Total
858 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-7046 | 2 Dovecot, Fedoraproject | 2 Dovecot, Fedora | 2024-11-21 | 7.5 High |
| lib-smtp in submission-login and lmtp in Dovecot 2.3.9 before 2.3.9.3 mishandles truncated UTF-8 data in command parameters, as demonstrated by the unauthenticated triggering of a submission-login infinite loop. | ||||
| CVE-2020-6855 | 1 Sos-berlin | 1 Jobscheduler | 2024-11-21 | 6.5 Medium |
| A large or infinite loop vulnerability in the JOC Cockpit component of SOS JobScheduler 1.11 and 1.13.2 allows attackers to parameterize housekeeping jobs in a way that exhausts system resources and results in a denial of service. | ||||
| CVE-2020-5761 | 1 Grandstream | 12 Ht801, Ht801 Firmware, Ht802 and 9 more | 2024-11-21 | 7.5 High |
| Grandstream HT800 series firmware version 1.0.17.5 and below is vulnerable to CPU exhaustion due to an infinite loop in the TR-069 service. Unauthenticated remote attackers can trigger this case by sending a one character TCP message to the TR-069 service. | ||||
| CVE-2020-36310 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-11-21 | 5.5 Medium |
| An issue was discovered in the Linux kernel before 5.8. arch/x86/kvm/svm/svm.c allows a set_memory_region_test infinite loop for certain nested page faults, aka CID-e72436bc3a52. | ||||
| CVE-2020-36227 | 3 Apple, Debian, Openldap | 3 Macos, Debian Linux, Openldap | 2024-11-21 | 7.5 High |
| A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service. | ||||
| CVE-2020-36023 | 1 Freedesktop | 1 Poppler | 2024-11-21 | 6.5 Medium |
| An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::cvtGlyph function. | ||||
| CVE-2020-35609 | 1 Microsoft | 1 Azure Sphere | 2024-11-21 | 5.5 Medium |
| A denial-of-service vulnerability exists in the asynchronous ioctl functionality of Microsoft Azure Sphere 20.05. A sequence of specially crafted ioctl calls can cause a denial of service. An attacker can write shellcode to trigger this vulnerability. | ||||
| CVE-2020-28916 | 3 Debian, Qemu, Redhat | 3 Debian Linux, Qemu, Enterprise Linux | 2024-11-21 | 5.5 Medium |
| hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer address. | ||||
| CVE-2020-28095 | 1 Tenda | 2 Ac1200, Ac1200 Firmware | 2024-11-21 | 7.5 High |
| On Tenda AC1200 (Model AC6) 15.03.06.51_multi devices, a large HTTP POST request sent to the change password API will trigger the router to crash and enter an infinite boot loop. | ||||
| CVE-2020-28030 | 3 Debian, Fedoraproject, Wireshark | 3 Debian Linux, Fedora, Wireshark | 2024-11-21 | 7.5 High |
| In Wireshark 3.2.0 to 3.2.7, the GQUIC dissector could crash. This was addressed in epan/dissectors/packet-gquic.c by correcting the implementation of offset advancement. | ||||
| CVE-2020-27618 | 5 Debian, Gnu, Netapp and 2 more | 25 Debian Linux, Glibc, 500f and 22 more | 2024-11-21 | 5.5 Medium |
| The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228. | ||||
| CVE-2020-27152 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | 5.5 Medium |
| An issue was discovered in ioapic_lazy_update_eoi in arch/x86/kvm/ioapic.c in the Linux kernel before 5.9.2. It has an infinite loop related to improper interaction between a resampler and edge triggering, aka CID-77377064c3a9. | ||||
| CVE-2020-26575 | 4 Debian, Fedoraproject, Oracle and 1 more | 5 Debian Linux, Fedora, Zfs Storage Appliance and 2 more | 2024-11-21 | 7.5 High |
| In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement. | ||||
| CVE-2020-25641 | 5 Canonical, Debian, Linux and 2 more | 6 Ubuntu Linux, Debian Linux, Linux Kernel and 3 more | 2024-11-21 | 5.5 Medium |
| A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite loop, causing a denial of service. This flaw allows a local attacker with basic privileges to issue requests to a block device, resulting in a denial of service. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2020-25625 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2024-11-21 | 5.3 Medium |
| hw/usb/hcd-ohci.c in QEMU 5.0.0 has an infinite loop when a TD list has a loop. | ||||
| CVE-2020-25574 | 1 Hyper | 1 Http | 2024-11-21 | 7.5 High |
| An issue was discovered in the http crate before 0.1.20 for Rust. An integer overflow in HeaderMap::reserve() could result in denial of service (e.g., an infinite loop). | ||||
| CVE-2020-24944 | 1 Privateoctopus | 1 Picoquic | 2024-11-21 | 7.5 High |
| picoquic (before 3rd of July 2020) allows attackers to cause a denial of service (infinite loop) via a crafted QUIC frame, related to the picoquic_decode_frames and picoquic_decode_stream_frame functions and epoch==3. | ||||
| CVE-2020-24337 | 1 Altran | 2 Picotcp, Picotcp-ng | 2024-11-21 | 7.5 High |
| An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. When an unsupported TCP option with zero length is provided in an incoming TCP packet, it is possible to cause a Denial-of-Service by achieving an infinite loop in the code that parses TCP options, aka tcp_parse_options() in pico_tcp.c. | ||||
| CVE-2020-24221 | 1 Miniupnp Project | 1 Ngiflib | 2024-11-21 | 5.5 Medium |
| An issue was discovered in GetByte function in miniupnp ngiflib version 0.4, allows local attackers to cause a denial of service (DoS) via crafted .gif file (infinite loop). | ||||
| CVE-2020-23566 | 1 Irfanview | 1 Irfanview | 2024-11-21 | 5.5 Medium |
| Irfanview v4.53 was discovered to contain an infinity loop via JPEG2000!ShowPlugInSaveOptions_W+0x1ecd8. | ||||