Vulnerabilities > Uncontrolled Recursion
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-05 | CVE-2017-9438 | Uncontrolled Recursion vulnerability in Virustotal Yara 3.5.0 libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service (stack consumption) via a crafted rule (involving hex strings) that is mishandled in the _yr_re_emit function, a different vulnerability than CVE-2017-9304. | 7.5 |
| 2017-05-31 | CVE-2017-9304 | Uncontrolled Recursion vulnerability in Virustotal Yara 3.5.0 libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service (stack consumption) via a crafted rule that is mishandled in the _yr_re_emit function. | 7.5 |
| 2017-05-26 | CVE-2017-8542 | Uncontrolled Recursion vulnerability in Microsoft products The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. | 5.5 |
| 2017-05-26 | CVE-2017-8539 | Uncontrolled Recursion vulnerability in Microsoft products The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. | 5.5 |
| 2017-05-26 | CVE-2017-8537 | Uncontrolled Recursion vulnerability in Microsoft products The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. | 5.5 |
| 2017-05-26 | CVE-2017-8536 | Uncontrolled Recursion vulnerability in Microsoft products The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. | 5.5 |
| 2017-05-26 | CVE-2017-8535 | Uncontrolled Recursion vulnerability in Microsoft products The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. | 5.5 |
| 2017-04-05 | CVE-2017-0886 | Uncontrolled Recursion vulnerability in Nextcloud Server Nextcloud Server before 9.0.55 and 10.0.2 suffers from a Denial of Service attack. | 6.5 |
| 2017-02-09 | CVE-2017-5839 | Uncontrolled Recursion vulnerability in Gstreamer Project Gstreamer The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 does not properly limit recursion, which allows remote attackers to cause a denial of service (stack overflow and crash) via vectors involving nested WAVEFORMATEX. | 7.5 |
| 2016-05-17 | CVE-2016-3627 | Uncontrolled Recursion vulnerability in multiple products The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a denial of service (infinite recursion, stack consumption, and application crash) via a crafted XML document. | 7.5 |