Search Results (1232 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-6303 2 Redhat, Yukihiro Matsumoto 2 Enterprise Linux, Ruby 2025-04-09 N/A
The read_multipart function in cgi.rb in Ruby before 1.8.5-p2 does not properly detect boundaries in MIME multipart content, which allows remote attackers to cause a denial of service (infinite loop) via crafted HTTP requests, a different issue than CVE-2006-5467.
CVE-2007-4985 2 Imagemagick, Redhat 2 Imagemagick, Enterprise Linux 2025-04-09 N/A
ImageMagick before 6.3.5-9 allows context-dependent attackers to cause a denial of service via a crafted image file that triggers (1) an infinite loop in the ReadDCMImage function, related to ReadBlobByte function calls; or (2) an infinite loop in the ReadXCFImage function, related to ReadBlobMSBLong function calls.
CVE-2007-4772 5 Canonical, Debian, Postgresql and 2 more 6 Ubuntu Linux, Debian Linux, Postgresql and 3 more 2025-04-09 N/A
The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression.
CVE-2008-3932 2 Redhat, Wireshark 2 Enterprise Linux, Wireshark 2025-04-09 N/A
Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allows attackers to cause a denial of service (hang) via a crafted NCP packet that triggers an infinite loop.
CVE-2008-2109 1 Media-libs 1 Libid3tag 2025-04-09 N/A
field.c in the libid3tag 0.15.0b library allows context-dependent attackers to cause a denial of service (CPU consumption) via an ID3_FIELD_TYPE_STRINGLIST field that ends in '\0', which triggers an infinite loop.
CVE-2009-3080 7 Canonical, Debian, Linux and 4 more 16 Ubuntu Linux, Debian Linux, Linux Kernel and 13 more 2025-04-09 N/A
Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request.
CVE-2007-2756 2 Libgd, Redhat 3 Libgd, Enterprise Linux, Rhel Application Stack 2025-04-09 N/A
The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service (CPU consumption) via a crafted PNG image with truncated data, which causes an infinite loop in the png_read_info function in libpng.
CVE-2009-1270 3 Canonical, Clamav, Debian 3 Ubuntu Linux, Clamav, Debian Linux 2025-04-09 N/A
libclamav/untar.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (infinite loop) via a crafted TAR file that causes (1) clamd and (2) clamscan to hang.
CVE-2008-5285 2 Redhat, Wireshark 2 Enterprise Linux, Wireshark 2025-04-09 N/A
Wireshark 1.0.4 and earlier allows remote attackers to cause a denial of service via a long SMTP request, which triggers an infinite loop.
CVE-2025-32029 2025-04-08 N/A
ts-asn1-der is a collection of utility classes to encode ASN.1 data following DER rule. Incorrect number DER encoding can lead to denial on service for absolute values in the range 2**31 -- 2**32 - 1. The arithmetic in the numBitLen didn't take into account that values in this range could result in a negative result upon applying the >> operator, leading to an infinite loop. The issue is patched in version 1.0.4. If upgrading is not an option, the issue can be mitigated by validating inputs to Asn1Integer to ensure that they are not smaller than -2**31 + 1 and no larger than 2**31 - 1.
CVE-2022-48256 1 Technitium 1 Dns Server 2025-04-07 7.5 High
Technitium DNS Server before 10.0 allows a self-CNAME denial-of-service attack in which a CNAME loop causes an answer to contain hundreds of records.
CVE-2024-11702 1 Mozilla 2 Firefox, Thunderbird 2025-04-05 7.5 High
Copying sensitive information from Private Browsing tabs on Android, such as passwords, may have inadvertently stored data in the cloud-based clipboard history if enabled. This vulnerability affects Firefox < 133 and Thunderbird < 133.
CVE-2005-2224 1 Microsoft 1 Asp.net 2025-04-03 N/A
aspnet_wp.exe in Microsoft ASP.NET web services allows remote attackers to cause a denial of service (CPU consumption from infinite loop) via a crafted SOAP message to an RPC/Encoded method.
CVE-2004-0748 2 Apache, Redhat 2 Http Server, Enterprise Linux 2025-04-03 N/A
mod_ssl in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (CPU consumption) by aborting an SSL connection in a way that causes an Apache child process to enter an infinite loop.
CVE-2004-0753 2 Gnome, Redhat 3 Gdkpixbuf, Gtk, Enterprise Linux 2025-04-03 N/A
The BMP image processor for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted BMP file.
CVE-2005-0851 1 Filezilla-project 1 Filezilla Server 2025-04-03 N/A
FileZilla FTP server before 0.9.6, when using MODE Z (zlib compression), allows remote attackers to cause a denial of service (infinite loop) via certain file uploads or directory listings.
CVE-2021-33642 1 Openeuler 1 Byacc 2025-04-02 5.5 Medium
When a file is processed, an infinite loop occurs in next_inline() of the more_curly() function.
CVE-2024-29944 3 Debian, Mozilla, Redhat 8 Debian Linux, Firefox, Firefox Esr and 5 more 2025-04-01 8.4 High
An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript execution in the parent process. Note: This vulnerability affects Desktop Firefox only, it does not affect mobile versions of Firefox. This vulnerability affects Firefox < 124.0.1 and Firefox ESR < 115.9.1.
CVE-2024-26283 1 Mozilla 1 Firefox 2025-03-27 7.8 High
An attacker could have executed unauthorized scripts on top origin sites using a JavaScript URI when opening an external URL with a custom Firefox scheme. This vulnerability affects Firefox for iOS < 123.
CVE-2022-44617 2 Redhat, X.org 6 Enterprise Linux, Rhel Aus, Rhel E4s and 3 more 2025-03-25 7.5 High
A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and can lead to an infinite loop, resulting in a Denial of Service in the application linked to the library.