CWE-834 · Excessive Iteration
57 CVEs classified under CWE-834 (Excessive Iteration). Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-12587 | High | 8.8 | 2017-08-06 | ImageMagick 7.0.6-1 has a large loop vulnerability in the ReadPWPImage function in coders\pwp.c. |
CVE-2025-67726 | High | 7.5 | 2025-12-12 | Tornado is a Python web framework and asynchronous networking library. Versions 6.5.2 and below use an inefficient algorithm when parsing parameters for HTTP h… |
CVE-2025-6714 | High | 7.5 | 2025-07-07 | MongoDB Server's mongos component can become unresponsive to new connections due to incorrect handling of incomplete data. This affects MongoDB when configured… |
CVE-2024-4227 | High | 7.5 | 2025-01-15 | In Genivia gSOAP with a specific configuration an unauthenticated remote attacker can generate a high CPU load when forcing to parse an XML having duplicate ID… |
CVE-2023-5632 | High | 7.5 | 2023-10-18 | In Eclipse Mosquito before and including 2.0.5, establishing a connection to the mosquitto server without sending data causes the EPOLLOUT event to be added, w… |
CVE-2023-33953 | High | 7.5 | 2023-08-09 | gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Th… |
CVE-2023-26513 | High | 7.5 | 2023-03-20 | Excessive Iteration vulnerability in Apache Software Foundation Apache Sling Resource Merger.This issue affects Apache Sling Resource Merger: from 1.2.0 before… |
CVE-2021-39204 | High | 7.5 | 2021-09-09 | Pomerium is an open source identity-aware access proxy. Envoy, which Pomerium is based on, incorrectly handles resetting of HTTP/2 streams with excessive compl… |
CVE-2017-11409 | High | 7.5 | 2017-07-18 | In Wireshark 2.0.0 to 2.0.13, the GPRS LLC dissector could go into a large loop. This was addressed in epan/dissectors/packet-gprs-llc.c by using a different i… |
CVE-2017-11188 | High | 7.5 | 2017-07-12 | The ReadDPXImage function in coders\dpx.c in ImageMagick 7.0.6-0 has a large loop vulnerability that can cause CPU exhaustion via a crafted DPX file, related t… |
CVE-2024-8049 | Medium | 6.5 | 2024-11-13 | In Progress Telerik Document Processing Libraries, versions prior to 2024 Q4 (2024.4.1106), importing a document with unsupported features can lead to excessiv… |
CVE-2018-20805 | Medium | 6.5 | 2020-11-23 | A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which perform an $elemMatch . This issue affe… |
CVE-2017-17914 | Medium | 6.5 | 2017-12-27 | In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service (Re… |
CVE-2017-14222 | Medium | 6.5 | 2017-09-09 | In libavformat/mov.c in FFmpeg 3.3.3, a DoS in read_tfra() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption. When a crafte… |
CVE-2017-14175 | Medium | 6.5 | 2017-09-07 | In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted… |
CVE-2017-14174 | Medium | 6.5 | 2017-09-07 | In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInternal() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a… |
CVE-2017-14172 | Medium | 6.5 | 2017-09-07 | In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PS… |
CVE-2017-14171 | Medium | 6.5 | 2017-09-07 | In libavformat/nsvdec.c in FFmpeg 2.4 and 3.3.3, a DoS in nsv_parse_NSVf_header() due to lack of an EOF (End of File) check might cause huge CPU consumption. W… |
CVE-2017-14170 | Medium | 6.5 | 2017-09-07 | In libavformat/mxfdec.c in FFmpeg 3.3.3 -> 2.4, a DoS in mxf_read_index_entry_array() due to lack of an EOF (End of File) check might cause huge CPU consumptio… |
CVE-2017-14059 | Medium | 6.5 | 2017-08-31 | In FFmpeg 3.3.3, a DoS in cine_read_header() due to lack of an EOF check might cause huge CPU and memory consumption. When a crafted CINE file, which claims a… |