CWE:
 

Sorry. No results for Bugtraq WLB2


CVEMAP Search Results

CVE
Details
Description
2021-09-09
Waiting for details
CVE-2021-39204

Updating...
 

 
Pomerium is an open source identity-aware access proxy. Envoy, which Pomerium is based on, incorrectly handles resetting of HTTP/2 streams with excessive complexity. This can lead to high CPU utilization when a large number of streams are reset. This can result in a DoS condition. Pomerium versions 0.14.8 and 0.15.1 contain an upgraded envoy binary with this vulnerability patched.

 
2021-08-24
Medium
CVE-2021-32778

Vendor: Envoyproxy
Software: Envoy
 

 

 
2021-03-20
Low
CVE-2021-28950

Vendor: Linux
Software: Linux kernel
 

 
An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. A "stall on CPU" can occur because a retry loop continually finds the same bad inode, aka CID-775c5033a0d1.

 
2021-03-19
Low
CVE-2021-27807

Vendor: Apache
Software: Pdfbox
 

 
A carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions.

 
2020-11-23
Low
CVE-2018-20805

Vendor: Mongodb
Software: Mongodb
 

 
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which perform an $elemMatch This issue affects: MongoDB Inc. MongoDB Server v4.0 versions prior to 4.0.5; v3.6 versions prior to 3.6.10. This issue affects: MongoDB Inc. MongoDB Server 3.6 versions prior to 3.6.10; 4.0 versions prior to 4.0.5.

 
2018-10-25
Low
CVE-2018-18651

Vendor: Xpdfreader
Software: XPDF
 

 
An issue was discovered in Xpdf 4.00. catalog->getNumPages() in AcroForm.cc allows attackers to launch a denial of service (hang caused by large loop) via a specific pdf file, as demonstrated by pdftohtml. This is mainly caused by a large number after the /Count field in the file.

 
2018-07-18
High
CVE-2018-14342

Vendor: Wireshark
Software: Wireshark
 

 
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the BGP protocol dissector could go into a large loop. This was addressed in epan/dissectors/packet-bgp.c by validating Path Attribute lengths.

 
2018-06-05
Medium
CVE-2018-11813

Vendor: IJG
Software: Libjpeg
 

 
libjpeg 9c has a large loop because read_pixel in rdtarga.c mishandles EOF.

 
2018-04-04
Low
CVE-2017-13279

Vendor: Google
Software: Android
 

 
In M3UParser::parse of M3UParser.cpp, there is a memory resource exhaustion due to a large loop of pushing items into a vector. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68399439.

 
Medium
CVE-2018-9261

Vendor: Wireshark
Software: Wireshark
 

 
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the NBAP dissector could crash with a large loop that ends with a heap-based buffer overflow. This was addressed in epan/dissectors/packet-nbap.c by prohibiting the self-linking of DCH-IDs.

 

 


Copyright 2021, cxsecurity.com

 

Back to Top