Vulnerabilities > Loop with Unreachable Exit Condition ('Infinite Loop')

DATE CVE VULNERABILITY TITLE RISK
2018-03-16 CVE-2018-1324 Infinite Loop vulnerability in multiple products
A specially crafted ZIP archive can be used to cause an infinite loop inside of Apache Commons Compress' extra field parser used by the ZipFile and ZipArchiveInputStream classes in versions 1.11 to 1.15.
local
low complexity
apache oracle CWE-835
5.5
5.5
2018-03-15 CVE-2017-18238 Infinite Loop vulnerability in multiple products
An issue was discovered in Exempi before 2.4.4.
local
low complexity
exempi-project debian CWE-835
5.5
5.5
2018-03-15 CVE-2017-18236 Infinite Loop vulnerability in multiple products
An issue was discovered in Exempi before 2.4.4.
local
low complexity
exempi-project debian canonical CWE-835
5.5
5.5
2018-03-15 CVE-2017-18233 Infinite Loop vulnerability in multiple products
An issue was discovered in Exempi before 2.4.4.
local
low complexity
exempi-project debian canonical CWE-835
5.5
5.5
2018-03-13 CVE-2018-1000075 Infinite Loop vulnerability in multiple products
RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a infinite loop caused by negative size vulnerability in ruby gem package tar header that can result in a negative size could cause an infinite loop..
network
low complexity
rubygems debian CWE-835
7.5
7.5
2018-03-09 CVE-2018-8002 Infinite Loop vulnerability in Podofo Project Podofo 0.9.5
In PoDoFo 0.9.5, there exists an infinite loop vulnerability in PdfParserObject::ParseFileComplete() in PdfParserObject.cpp which may result in stack overflow.
network
low complexity
podofo-project CWE-835
8.8
8.8
2018-03-09 CVE-2017-17150 Infinite Loop vulnerability in Huawei products
Timergrp module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an DoS vulnerability due to insufficient validation of the parameter.
local
low complexity
huawei CWE-835
5.5
5.5
2018-03-05 CVE-2017-17131 Infinite Loop vulnerability in Huawei products
Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V600R006C00; TE50 V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00; VP9660 V500R002C10 have an DoS vulnerability due to insufficient validation of the parameter when a putty comment key is loaded.
network
low complexity
huawei CWE-835
5.7
5.7
2018-03-01 CVE-2017-18208 Infinite Loop vulnerability in Linux Kernel
The madvise_willneed function in mm/madvise.c in the Linux kernel before 4.14.4 allows local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping.
local
low complexity
linux CWE-835
5.5
5.5
2018-02-24 CVE-2018-7453 Infinite Loop vulnerability in Xpdfreader Xpdf 4.00
Infinite recursion in AcroForm::scanField in AcroForm.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file due to lack of loop checking, as demonstrated by pdftohtml.
local
low complexity
xpdfreader CWE-835
5.5
5.5