Total
297 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-14235 | 3 Djangoproject, Opensuse, Redhat | 3 Django, Leap, Openstack | 2024-08-05 | N/A |
| An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If passed certain inputs, django.utils.encoding.uri_to_iri could lead to significant memory usage due to a recursion when repercent-encoding invalid UTF-8 octet sequences. | ||||
| CVE-2019-13955 | 1 Mikrotik | 1 Routeros | 2024-08-05 | N/A |
| Mikrotik RouterOS before 6.44.5 (long-term release tree) is vulnerable to stack exhaustion. By sending a crafted HTTP request, an authenticated remote attacker can crash the HTTP server via recursive parsing of JSON. Malicious code cannot be injected. | ||||
| CVE-2019-13288 | 1 Glyphandcog | 1 Xpdfreader | 2024-08-04 | N/A |
| In Xpdf 4.01.01, the Parser::getObj() function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack. This is similar to CVE-2018-16646. | ||||
| CVE-2019-13123 | 2 Foxitsoftware, Microsoft | 2 Foxit Reader, Windows | 2024-08-04 | 7.5 High |
| Foxit Reader 9.6.0.25114 and earlier has two unique RecursiveCall bugs involving 3 functions exhausting available stack memory because of Uncontrolled Recursion in the V8 JavaScript engine (issue 1 of 2). | ||||
| CVE-2019-13129 | 1 Motorola | 2 Cx2l Mwr04l, Cx2l Mwr04l Firmware | 2024-08-04 | N/A |
| On the Motorola router CX2L MWR04L 1.01, there is a stack consumption (infinite recursion) issue in scopd via TCP port 8010 and UDP port 8080. It is caused by snprintf and inappropriate length handling. | ||||
| CVE-2019-13124 | 2 Foxitsoftware, Microsoft | 2 Foxit Reader, Windows | 2024-08-04 | 7.5 High |
| Foxit Reader 9.6.0.25114 and earlier has two unique RecursiveCall bugs involving 3 functions exhausting available stack memory because of Uncontrolled Recursion in the V8 JavaScript engine (issue 2 of 2). | ||||
| CVE-2019-13103 | 1 Denx | 1 U-boot | 2024-08-04 | 7.1 High |
| A crafted self-referential DOS partition table will cause all Das U-Boot versions through 2019.07-rc4 to infinitely recurse, causing the stack to grow infinitely and eventually either crash or overwrite other data. | ||||
| CVE-2019-12212 | 1 Freeimage Project | 1 Freeimage | 2024-08-04 | N/A |
| When FreeImage 3.18.0 reads a special JXR file, the StreamCalcIFDSize function of JXRMeta.c repeatedly calls itself due to improper processing of the file, eventually causing stack exhaustion. An attacker can achieve a remote denial of service attack by sending a specially constructed file. | ||||
| CVE-2019-12295 | 4 Canonical, Debian, F5 and 1 more | 16 Ubuntu Linux, Debian Linux, Big-ip Access Policy Manager and 13 more | 2024-08-04 | 7.5 High |
| In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14, the dissection engine could crash. This was addressed in epan/packet.c by restricting the number of layers and consequently limiting recursion. | ||||
| CVE-2019-12213 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2024-08-04 | 6.5 Medium |
| When FreeImage 3.18.0 reads a special TIFF file, the TIFFReadDirectory function in PluginTIFF.cpp always returns 1, leading to stack exhaustion. | ||||
| CVE-2019-11937 | 1 Facebook | 1 Mcrouter | 2024-08-04 | 7.5 High |
| In Mcrouter prior to v0.41.0, a large struct input provided to the Carbon protocol reader could result in stack exhaustion and denial of service. | ||||
| CVE-2019-11779 | 5 Canonical, Debian, Eclipse and 2 more | 6 Ubuntu Linux, Debian Linux, Mosquitto and 3 more | 2024-08-04 | 6.5 Medium |
| In Eclipse Mosquitto 1.5.0 to 1.6.5 inclusive, if a malicious MQTT client sends a SUBSCRIBE packet containing a topic that consists of approximately 65400 or more '/' characters, i.e. the topic hierarchy separator, then a stack overflow will occur. | ||||
| CVE-2019-11413 | 1 Artifex | 1 Mujs | 2024-08-04 | N/A |
| An issue was discovered in Artifex MuJS 1.0.5. It has unlimited recursion because the match function in regexp.c lacks a depth check. | ||||
| CVE-2019-11026 | 2 Fedoraproject, Freedesktop | 2 Fedora, Poppler | 2024-08-04 | 6.5 Medium |
| FontInfoScanner::scanFonts in FontInfo.cc in Poppler 0.75.0 has infinite recursion, leading to a call to the error function in Error.cc. | ||||
| CVE-2019-11024 | 1 Libsixel Project | 1 Libsixel | 2024-08-04 | N/A |
| The load_pnm function in frompnm.c in libsixel.a in libsixel 1.8.2 has infinite recursion. | ||||
| CVE-2019-9192 | 1 Gnu | 1 Glibc | 2024-08-04 | N/A |
| In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\1\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern | ||||
| CVE-2019-9904 | 1 Graphviz | 1 Graphviz | 2024-08-04 | 6.5 Medium |
| An issue was discovered in lib\cdt\dttree.c in libcdt.a in graphviz 2.40.1. Stack consumption occurs because of recursive agclose calls in lib\cgraph\graph.c in libcgraph.a, related to agfstsubg in lib\cgraph\subg.c. | ||||
| CVE-2019-9545 | 1 Freedesktop | 1 Poppler | 2024-08-04 | N/A |
| An issue was discovered in Poppler 0.74.0. A recursive function call, in JBIG2Stream::readTextRegion() located in JBIG2Stream.cc, can be triggered by sending a crafted pdf file to (for example) the pdfimages binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. This is related to JBIG2Bitmap::clearToZero. | ||||
| CVE-2019-9543 | 1 Freedesktop | 1 Poppler | 2024-08-04 | N/A |
| An issue was discovered in Poppler 0.74.0. A recursive function call, in JBIG2Stream::readGenericBitmap() located in JBIG2Stream.cc, can be triggered by sending a crafted pdf file to (for example) the pdfseparate binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. This is related to JArithmeticDecoder::decodeBit. | ||||
| CVE-2019-9143 | 2 Exiv2, Redhat | 2 Exiv2, Enterprise Linux | 2024-08-04 | N/A |
| An issue was discovered in Exiv2 0.27. There is infinite recursion at Exiv2::Image::printTiffStructure in the file image.cpp. This can be triggered by a crafted file. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. | ||||