Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-834

CWE-834

Excessive Iteration

Parent: CWE-691 - Insufficient Control Flow Management

The product performs an iteration or loop without sufficiently limiting the number of times that the loop is executed.

107 vulnerabilities with CWE-834

CVE-2026-45680 MEDIUM

OpenTelemetry eBPF Instrumentation: Unbounded BPF internal metrics replay can exhaust CPU

CVE-2026-48156 LOW

pypdf: Possible long runtimes for zero-only width values in cross-reference streams

CVE-2026-41313 MEDIUM

pypdf: Possible long runtimes for wrong size values in incremental mode

CVE-2026-41168 MEDIUM

pypdf has possible long runtimes for wrong size values in cross-reference and object streams

CVE-2026-40347 MEDIUM

Python-Multipart affected by Denial of Service via large multipart preamble or epilogue data

CVE-2026-34043 MEDIUM

Serialize JavaScript has CPU Exhaustion Denial of Service via crafted array-like objects

CVE-2026-27025 MEDIUM

pypdf < 6.7.1 - Denial of Service via Malicious /ToUnicode Font Entry

CVE-2025-67726 HIGH

Tornado < 6.5.3 - Denial of Service via HTTP Header Parameter Parsing

CVE-2025-55181 MEDIUM

proxygen 2025.08.25.00-2025.12.01.00 - Denial of Service via HTTP Request/Response Body

CVE-2025-62707 HIGH

pypdf < 6.1.3 - Denial of Service via DCTDecode Inline Image Parsing

CVE-2025-56571 HIGH

finance.js 4.1.0 - Denial of Service via IRR Function Depth Parameter

CVE-2025-6714 HIGH

MongoDB 6.0.0-6.0.22 - Denial of Service via Incomplete Data Handling in mongos

CVE-2024-4227 HIGH

Genivia gSOAP 2.8.24-2.8.131 - Unauthenticated Denial of Service via Duplicate XML ID Attributes

CVE-2024-8049 MEDIUM

Telerik Document Processing <2024.4.1106 - DoS

CVE-2024-42237 MEDIUM

Linux Kernel < 5.16 - Denial of Service via Firmware Payload Length Validation

CVE-2024-42071 MEDIUM

Linux Kernel - Excessive Iteration via NAPI Context Mismanagement

CVE-2024-4603 MEDIUM

OpenSSL 3.0.0-3.0.13, 3.1.0-3.1.5, 3.2.0-3.2.1, 3.3.0 - Denial of Service via DSA Key Parameter Check

CVE-2024-0842 HIGH

Backuply - Backup, Restore, Migrate and Clone <1.2.5 - DoS

CVE-2024-25144 MEDIUM

Liferay Portal/DXP <7.4.3.26-7.2 - DoS

CVE-2023-49316 HIGH

phpseclib 3.0.0-3.0.33 - Denial of Service via Excessive Iteration in Math/BinaryField.php

CVE-2023-4043 MEDIUM

Eclipse Parsson <1.1.4-1.0.5 - Info Disclosure

CVE-2023-5632 HIGH

Eclipse Mosquitto <= 2.0.5 - Denial of Service via EPOLLOUT Event Handling

CVE-2023-33953 HIGH

gRPC < 1.53.2 - Denial of Service via HPACK Parser Memory and CPU Exhaustion

CVE-2023-29407 MEDIUM

golang/image < 0.10.0 - Excessive Iteration via Malicious Tiled Image

CVE-2023-3817 MEDIUM

OpenSSL 3.0.0-3.0.9 - Denial of Service via DH Parameter Check

Page 1 of 5 Next

Details

Vulnerabilities 107

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy