Falhas do tipo CWE-674

236 resultados
CVE-2024-28244MEDIUMKaTeX's maxExpand bypassed by Unicode sub/superscriptsEPSS 2.2%CVE-2022-23974Pinot segment push endpoint has a vulnerability in unprotected environmentsEPSS 2.0%CVE-2016-4425MEDIUMJansson 2.7 and earlier allows context-dependent attackers to cause a denial of service (deep recursion, stack consumption, and crash) via cEPSS 1.9%CVE-2021-21359MEDIUMDenial of Service in Page Error HandlingEPSS 1.7%CVE-2022-30633HIGHStack exhaustion when unmarshaling certain documents in encoding/xmlEPSS 1.6%CVE-2024-8176HIGHLibexpat: expat: improper restriction of xml entity expansion depth in libexpatEPSS 1.6%CVE-2021-3997A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nestedEPSS 1.6%CVE-2022-41881MEDIUMNetty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be EPSS 1.5%CVE-2023-50262MEDIUMDompdf possible DoS caused by infinite recursion when parsing SVG imagesEPSS 1.5%CVE-2025-59789HIGHApache bRPC: Stack Exhaustion via Unbounded Recursion in JSON ParserEPSS 1.5%CVE-2022-28773Due to an uncontrolled recursion in SAP Web Dispatcher and SAP Internet Communication Manager, the application may crash, leading to denial EPSS 1.4%CVE-2024-28243MEDIUMKaTeX's maxExpand bypassed by \edefEPSS 1.4%CVE-2022-30635HIGHStack exhaustion when decoding certain messages in encoding/gobEPSS 1.4%CVE-2022-31052MEDIUMURL previews can crash Synapse media repositories or Synapse monolithsEPSS 1.4%CVE-2023-24472HIGHA denial of service vulnerability exists in the FitsOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.7.1. A specially cEPSS 1.3%CVE-2017-0886Nextcloud Server before 9.0.55 and 10.0.2 suffers from a Denial of Service attack. Due to an error in the application logic an authenticatedEPSS 1.2%CVE-2021-43172Infinite length chain of RRDP repositoriesEPSS 1.2%CVE-2020-1898The fb_unserialize function did not impose a depth limit for nested deserialization. That meant a maliciously constructed string could causeEPSS 1.2%CVE-2024-27454HIGHorjson.loads in orjson before 3.9.15 does not limit recursion for deeply nested JSON documents.EPSS 1.2%CVE-2022-1771MEDIUMUncontrolled Recursion in vim/vimEPSS 1.2%