Total
246 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-8535 | 1 Microsoft | 13 Endpoint Protection, Exchange Server, Forefront Endpoint Protection and 10 more | 2020-04-09 | 4.3 MEDIUM | 5.5 MEDIUM |
| The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. aka "Microsoft Malware Protection Engine Denial of Service Vulnerability", a different vulnerability than CVE-2017-8536, CVE-2017-8537, CVE-2017-8539, and CVE-2017-8542. | |||||
| CVE-2020-10089 | 1 Gitlab | 1 Gitlab | 2020-03-17 | 5.0 MEDIUM | 7.5 HIGH |
| GitLab 8.11 through 12.8.1 allows a Denial of Service when using several features to recursively request eachother, | |||||
| CVE-2019-18797 | 1 Sass-lang | 1 Libsass | 2019-11-08 | 4.3 MEDIUM | 6.5 MEDIUM |
| LibSass 3.6.1 has uncontrolled recursion in Sass::Eval::operator()(Sass::Binary_Expression*) in eval.cpp. | |||||
| CVE-2017-7515 | 1 Freedesktop | 1 Poppler | 2019-10-09 | 4.3 MEDIUM | 5.5 MEDIUM |
| poppler through version 0.55.0 is vulnerable to an uncontrolled recursion in pdfunite resulting into potential denial-of-service. | |||||
| CVE-2019-13123 | 2 Foxitsoftware, Microsoft | 2 Foxit Reader, Windows | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| Foxit Reader 9.6.0.25114 and earlier has two unique RecursiveCall bugs involving 3 functions exhausting available stack memory because of Uncontrolled Recursion in the V8 JavaScript engine (issue 1 of 2). | |||||
| CVE-2019-13124 | 2 Foxitsoftware, Microsoft | 2 Foxit Reader, Windows | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| Foxit Reader 9.6.0.25114 and earlier has two unique RecursiveCall bugs involving 3 functions exhausting available stack memory because of Uncontrolled Recursion in the V8 JavaScript engine (issue 2 of 2). | |||||
| CVE-2017-10910 | 1 Mqtt.js Project | 1 Mqtt.js | 2019-10-03 | 4.0 MEDIUM | 6.5 MEDIUM |
| MQTT.js 2.x.x prior to 2.15.0 issue in handling PUBLISH tickets may lead to an attacker causing a denial-of-service condition. | |||||
| CVE-2017-12964 | 1 Libsass | 1 Libsass | 2019-10-03 | 7.8 HIGH | 7.5 HIGH |
| There is a stack consumption issue in LibSass 3.4.5 that is triggered in the function Sass::Eval::operator() in eval.cpp. It will lead to a remote denial of service attack. | |||||
| CVE-2018-16426 | 1 Opensc Project | 1 Opensc | 2019-10-03 | 2.1 LOW | 4.3 MEDIUM |
| Endless recursion when handling responses from an IAS-ECC card in iasecc_select_file in libopensc/card-iasecc.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to hang or crash the opensc library using programs. | |||||
| CVE-2017-11554 | 1 Libsass | 1 Libsass | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| There is a stack consumption vulnerability in the lex function in parser.hpp (as used in sassc) in LibSass 3.4.5. A crafted input will lead to a remote denial of service. | |||||
| CVE-2017-9616 | 1 Wireshark | 1 Wireshark | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| In Wireshark 2.2.7, overly deep mp4 chunks may cause stack exhaustion (uncontrolled recursion) in the dissect_mp4_box function in epan/dissectors/file-mp4.c. | |||||
| CVE-2017-9304 | 1 Virustotal | 1 Yara | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service (stack consumption) via a crafted rule that is mishandled in the _yr_re_emit function. | |||||
| CVE-2017-8542 | 1 Microsoft | 11 Exchange Server, Forefront Security, Malware Protection Engine and 8 more | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. aka "Microsoft Malware Protection Engine Denial of Service Vulnerability", a different vulnerability than CVE-2017-8535, CVE-2017-8536, CVE-2017-8537, and CVE-2017-8539. | |||||
| CVE-2017-16419 | 1 Adobe | 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more | 2019-10-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The issue is a stack exhaustion problem within the JavaScript API, where the computation does not correctly control the amount of recursion that can happen with respect to system resources. | |||||
| CVE-2018-5772 | 1 Exiv2 | 1 Exiv2 | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| In Exiv2 0.26, there is a segmentation fault caused by uncontrolled recursion in the Exiv2::Image::printIFDStructure function in the image.cpp file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file. | |||||
| CVE-2018-9918 | 2 Canonical, Qpdf Project | 2 Ubuntu Linux, Qpdf | 2019-10-03 | 6.8 MEDIUM | 7.8 HIGH |
| libqpdf.a in QPDF through 8.0.2 mishandles certain "expected dictionary key but found non-name object" cases, allowing remote attackers to cause a denial of service (stack exhaustion), related to the QPDFObjectHandle and QPDF_Dictionary classes, because nesting in direct objects is not restricted. | |||||
| CVE-2017-5839 | 1 Gstreamer Project | 1 Gstreamer | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 does not properly limit recursion, which allows remote attackers to cause a denial of service (stack overflow and crash) via vectors involving nested WAVEFORMATEX. | |||||
| CVE-2017-9729 | 1 Uclibc | 1 Uclibc | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| In uClibc 0.9.33.2, there is stack exhaustion (uncontrolled recursion) in the check_dst_limits_calc_pos_1 function in misc/regex/regexec.c when processing a crafted regular expression. | |||||
| CVE-2017-8539 | 1 Microsoft | 11 Exchange Server, Forefront Security, Malware Protection Engine and 8 more | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. aka "Microsoft Malware Protection Engine Denial of Service Vulnerability", a different vulnerability than CVE-2017-8535, CVE-2017-8536, CVE-2017-8537, and CVE-2017-8542. | |||||
| CVE-2018-9996 | 1 Gnu | 1 Binutils | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_template_value_parm, demangle_integral_value, and demangle_expression. | |||||