Vulnerabilities > Loop with Unreachable Exit Condition ('Infinite Loop')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-12 | CVE-2018-5650 | Infinite Loop vulnerability in Long Range ZIP Project Long Range ZIP 0.631 In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the unzip_match function in runzip.c. | 5.5 |
| 2018-01-05 | CVE-2018-5253 | Infinite Loop vulnerability in Axiosys Bento4 1.5.1.0 The AP4_FtypAtom class in Core/Ap4FtypAtom.cpp in Bento4 1.5.1.0 has an Infinite loop via a crafted MP4 file that triggers size mishandling. | 7.8 |
| 2017-12-14 | CVE-2017-17681 | Infinite Loop vulnerability in multiple products In ImageMagick 7.0.7-12 Q16, an infinite loop vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted psd image file. | 6.5 |
| 2017-11-28 | CVE-2017-17044 | Infinite Loop vulnerability in XEN An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to cause a denial of service (infinite loop and host OS hang) by leveraging the mishandling of Populate on Demand (PoD) errors. | 6.5 |
| 2017-11-25 | CVE-2017-16944 | Infinite Loop vulnerability in multiple products The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to cause a denial of service (infinite loop and stack exhaustion) via vectors involving BDAT commands and an improper check for a '.' character signifying the end of the content, related to the bdat_getc function. | 7.5 |
| 2017-11-23 | CVE-2017-16932 | Infinite Loop vulnerability in Xmlsoft Libxml2 parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities. | 7.5 |
| 2017-11-07 | CVE-2017-2909 | Infinite Loop vulnerability in Cesanta Mongoose 6.8 An infinite loop programming error exists in the DNS server functionality of Cesanta Mongoose 6.8 library. | 7.5 |
| 2017-10-26 | CVE-2017-15908 | Infinite Loop vulnerability in multiple products In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC resource record to trigger an infinite loop in the dns_packet_read_type_window() function of the 'systemd-resolved' service and cause a DoS of the affected service. | 7.5 |
| 2017-10-24 | CVE-2017-15871 | Infinite Loop vulnerability in Serialize-To-Js Project Serialize-To-Js The deserialize function in serialize-to-js through 1.1.1 allows attackers to cause a denial of service via vectors involving an Immediately Invoked Function Expression "function()" substring, as demonstrated by a "function(){console.log(" call or a simple infinite loop. | 7.5 |
| 2017-10-24 | CVE-2017-15223 | Infinite Loop vulnerability in Argosoft Mini Mail Server 1.0.0.2 Denial-of-service vulnerability in ArGoSoft Mini Mail Server 1.0.0.2 and earlier allows remote attackers to waste CPU resources (memory consumption) via unspecified vectors, possibly triggering an infinite loop. | 5.3 |