CWE-674: CWE-674

CVE-2024-37973 is a Secure Boot security feature bypass vulnerability that allows attackers to circumvent Secure Boot protections on affected systems....

An unauthenticated remote attacker can send specially crafted LISP packets to vulnerable Cisco devices, causing them to reload and creating a denial o...

CVE-2024-25111 is an uncontrolled recursion vulnerability in Squid's HTTP chunked decoder that allows remote attackers to cause denial of service by s...

Squid caching proxy versions 2.6 through 6.5 contain an uncontrolled recursion vulnerability in HTTP request parsing when the follow_x_forwarded_for f...

A race condition vulnerability in the Linux kernel's ATM CLIP (Classical IP over ATM) subsystem allows infinite recursion when ioctl(ATMARP_MKIP) is c...

A stack overflow vulnerability in the Linux kernel's IPv6 routing table dump functionality allows local attackers to trigger infinite recursion during...

This vulnerability in Wireshark's Zigbee TLV dissector allows attackers to cause a denial of service (crash) by injecting specially crafted packets or...

CVE-2021-46509 is a stack overflow vulnerability in Cesanta MJS v2.20.0's JSON parsing functionality that allows attackers to execute arbitrary code o...

A stack overflow vulnerability in TON Virtual Machine (TVM) allows attackers to craft smart contracts with deeply nested jump logic that exhausts stac...

This CVE describes a Denial of Service vulnerability in TON Lite Server where attackers can inject malicious Continuation objects into locally execute...

An uncontrolled recursion vulnerability in node-forge versions 1.3.1 and below allows remote attackers to craft malicious ASN.1 structures that trigge...

This vulnerability in OpenSearch allows attackers to cause Denial of Service (DoS) by submitting complex query_string inputs that overwhelm the system...

CVE-2025-57809 is an infinite recursion vulnerability in XGrammar library versions before 0.1.21. This allows attackers to cause denial of service (Do...

NVIDIA Triton Inference Server contains a vulnerability where specially crafted inputs can trigger uncontrolled recursion, potentially causing denial ...

This vulnerability allows attackers to cause DNSdist to crash by exploiting TCP connection handling, leading to denial of service. DNSdist instances c...

This CVE describes a Denial of Service vulnerability in the run-llama/llama_index project's KnowledgeBaseWebReader class. Attackers can crash Python p...

A stack overflow vulnerability in libexpat allows attackers to cause denial of service or potentially memory corruption by sending XML documents with ...

This vulnerability in Netplex Json-smart 2.5.0-2.5.1 allows attackers to cause denial of service through stack exhaustion by sending specially crafted...

A denial-of-service vulnerability in Apollo Federation's query planner allows attackers to crash GraphQL services by sending specially crafted complex...

A vulnerability in Undertow's chunked response handling causes incomplete termination of TLSv1.3 responses, leading clients to wait indefinitely. This...

This vulnerability in the HDF5 library allows attackers to cause stack consumption (stack overflow) through the H5E_printf_stack function, potentially...

This vulnerability in sqlparse allows attackers to cause a Denial of Service (DoS) by passing heavily nested SQL statements to the sqlparse.parse() fu...

CVE-2024-27454 is a vulnerability in orjson's loads function that fails to limit recursion depth when parsing deeply nested JSON documents. This allow...

This vulnerability affects multiple Siemens industrial control systems and allows attackers to send specially crafted HTTP(S) requests to exhaust syst...

CVE-2023-47163 is a vulnerability in Remarshal that allows unlimited expansion of YAML alias nodes, making it susceptible to Billion Laughs attacks. T...

This CVE describes a recursion vulnerability in Python's legacy email.utils.parseaddr function that allows attackers to cause a RecursionError via cra...

This vulnerability is a stack overflow in Go's encoding/pem package when processing large PEM data. It allows attackers to cause denial of service or ...

CVE-2022-28773 is an uncontrolled recursion vulnerability in SAP Web Dispatcher and SAP Internet Communication Manager that can cause a denial of serv...

This vulnerability in Go's regexp.Compile function allows attackers to cause a denial of service via stack exhaustion by providing a deeply nested reg...

CVE-2021-42717 is a denial-of-service vulnerability in ModSecurity's JSON parser where excessively nested JSON objects cause excessive CPU consumption...

This vulnerability allows denial of service attacks against Wireshark through uncontrolled recursion in the Bluetooth DHT dissector. Attackers can cra...

This vulnerability allows remote attackers to cause a Denial of Service (DoS) in Akka HTTP servers by sending HTTP requests with specially crafted Use...

This vulnerability allows malicious websites to cause denial of service in uBlock Origin and uMatrix browser extensions through crafted filter rules t...

CVE-2021-3530 is a stack exhaustion vulnerability in GNU libiberty's rust-demangle.c that allows crafted symbols to cause denial of service through ap...

This vulnerability in OPC Foundation UA .NET Standard and Legacy libraries allows attackers to trigger uncontrolled recursion leading to stack overflo...

This vulnerability allows attackers to cause a denial of service (DoS) in OSSEC HIDS by sending specially crafted XML with excessive nested tags, trig...

This vulnerability in Intel's TinyCBOR libraries allows authenticated users to trigger uncontrolled recursion, potentially leading to privilege escala...

This vulnerability in IBM Db2 allows authenticated users to execute specially crafted SQL statements with XML that trigger uncontrolled recursion, lea...

A vulnerability in Avahi versions 0.9rc2 and below allows remote attackers to crash the avahi-daemon service via a specially crafted mDNS response con...

This vulnerability in IBM Engineering Requirements Management Doors Next allows authenticated users to cause denial of service by uploading specially ...

The Bucket MediaWiki extension prior to version 1.0.0 contains an infinite recursion vulnerability when using the '!=' comparator in queries. This cau...

This vulnerability allows remote attackers to cause denial of service in Artifex mupdf by exploiting infinite recursion in the strip_outline() functio...

This vulnerability in MediaTek's IMS service allows remote denial of service attacks when a user equipment (UE) connects to a malicious base station. ...

KaTeX users who render untrusted mathematical expressions are vulnerable to a denial-of-service attack. Malicious input using the \edef command can ca...

ImageMagick versions before 7.1.2-15 and 6.9.13-40 contain a vulnerability where the software fails to detect circular references between two MSL (Mag...

This vulnerability allows a local attacker to cause a stack overflow via crafted XPath expressions in libxml2. It affects applications using libxml2 f...

A recursion vulnerability in libxml2's xmlCatalogXMLResolveURI function allows remote attackers to cause denial of service by crashing applications th...

A vulnerability in Next.js image optimization feature allows attackers to trigger excessive CPU consumption, leading to potential Denial of Service (D...

This vulnerability allows remote attackers to cause denial of service in Connect2id Nimbus JOSE + JWT libraries by sending JWTs with deeply nested JSO...