Total
256 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-20993 | 1 Yaml-rust Project | 1 Yaml-rust | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the yaml-rust crate before 0.4.1 for Rust. There is uncontrolled recursion during deserialization. | |||||
| CVE-2019-13129 | 1 Motorola | 2 Cx2l Mwr04l, Cx2l Mwr04l Firmware | 2020-08-24 | 7.8 HIGH | 7.5 HIGH |
| On the Motorola router CX2L MWR04L 1.01, there is a stack consumption (infinite recursion) issue in scopd via TCP port 8010 and UDP port 8080. It is caused by snprintf and inappropriate length handling. | |||||
| CVE-2019-11024 | 1 Libsixel Project | 1 Libsixel | 2020-08-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| The load_pnm function in frompnm.c in libsixel.a in libsixel 1.8.2 has infinite recursion. | |||||
| CVE-2018-1158 | 1 Mikrotik | 1 Routeros | 2020-08-24 | 4.0 MEDIUM | 6.5 MEDIUM |
| Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a stack exhaustion vulnerability. An authenticated remote attacker can crash the HTTP server via recursive parsing of JSON. | |||||
| CVE-2020-9243 | 1 Huawei | 2 Mate 30, Mate 30 Firmware | 2020-08-11 | 4.3 MEDIUM | 5.5 MEDIUM |
| HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a denial of service vulnerability. The system does not properly limit the depth of recursion, an attacker should trick the user installing and execute a malicious application. Successful exploit could cause a denial of service condition. | |||||
| CVE-2020-5591 | 1 Xack | 1 Xack Dns | 2020-06-11 | 5.0 MEDIUM | 7.5 HIGH |
| XACK DNS 1.11.0 to 1.11.4, 1.10.0 to 1.10.8, 1.8.0 to 1.8.23, 1.7.0 to 1.7.18, and versions before 1.7.0 allow remote attackers to cause a denial of service condition resulting in degradation of the recursive resolver's performance or compromising the recursive resolver as a reflector in a reflection attack. | |||||
| CVE-2018-21232 | 1 Re2c | 1 Re2c | 2020-05-14 | 4.3 MEDIUM | 5.5 MEDIUM |
| re2c before 2.0 has uncontrolled recursion that causes stack consumption in find_fixed_tags. | |||||
| CVE-2018-9138 | 1 Gnu | 1 Binutils | 2020-04-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.29 and 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_nested_args, demangle_args, do_arg, and do_type. | |||||
| CVE-2017-8537 | 1 Microsoft | 13 Endpoint Protection, Exchange Server, Forefront Endpoint Protection and 10 more | 2020-04-09 | 4.3 MEDIUM | 5.5 MEDIUM |
| The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. aka "Microsoft Malware Protection Engine Denial of Service Vulnerability", a different vulnerability than CVE-2017-8535, CVE-2017-8536, CVE-2017-8539, and CVE-2017-8542. | |||||
| CVE-2017-8536 | 1 Microsoft | 13 Endpoint Protection, Exchange Server, Forefront Endpoint Protection and 10 more | 2020-04-09 | 4.3 MEDIUM | 5.5 MEDIUM |
| The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. aka "Microsoft Malware Protection Engine Denial of Service Vulnerability", a different vulnerability than CVE-2017-8535, CVE-2017-8537, CVE-2017-8539, and CVE-2017-8542. | |||||
| CVE-2017-8535 | 1 Microsoft | 13 Endpoint Protection, Exchange Server, Forefront Endpoint Protection and 10 more | 2020-04-09 | 4.3 MEDIUM | 5.5 MEDIUM |
| The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. aka "Microsoft Malware Protection Engine Denial of Service Vulnerability", a different vulnerability than CVE-2017-8536, CVE-2017-8537, CVE-2017-8539, and CVE-2017-8542. | |||||
| CVE-2020-10089 | 1 Gitlab | 1 Gitlab | 2020-03-17 | 5.0 MEDIUM | 7.5 HIGH |
| GitLab 8.11 through 12.8.1 allows a Denial of Service when using several features to recursively request eachother, | |||||
| CVE-2019-18797 | 1 Sass-lang | 1 Libsass | 2019-11-08 | 4.3 MEDIUM | 6.5 MEDIUM |
| LibSass 3.6.1 has uncontrolled recursion in Sass::Eval::operator()(Sass::Binary_Expression*) in eval.cpp. | |||||
| CVE-2017-7515 | 1 Freedesktop | 1 Poppler | 2019-10-09 | 4.3 MEDIUM | 5.5 MEDIUM |
| poppler through version 0.55.0 is vulnerable to an uncontrolled recursion in pdfunite resulting into potential denial-of-service. | |||||
| CVE-2019-13123 | 2 Foxitsoftware, Microsoft | 2 Foxit Reader, Windows | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| Foxit Reader 9.6.0.25114 and earlier has two unique RecursiveCall bugs involving 3 functions exhausting available stack memory because of Uncontrolled Recursion in the V8 JavaScript engine (issue 1 of 2). | |||||
| CVE-2019-13124 | 2 Foxitsoftware, Microsoft | 2 Foxit Reader, Windows | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| Foxit Reader 9.6.0.25114 and earlier has two unique RecursiveCall bugs involving 3 functions exhausting available stack memory because of Uncontrolled Recursion in the V8 JavaScript engine (issue 2 of 2). | |||||
| CVE-2018-5772 | 1 Exiv2 | 1 Exiv2 | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| In Exiv2 0.26, there is a segmentation fault caused by uncontrolled recursion in the Exiv2::Image::printIFDStructure function in the image.cpp file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file. | |||||
| CVE-2017-8539 | 1 Microsoft | 11 Exchange Server, Forefront Security, Malware Protection Engine and 8 more | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. aka "Microsoft Malware Protection Engine Denial of Service Vulnerability", a different vulnerability than CVE-2017-8535, CVE-2017-8536, CVE-2017-8537, and CVE-2017-8542. | |||||
| CVE-2017-0692 | 1 Google | 1 Android | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| A denial of service vulnerability in the Android media framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36725407. | |||||
| CVE-2017-9729 | 1 Uclibc | 1 Uclibc | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| In uClibc 0.9.33.2, there is stack exhaustion (uncontrolled recursion) in the check_dst_limits_calc_pos_1 function in misc/regex/regexec.c when processing a crafted regular expression. | |||||