Vulnerabilities > Uncontrolled Recursion

DATE CVE VULNERABILITY TITLE RISK
2023-06-22 CVE-2023-2990 Uncontrolled Recursion vulnerability in Globalscape EFT Server 6.2.31.2
Fortra Globalscape EFT versions before 8.1.0.16 suffer from a denial of service vulnerability, where a compressed message that decompresses to itself can cause infinite recursion and crash the service
network
low complexity
globalscape CWE-674
7.5
2023-06-05 CVE-2023-31893 Uncontrolled Recursion vulnerability in Telefonica Brasil Vivo Play Firmware 2023.04.04.01.06.15
Telefnica Brasil Vivo Play (IPTV) Firmware: 2023.04.04.01.06.15 is vulnerable to Denial of Service (DoS) via DNS Recursion.
network
low complexity
telefonica CWE-674
7.5
2023-05-11 CVE-2023-2663 Uncontrolled Recursion vulnerability in Xpdfreader Xpdf
 In Xpdf 4.04 (and earlier), a PDF object loop in the page label tree leads to infinite recursion and a stack overflow.
local
low complexity
xpdfreader CWE-674
5.5
2023-05-11 CVE-2023-2664 Uncontrolled Recursion vulnerability in Xpdfreader Xpdf
 In Xpdf 4.04 (and earlier), a PDF object loop in the embedded file tree leads to infinite recursion and a stack overflow.
local
low complexity
xpdfreader CWE-674
5.5
2023-03-24 CVE-2020-36691 Uncontrolled Recursion vulnerability in Linux Kernel
An issue was discovered in the Linux kernel before 5.8.
local
low complexity
linux CWE-674
5.5
2023-03-22 CVE-2023-1370 Uncontrolled Recursion vulnerability in Json-Smart Project Json-Smart
[Json-smart](https://netplex.github.io/json-smart/) is a performance focused, JSON processor lib. When reaching a ‘[‘ or ‘{‘ character in the JSON input, the code parses an array or an object respectively. It was discovered that the code does not have any limit to the nesting of such arrays or objects.
network
low complexity
json-smart-project CWE-674
7.5
2023-03-22 CVE-2023-1436 Uncontrolled Recursion vulnerability in Jettison Project Jettison
An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements.
network
low complexity
jettison-project CWE-674
7.5
2023-03-06 CVE-2021-36395 Uncontrolled Recursion vulnerability in Moodle
In Moodle, the file repository's URL parsing required additional recursion handling to mitigate the risk of recursion denial of service.
network
low complexity
moodle CWE-674
7.5
2023-02-01 CVE-2022-37034 Uncontrolled Recursion vulnerability in Dotcms
In dotCMS 5.x-22.06, it is possible to call the TempResource multiple times, each time requesting the dotCMS server to download a large file.
network
low complexity
dotcms CWE-674
5.3
2023-01-21 CVE-2023-22617 Uncontrolled Recursion vulnerability in Powerdns Recursor 4.8.0
A remote attacker might be able to cause infinite recursion in PowerDNS Recursor 4.8.0 via a DNS query that retrieves DS records for a misconfigured domain, because QName minimization is used in QM fallback mode.
network
low complexity
powerdns CWE-674
7.5