CWE-835 · Loop with Unreachable Exit Condition (Infinite Loop)
840 CVEs classified under CWE-835 (Loop with Unreachable Exit Condition (Infinite Loop)). Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2019-19307 | Critical | 9.8 | 2019-11-26 | An integer overflow in parse_mqtt in mongoose.c in Cesanta Mongoose 6.16 allows an attacker to achieve remote DoS (infinite loop), or possibly cause an out-of-… |
CVE-2018-20784 | Critical | 9.8 | 2019-02-22 | In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf cfs_rq's, which allows attackers to cause a denial of service (infinite loop in update_b… |
CVE-2017-12997 | Critical | 9.8 | 2017-09-14 | The LLDP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-lldp.c:lldp_private_8021_print(). |
CVE-2017-12995 | Critical | 9.8 | 2017-09-14 | The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain.c:ns_print(). |
CVE-2017-12990 | Critical | 9.8 | 2017-09-14 | The ISAKMP parser in tcpdump before 4.9.2 could enter an infinite loop due to bugs in print-isakmp.c, several functions. |
CVE-2026-31448 | Critical | 9.4 | 2026-04-22 | In the Linux kernel, the following vulnerability has been resolved: ext4: avoid infinite loops caused by residual data On the mkdir/mknod path, when mapping… |
CVE-2021-42143 | Critical | 9.1 | 2024-01-24 | An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. An infinite loop bug exists during the handling of a ClientHello handshake messag… |
CVE-2025-55118 | High | 8.9 | 2025-09-16 | Memory corruptions can be remotely triggered in the Control-M/Agent when SSL/TLS communication is configured. The issue occurs in the following cases: *… |
CVE-2026-25533 | High | 8.8 | 2026-02-06 | Enclave is a secure JavaScript sandbox designed for safe AI agent code execution. Prior to 2.10.1, the existing layers of security in enclave-vm are insufficie… |
CVE-2025-53628 | High | 8.8 | 2025-07-10 | cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.20.1, cpp-httplib does not have a limit for a unique line, permitt… |
CVE-2018-8002 | High | 8.8 | 2018-03-09 | In PoDoFo 0.9.5, there exists an infinite loop vulnerability in PdfParserObject::ParseFileComplete() in PdfParserObject.cpp which may result in stack overflow… |
CVE-2025-20253 | High | 8.6 | 2025-08-14 | A vulnerability in the IKEv2 feature of Cisco IOS Software, IOS XE Software, Secure Firewall ASA Software, and Secure FTD Software could allow an unauthenticat… |
CVE-2025-20243 | High | 8.6 | 2025-08-14 | A vulnerability in the management and VPN web servers of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote atta… |
CVE-2025-20217 | High | 8.6 | 2025-08-14 | A vulnerability in the packet inspection functionality of the Snort 3 Detection Engine of Cisco Secure Firewall Threat Defense (FTD) Software could allow an un… |
CVE-2025-20136 | High | 8.6 | 2025-08-14 | A vulnerability in the function that performs IPv4 and IPv6 Network Address Translation (NAT) DNS inspection for Cisco Secure Firewall Adaptive Security Applia… |
CVE-2024-20353 | High | 8.6 | 2024-04-24 | A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software co… |
CVE-2023-20083 | High | 8.6 | 2023-11-01 | A vulnerability in ICMPv6 inspection when configured with the Snort 2 detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthe… |
CVE-2023-20020 | High | 8.6 | 2023-01-20 | A vulnerability in the Device Management Servlet application of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform c… |
CVE-2025-68137 | High | 8.3 | 2026-01-21 | EVerest is an EV charging software stack. Prior to version 2025.10.0, an integer overflow occurring in `SdpPacket::parse_header()` allows the current buffer le… |
CVE-2024-25710 | High | 8.1 | 2024-02-19 | Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.3 through 1… |