Vulnerabilities > Loop with Unreachable Exit Condition ('Infinite Loop')

DATE CVE VULNERABILITY TITLE RISK
2018-04-16 CVE-2018-10177 Infinite Loop vulnerability in multiple products
In ImageMagick 7.0.7-28, there is an infinite loop in the ReadOneMNGImage function of the coders/png.c file.
network
low complexity
imagemagick canonical CWE-835
6.5
6.5
2018-04-04 CVE-2018-6918 Infinite Loop vulnerability in Freebsd
In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p9, 10.4-STABLE, 10.4-RELEASE-p8 and 10.3-RELEASE-p28, the length field of the ipsec option header does not count the size of the option header itself, causing an infinite loop when the length is zero.
network
low complexity
freebsd CWE-835
7.5
7.5
2018-04-04 CVE-2018-9257 Infinite Loop vulnerability in Wireshark
In Wireshark 2.4.0 to 2.4.5, the CQL dissector could go into an infinite loop.
network
low complexity
wireshark CWE-835
7.5
7.5
2018-04-04 CVE-2018-9251 Infinite Loop vulnerability in multiple products
The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035.
network
high complexity
xmlsoft debian CWE-835
5.3
5.3
2018-04-02 CVE-2018-6253 Infinite Loop vulnerability in Nvidia GPU Driver
NVIDIA GPU Display Driver contains a vulnerability in the DirectX and OpenGL Usermode drivers where a specially crafted pixel shader can cause infinite recursion leading to denial of service.
local
low complexity
nvidia CWE-835
5.5
5.5
2018-03-27 CVE-2018-9058 Infinite Loop vulnerability in Long Range ZIP Project Long Range ZIP 0.631
In Long Range Zip (aka lrzip) 0.631, there is an infinite loop in the runzip_fd function of runzip.c.
local
low complexity
long-range-zip-project CWE-835
5.5
5.5
2018-03-16 CVE-2018-1324 Infinite Loop vulnerability in multiple products
A specially crafted ZIP archive can be used to cause an infinite loop inside of Apache Commons Compress' extra field parser used by the ZipFile and ZipArchiveInputStream classes in versions 1.11 to 1.15.
local
low complexity
apache oracle CWE-835
5.5
5.5
2018-03-15 CVE-2017-18238 Infinite Loop vulnerability in multiple products
An issue was discovered in Exempi before 2.4.4.
local
low complexity
exempi-project debian CWE-835
5.5
5.5
2018-03-15 CVE-2017-18236 Infinite Loop vulnerability in multiple products
An issue was discovered in Exempi before 2.4.4.
local
low complexity
exempi-project debian canonical CWE-835
5.5
5.5
2018-03-15 CVE-2017-18233 Infinite Loop vulnerability in multiple products
An issue was discovered in Exempi before 2.4.4.
local
low complexity
exempi-project debian canonical CWE-835
5.5
5.5