The product does not properly control the amount of recursion that takes place, consuming excessive resources, such as allocated memory or the program stack.
386 vulnerabilities with CWE-674
CVE-2021-42697
HIGH
Akka HTTP Server < 10.1.15 - Denial of Service
CVSS 7.5
CVE-2021-39257
MEDIUM
NTFS-3G < 2021.8.22 - Buffer Overflow
CVSS 5.5
CVE-2021-38569
HIGH
Foxit Reader & PhantomPDF <10.1.4 - Memory Corruption
CVSS 7.5
CVE-2021-38566
HIGH
Foxit PDF Reader <11.0.1 - Memory Corruption
CVSS 7.5
CVE-2021-22144
MEDIUM
Elasticsearch < 6.8.17 - Denial of Service
CVSS 6.5
CVE-2021-36773
HIGH
Sciruby Nmatrix < 4.4.9 - Denial of Service
CVSS 7.5
CVE-2021-36154
HIGH
gRPC Swift <1.1.1 - DoS
CVSS 7.5
CVE-2021-28210
HIGH
EDK II - Buffer Overflow
CVSS 7.8
CVE-2021-3530
HIGH
GNU Binutils <2.36 - Memory Corruption
CVSS 7.5
CVE-2021-31525
MEDIUM
GO < 1.15.12 - Denial of Service
CVSS 5.9
CVE-2021-30471
MEDIUM
PoDoFo 0.9.7 - Buffer Overflow
CVSS 5.5
CVE-2021-30470
MEDIUM
PoDoFo 0.9.7 - Buffer Overflow
CVSS 5.5
CVE-2021-28903
HIGH
Cesnet Libyang < 1.0.225 - Denial of Service
CVSS 7.5
CVE-2021-27432
HIGH
OPC Foundation UA <1.4.365.48 - Buffer Overflow
CVSS 7.5
CVE-2021-27434
HIGH
Unified-automation .net Based Opc UA Client/server SDK < 3.0.7 - Information Disclosure
CVSS 7.5
CVE-2021-29615
LOW
TensorFlow <2.5.0 - Buffer Overflow
CVSS 2.5
CVE-2021-29591
HIGH
Google Tensorflow < 2.1.4 - Infinite Loop
CVSS 7.3
CVE-2021-21359
MEDIUM
TYPO3 <9.5.25, 10.4.14, 11.1.1 - DoS
CVSS 5.9
CVE-2021-20255
MEDIUM
Qemu - Infinite Loop
CVSS 5.5
CVE-2021-28040
HIGH
OSSEC 3.6.0 - Memory Corruption
CVSS 7.5
CVE-2020-23804
HIGH
poppler 0.89.0 - DoS
CVSS 7.5
CVE-2020-36691
MEDIUM
Linux kernel <5.8 - DoS
CVSS 5.5
CVE-2020-18898
MEDIUM
Exiv2 <0.27 - DoS
CVSS 6.5
CVE-2020-20213
MEDIUM
Mikrotik Routeros - Denial of Service
CVSS 6.5
CVE-2020-36375
MEDIUM
Cesanta Mjs - Denial of Service
CVSS 5.5
Details
Vulnerabilities
386