The product does not properly control the amount of recursion that takes place, consuming excessive resources, such as allocated memory or the program stack.
386 vulnerabilities with CWE-674
CVE-2022-46405
HIGH
Mastodon <4.0.2 - DoS
CVSS 7.5
CVE-2022-42321
MEDIUM
Xenstore - DoS
CVSS 6.5
CVE-2022-27810
HIGH
Hermes <0.12.0 - XSS
CVSS 7.5
CVE-2022-31628
LOW
PHP <7.4.31, 8.0.24, 8.1.11 - Use After Free
CVSS 2.3
CVE-2022-28201
MEDIUM
MediaWiki <1.35.6-1.37.2 - Info Disclosure
CVSS 4.4
CVE-2022-40150
MEDIUM
Jettison < 1.4.0 - Denial of Service
CVSS 6.5
CVE-2022-38334
MEDIUM
XPDF <4.04 - Buffer Overflow
CVSS 5.5
CVE-2022-3222
MEDIUM
gpac/gpac <2.1.0-DEV - RCE
CVSS 5.5
CVE-2022-3216
MEDIUM
Nintendo Game Boy Color - Memory Corruption
CVSS 5.0
CVE-2022-23460
MEDIUM
Hjiang Json++ - Denial of Service
CVSS 5.9
CVE-2022-20382
MEDIUM
Android - Buffer Overflow
CVSS 6.7
CVE-2022-30635
HIGH
Go <1.17.12, <1.18.4 - Use After Free
CVSS 7.5
CVE-2022-30633
HIGH
Go <1.17.12, <1.18.4 - Use After Free
CVSS 7.5
CVE-2022-30632
HIGH
Go <1.17.12, <1.18.4 - Use After Free
CVSS 7.5
CVE-2022-30631
HIGH
Go <1.17.12, <1.18.4 - Use After Free
CVSS 7.5
CVE-2022-30630
HIGH
io/fs <1.17.12, 1.18.4 - Use After Free
CVSS 7.5
CVE-2022-28131
HIGH
Go <1.17.12, 1.18.4 - Use After Free
CVSS 7.5
CVE-2022-1962
MEDIUM
Go <1.17.12, <1.18.4 - Memory Corruption
CVSS 5.5
CVE-2022-37315
HIGH
graphql-go <0.8.0 - Info Disclosure
CVSS 7.5
CVE-2022-31173
HIGH
Juniper <0.15.10 - Use After Free
CVSS 7.5
CVE-2022-31052
MEDIUM
Synapse <1.61.1 - Stack Exhaustion
CVSS 6.5
CVE-2022-31099
MEDIUM
rulex - DoS
CVSS 6.5
CVE-2022-31019
HIGH
Vapor - Buffer Overflow
CVSS 7.5
CVE-2022-1771
MEDIUM
vim/vim <8.2.4975 - RCE
CVSS 5.5
CVE-2022-30974
MEDIUM
Artifex MuJS <1.2.0 - Buffer Overflow
CVSS 5.5
Details
Vulnerabilities
386