Search
Total
134 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-2700 | 1 Huawei | 4 Ac6005, Ac6005 Firmware, Ac6605 and 1 more | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| AC6005 with software V200R006C10, AC6605 with software V200R006C10 have a DoS Vulnerability. An attacker can send malformed packets to the device, which causes the device memory leaks, leading to DoS attacks. | |||||
| CVE-2017-5997 | 1 Sap | 1 Sap Kernel | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| The SAP Message Server HTTP daemon in SAP KERNEL 7.21-7.49 allows remote attackers to cause a denial of service (memory consumption and process crash) via multiple msgserver/group?group= requests with a crafted size of the group parameter, aka SAP Security Note 2358972. | |||||
| CVE-2017-6135 | 1 F5 | 11 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 8 more | 2019-10-03 | 7.8 HIGH | 7.5 HIGH |
| In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0, a slow memory leak as a result of undisclosed IPv4 or IPv6 packets sent to BIG-IP management port or self IP addresses may lead to out of memory (OOM) conditions. | |||||
| CVE-2017-6384 | 1 Atheme | 1 Atheme | 2019-10-03 | 7.8 HIGH | 7.5 HIGH |
| Memory leak in the login_user function in saslserv/main.c in saslserv/main.so in Atheme 7.2.7 allows a remote unauthenticated attacker to consume memory and cause a denial of service. This is fixed in 7.2.8. | |||||
| CVE-2017-7392 | 1 Tigervnc | 1 Tigervnc | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| In TigerVNC 1.7.1 (SSecurityVeNCrypt.cxx SSecurityVeNCrypt::SSecurityVeNCrypt), an unauthenticated client can cause a small memory leak in the server. | |||||
| CVE-2017-7396 | 1 Tigervnc | 1 Tigervnc | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| In TigerVNC 1.7.1 (CConnection.cxx CConnection::CConnection), an unauthenticated client can cause a small memory leak in the server. | |||||
| CVE-2017-7654 | 2 Debian, Eclipse | 2 Debian Linux, Mosquitto | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| In Eclipse Mosquitto 1.4.15 and earlier, a Memory Leak vulnerability was found within the Mosquitto Broker. Unauthenticated clients can send crafted CONNECT packets which could cause a denial of service in the Mosquitto Broker. | |||||
| CVE-2017-8280 | 1 Google | 1 Android | 2019-10-03 | 5.1 MEDIUM | 7.0 HIGH |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, during the wlan calibration data store and retrieve operation, there are some potential race conditions which lead to a memory leak and a buffer overflow during the context switch. | |||||
| CVE-2018-1000215 | 1 Cjson Project | 1 Cjson | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| Dave Gamble cJSON version 1.7.6 and earlier contains a CWE-772 vulnerability in cJSON library that can result in Denial of Service (DoS). This attack appear to be exploitable via If the attacker can force the data to be printed and the system is in low memory it can force a leak of memory. This vulnerability appears to have been fixed in 1.7.7. | |||||
| CVE-2018-11097 | 1 Cstring Project | 1 Cstring | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in cloudwu/cstring through 2016-11-09. There is a memory leak vulnerability that could lead to a program crash. | |||||
| CVE-2018-12093 | 1 Tinyexr Project | 1 Tinyexr | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| tinyexr 0.9.5 has a memory leak in ParseEXRHeaderFromMemory in tinyexr.h. | |||||
| CVE-2018-13066 | 1 Libming | 1 Libming | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| There is a memory leak in util/parser.c in libming 0.4.8, which will lead to a denial of service via parseSWF_DEFINEBUTTON2, parseSWF_DEFINEFONT, parseSWF_DEFINEFONTINFO, parseSWF_DEFINELOSSLESS, parseSWF_DEFINESPRITE, parseSWF_DEFINETEXT, parseSWF_DOACTION, parseSWF_FILLSTYLEARRAY, parseSWF_FRAMELABEL, parseSWF_LINESTYLEARRAY, parseSWF_PLACEOBJECT2, or parseSWF_SHAPEWITHSTYLE. | |||||
| CVE-2018-13420 | 1 Gperftools Project | 1 Gperftools | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| ** DISPUTED ** Google gperftools 2.7 has a memory leak in malloc_extension.cc, related to MallocExtension::Register and InitModule. NOTE: the software maintainer indicates that this is not a bug; it is only a false-positive report from the LeakSanitizer program. | |||||
| CVE-2018-13843 | 1 Htslib | 1 Htslib | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| ** DISPUTED ** An issue has been found in HTSlib 1.8. It is a memory leak in bgzf_getline in bgzf.c. NOTE: the software maintainer's position is that the "failure to free memory" can be fixed in applications that use the HTSlib library (such as test/test_bgzf.c in the original report) and is not a library issue. | |||||
| CVE-2018-14072 | 1 Libsixel Project | 1 Libsixel | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| libsixel 1.8.1 has a memory leak in sixel_decoder_decode in decoder.c, image_buffer_resize in fromsixel.c, and sixel_decode_raw in fromsixel.c. | |||||
| CVE-2018-14073 | 1 Libsixel Project | 1 Libsixel | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| libsixel 1.8.1 has a memory leak in sixel_allocator_new in allocator.c. | |||||
| CVE-2018-16807 | 1 Bro | 1 Bro | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| In Bro through 2.5.5, there is a memory leak potentially leading to DoS in scripts/base/protocols/krb/main.bro in the Kerberos protocol parser. | |||||
| CVE-2018-17332 | 1 Libsvg2 Project | 1 Libsvg2 | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in libsvg2 through 2012-10-19. The svgGetNextPathField function in svg_string.c returns its input pointer in certain circumstances, which might result in a memory leak caused by wasteful malloc calls. | |||||
| CVE-2018-19760 | 1 Libconfuse Project | 1 Libconfuse | 2019-10-03 | 6.8 MEDIUM | 8.8 HIGH |
| cfg_init in confuse.c in libConfuse 3.2.2 has a memory leak. | |||||
| CVE-2018-1999043 | 1 Jenkins | 1 Jenkins | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| A denial of service vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in BasicAuthenticationFilter.java, BasicHeaderApiTokenAuthenticator.java that allows attackers to create ephemeral in-memory user records by attempting to log in using invalid credentials. | |||||
| CVE-2018-5179 | 1 Mozilla | 1 Firefox | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| A service worker can send the activate event on itself periodically which allows it to run perpetually, allowing it to monitor activity by users. Affects all versions prior to Firefox 60. | |||||
| CVE-2018-5527 | 1 F5 | 13 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 10 more | 2019-10-03 | 7.8 HIGH | 7.5 HIGH |
| On BIG-IP 13.1.0-13.1.0.7, a remote attacker using undisclosed methods against virtual servers configured with a Client SSL or Server SSL profile that has the SSL Forward Proxy feature enabled can force the Traffic Management Microkernel (tmm) to leak memory. As a result, system memory usage increases over time, which may eventually cause a decrease in performance or a system reboot due to memory exhaustion. | |||||
| CVE-2018-5536 | 1 F5 | 1 Big-ip Access Policy Manager | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| A remote attacker via undisclosed measures, may be able to exploit an F5 BIG-IP APM 13.0.0-13.1.0.7 or 12.1.0-12.1.3.5 virtual server configured with an APM per-request policy object and cause a memory leak in the APM module. | |||||
| CVE-2018-7994 | 1 Huawei | 7 Ips Module, Ngfw Module, Nip6300 and 4 more | 2019-10-03 | 7.8 HIGH | 7.5 HIGH |
| Some Huawei products IPS Module V500R001C50; NGFW Module V500R001C50; V500R002C10; NIP6300 V500R001C50; NIP6600 V500R001C50; NIP6800 V500R001C50; Secospace USG6600 V500R001C50; USG9500 V500R001C50 have a memory leak vulnerability. The software does not release allocated memory properly when processing Protal questionnaire. A remote attacker could send a lot questionnaires to the device, successful exploit could cause the device to reboot since running out of memory. | |||||
| CVE-2018-9268 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-smb2.c has a memory leak. | |||||
| CVE-2018-9269 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-giop.c has a memory leak. | |||||
| CVE-2018-9270 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/oids.c has a memory leak. | |||||
| CVE-2018-9265 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-tn3270.c has a memory leak. | |||||
| CVE-2018-9266 | 1 Wireshark | 1 Wireshark | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-isup.c has a memory leak. | |||||
| CVE-2018-9267 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-lapd.c has a memory leak. | |||||
| CVE-2018-9271 | 1 Wireshark | 1 Wireshark | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-multipart.c has a memory leak. | |||||
| CVE-2018-9272 | 1 Wireshark | 1 Wireshark | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-h223.c has a memory leak. | |||||
| CVE-2018-9273 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-pcp.c has a memory leak. | |||||
| CVE-2018-9274 | 1 Wireshark | 1 Wireshark | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, ui/failure_message.c has a memory leak. | |||||