Vulnerabilities > Loop with Unreachable Exit Condition ('Infinite Loop')

DATE CVE VULNERABILITY TITLE RISK
2017-06-08 CVE-2017-9023 Infinite Loop vulnerability in Strongswan
The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE types when the x509 plugin is enabled, which allows remote attackers to cause a denial of service (infinite loop) via a crafted certificate.
network
low complexity
strongswan CWE-835
7.5
2017-06-06 CVE-2017-9461 Infinite Loop vulnerability in multiple products
smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of service vulnerability (fd_open_atomic infinite loop with high CPU usage and memory consumption) due to wrongly handling dangling symlinks.
network
low complexity
samba redhat debian CWE-835
6.5
2017-06-02 CVE-2017-9358 Infinite Loop vulnerability in Asterisk Certified Asterisk and Open Source
A memory exhaustion vulnerability exists in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1 and Certified Asterisk 13.13 before 13.13-cert4, which can be triggered by sending specially crafted SCCP packets causing an infinite loop and leading to memory exhaustion (by message logging in that loop).
network
low complexity
asterisk CWE-835
5.0
2017-06-02 CVE-2017-9352 Infinite Loop vulnerability in Wireshark
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bazaar dissector could go into an infinite loop.
network
low complexity
wireshark CWE-835
7.5
2017-06-02 CVE-2017-9349 Infinite Loop vulnerability in multiple products
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DICOM dissector has an infinite loop.
network
low complexity
wireshark debian CWE-835
7.5
2017-06-02 CVE-2017-9346 Infinite Loop vulnerability in Wireshark
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the SoulSeek dissector could go into an infinite loop.
network
low complexity
wireshark CWE-835
7.5
2017-06-02 CVE-2017-9345 Infinite Loop vulnerability in Wireshark
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DNS dissector could go into an infinite loop.
network
low complexity
wireshark CWE-835
7.5
2017-05-23 CVE-2017-9210 Infinite Loop vulnerability in multiple products
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, related to unparse functions, aka qpdf-infiniteloop3.
4.3
2017-05-23 CVE-2017-9209 Infinite Loop vulnerability in multiple products
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, related to QPDFObjectHandle::parseInternal, aka qpdf-infiniteloop2.
4.3
2017-05-23 CVE-2017-9208 Infinite Loop vulnerability in multiple products
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, related to releaseResolved functions, aka qpdf-infiniteloop1.
4.3