Conn may call themselves, leading to an infinite loop which will crash the program due to a stack overflow. | ||||
| CVE-2014-1943 | 5 Canonical, Debian, Fine Free File Project and 2 more | 6 Ubuntu Linux, Debian Linux, Fine Free File and 3 more | 2025-04-11 | N/A |
| Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service (infinite recursion, CPU consumption, and crash) via a crafted indirect offset value in the magic of a file. | ||||
| CVE-2010-2432 | 1 Apple | 1 Cups | 2025-04-11 | N/A |
| The cupsDoAuthentication function in auth.c in the client in CUPS before 1.4.4, when HAVE_GSSAPI is omitted, does not properly handle a demand for authorization, which allows remote CUPS servers to cause a denial of service (infinite loop) via HTTP_UNAUTHORIZED responses. | ||||
| CVE-2011-4621 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-11 | 5.5 Medium |
| The Linux kernel before 2.6.37 does not properly implement a certain clock-update optimization, which allows local users to cause a denial of service (system hang) via an application that executes code in a loop. | ||||
| CVE-2013-4931 | 2 Redhat, Wireshark | 2 Enterprise Linux, Wireshark | 2025-04-11 | N/A |
| epan/proto.c in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (loop) via a crafted packet that is not properly handled by the GSM RR dissector. | ||||
| CVE-2013-4081 | 4 Debian, Opensuse, Redhat and 1 more | 4 Debian Linux, Opensuse, Enterprise Linux and 1 more | 2025-04-11 | N/A |
| The http_payload_subdissector function in epan/dissectors/packet-http.c in the HTTP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 does not properly determine when to use a recursive approach, which allows remote attackers to cause a denial of service (stack consumption) via a crafted packet. | ||||
| CVE-2013-4079 | 2 Opensuse, Wireshark | 2 Opensuse, Wireshark | 2025-04-11 | N/A |
| The dissect_schedule_message function in epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (infinite loop and application hang) via a crafted packet. | ||||
| CVE-2010-2286 | 2 Redhat, Wireshark | 2 Enterprise Linux, Wireshark | 2025-04-11 | N/A |
| The SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. | ||||