Vulnerabilities (CVE)

Filtered by CWE-674
Total 272 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-1771 1 Vim 1 Vim 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975.
CVE-2021-46509 1 Cesanta 1 Mjs 2024-11-21 6.8 MEDIUM 7.8 HIGH
Cesanta MJS v2.20.0 was discovered to contain a stack overflow via snquote at mjs/src/mjs_json.c.
CVE-2021-46507 1 Jsish 1 Jsish 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
Jsish v3.5.0 was discovered to contain a stack overflow via Jsi_LogMsg at src/jsiUtils.c.
CVE-2021-46505 1 Jsish 1 Jsish 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
Jsish v3.5.0 was discovered to contain a stack overflow via /usr/lib/x86_64-linux-gnu/libasan.so.4+0x5b1e5.
CVE-2021-46195 1 Gnu 1 Gcc 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust-demangle.c. This vulnerability allows attackers to cause a Denial of Service (DoS) by consuming excessive CPU and memory resources.
CVE-2021-45832 1 Hdfgroup 1 Hdf5 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 at at hdf5/src/H5Eint.c, which causes a Denial of Service (context-dependent).
CVE-2021-45105 5 Apache, Debian, Netapp and 2 more 44 Log4j, Debian Linux, Cloud Manager and 41 more 2024-11-21 4.3 MEDIUM 5.9 MEDIUM
Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This issue was fixed in Log4j 2.17.0, 2.12.3, and 2.3.1.
CVE-2021-43519 2 Fedoraproject, Lua 2 Fedora, Lua 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows attackers to perform a Denial of Service via a crafted script file.
CVE-2021-41752 1 Jerryscript 1 Jerryscript 2024-11-21 7.5 HIGH 9.8 CRITICAL
Stack overflow vulnerability in Jerryscript before commit e1ce7dd7271288be8c0c8136eea9107df73a8ce2 on Oct 20, 2021 due to an unbounded recursive call to the new opt() function.
CVE-2021-3997 3 Fedoraproject, Redhat, Systemd Project 3 Fedora, Enterprise Linux, Systemd 2024-11-21 N/A 5.5 MEDIUM
A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp.
CVE-2021-3530 2 Gnu, Netapp 2 Binutils, Ontap Select Deploy Administration Utility 2024-11-21 5.0 MEDIUM 7.5 HIGH
A flaw was discovered in GNU libiberty within demangle_path() in rust-demangle.c, as distributed in GNU Binutils version 2.36. A crafted symbol can cause stack memory to be exhausted leading to a crash.
CVE-2021-39929 3 Debian, Fedoraproject, Wireshark 3 Debian Linux, Fedora, Wireshark 2024-11-21 5.0 MEDIUM 7.5 HIGH
Uncontrolled Recursion in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
CVE-2021-39257 2 Debian, Tuxera 2 Debian Linux, Ntfs-3g 2024-11-21 4.7 MEDIUM 5.5 MEDIUM
A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain (starting from ntfs_attr_pwrite), causing stack consumption in NTFS-3G < 2021.8.22.
CVE-2021-38569 1 Foxitsoftware 2 Foxit Reader, Phantompdf 2024-11-21 5.0 MEDIUM 7.5 HIGH
An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows stack consumption via recursive function calls during the handling of XFA forms or link objects.
CVE-2021-38566 1 Foxitsoftware 2 Pdf Editor, Pdf Reader 2024-11-21 5.0 MEDIUM 7.5 HIGH
An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1. It allows stack consumption during recursive processing of embedded XML nodes.
CVE-2021-36773 3 Sciruby, Ublockorigin, Umatrix Project 3 Nmatrix, Ublock Origin, Umatrix 2024-11-21 5.0 MEDIUM 7.5 HIGH
uBlock Origin before 1.36.2 and nMatrix before 4.4.9 support an arbitrary depth of parameter nesting for strict blocking, which allows crafted web sites to cause a denial of service (unbounded recursion that can trigger memory consumption and a loss of all blocking functionality).
CVE-2021-36154 1 Linuxfoundation 1 Grpc Swift 2024-11-21 5.0 MEDIUM 7.5 HIGH
HTTP2ToRawGRPCServerCodec in gRPC Swift 1.1.1 and earlier allows remote attackers to deny service via the delivery of many small messages within a single HTTP/2 frame, leading to Uncontrolled Recursion and stack consumption.
CVE-2021-31525 2 Fedoraproject, Golang 2 Fedora, Go 2024-11-21 2.6 LOW 5.9 MEDIUM
net/http in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service (panic) via a large header to ReadRequest or ReadResponse. Server, Transport, and Client can each be affected in some configurations.
CVE-2021-30471 3 Fedoraproject, Podofo Project, Redhat 3 Fedora, Podofo, Enterprise Linux 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call in PdfNamesTree::AddToDictionary function in src/podofo/doc/PdfNamesTree.cpp can lead to a stack overflow.
CVE-2021-30470 3 Fedoraproject, Podofo Project, Redhat 3 Fedora, Podofo, Enterprise Linux 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call among PdfTokenizer::ReadArray(), PdfTokenizer::GetNextVariant() and PdfTokenizer::ReadDataType() functions can lead to a stack overflow.