Search
Total
404 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-9105 | 3 Debian, Opensuse, Qemu | 3 Debian Linux, Leap, Qemu | 2020-10-15 | 2.1 LOW | 6.0 MEDIUM |
| Memory leak in the v9fs_link function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via vectors involving a reference to the source fid object. | |||||
| CVE-2016-9102 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-10-15 | 2.1 LOW | 6.0 MEDIUM |
| Memory leak in the v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) via a large number of Txattrcreate messages with the same fid number. | |||||
| CVE-2016-9106 | 3 Debian, Opensuse, Qemu | 3 Debian Linux, Leap, Qemu | 2020-10-15 | 2.1 LOW | 6.0 MEDIUM |
| Memory leak in the v9fs_write function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) by leveraging failure to free an IO vector. | |||||
| CVE-2017-9143 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2020-10-15 | 4.3 MEDIUM | 6.5 MEDIUM |
| In ImageMagick 7.0.5-5, the ReadARTImage function in coders/art.c allows attackers to cause a denial of service (memory leak) via a crafted .art file. | |||||
| CVE-2017-5507 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2020-10-15 | 7.8 HIGH | 7.5 HIGH |
| Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a denial of service (memory consumption) via vectors involving a pixel cache. | |||||
| CVE-2017-12669 | 1 Imagemagick | 1 Imagemagick | 2020-10-14 | 6.8 MEDIUM | 8.8 HIGH |
| ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteCALSImage in coders/cals.c. | |||||
| CVE-2017-12668 | 1 Imagemagick | 1 Imagemagick | 2020-10-14 | 6.8 MEDIUM | 8.8 HIGH |
| ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePCXImage in coders/pcx.c. | |||||
| CVE-2017-12663 | 1 Imagemagick | 1 Imagemagick | 2020-10-14 | 6.8 MEDIUM | 8.8 HIGH |
| ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMAPImage in coders/map.c. | |||||
| CVE-2017-12662 | 1 Imagemagick | 1 Imagemagick | 2020-10-14 | 6.8 MEDIUM | 8.8 HIGH |
| ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePDFImage in coders/pdf.c. | |||||
| CVE-2017-12644 | 1 Imagemagick | 1 Imagemagick | 2020-10-14 | 6.8 MEDIUM | 8.8 HIGH |
| ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadDCMImage in coders\dcm.c. | |||||
| CVE-2017-13146 | 1 Imagemagick | 1 Imagemagick | 2020-10-14 | 6.8 MEDIUM | 8.8 HIGH |
| In ImageMagick before 6.9.8-5 and 7.x before 7.0.5-6, there is a memory leak in the ReadMATImage function in coders/mat.c. | |||||
| CVE-2017-11447 | 1 Imagemagick | 1 Imagemagick | 2020-10-14 | 4.3 MEDIUM | 6.5 MEDIUM |
| The ReadSCREENSHOTImage function in coders/screenshot.c in ImageMagick before 7.0.6-1 has memory leaks, causing denial of service. | |||||
| CVE-2017-12641 | 1 Imagemagick | 1 Imagemagick | 2020-10-14 | 6.8 MEDIUM | 8.8 HIGH |
| ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadOneJNGImage in coders\png.c. | |||||
| CVE-2017-12665 | 1 Imagemagick | 1 Imagemagick | 2020-10-14 | 6.8 MEDIUM | 8.8 HIGH |
| ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePICTImage in coders/pict.c. | |||||
| CVE-2017-12664 | 1 Imagemagick | 1 Imagemagick | 2020-10-14 | 6.8 MEDIUM | 8.8 HIGH |
| ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePALMImage in coders/palm.c. | |||||
| CVE-2017-12666 | 1 Imagemagick | 1 Imagemagick | 2020-10-14 | 6.8 MEDIUM | 8.8 HIGH |
| ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteINLINEImage in coders/inline.c. | |||||
| CVE-2017-12667 | 1 Imagemagick | 1 Imagemagick | 2020-10-14 | 6.8 MEDIUM | 8.8 HIGH |
| ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadMATImage in coders\mat.c. | |||||
| CVE-2018-19139 | 3 Debian, Jasper Project, Redhat | 3 Debian Linux, Jasper, Fedora | 2020-09-25 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue has been found in JasPer 2.0.14. There is a memory leak in jas_malloc.c when called from jpc_unk_getparms in jpc_cs.c. | |||||
| CVE-2018-20622 | 2 Debian, Jasper Project | 2 Debian Linux, Jasper | 2020-09-25 | 4.3 MEDIUM | 6.5 MEDIUM |
| JasPer 2.0.14 has a memory leak in base/jas_malloc.c in libjasper.a when "--output-format jp2" is used. | |||||
| CVE-2015-8568 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-09-10 | 4.7 MEDIUM | 6.5 MEDIUM |
| Memory leak in QEMU, when built with a VMWARE VMXNET3 paravirtual NIC emulator support, allows local guest users to cause a denial of service (host memory consumption) by trying to activate the vmxnet3 device repeatedly. | |||||
| CVE-2017-7377 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-09-10 | 2.1 LOW | 6.0 MEDIUM |
| The (1) v9fs_create and (2) v9fs_lcreate functions in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allow local guest OS privileged users to cause a denial of service (file descriptor or memory consumption) via vectors related to an already in-use fid. | |||||
| CVE-2017-8086 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-09-10 | 4.9 MEDIUM | 6.5 MEDIUM |
| Memory leak in the v9fs_list_xattr function in hw/9pfs/9p-xattr.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (memory consumption) via vectors involving the orig_value variable. | |||||
| CVE-2019-5671 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2020-08-24 | 4.9 MEDIUM | 5.5 MEDIUM |
| NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the software does not release a resource after its effective lifetime has ended, which may lead to denial of service. | |||||
| CVE-2019-6474 | 1 Isc | 1 Kea | 2020-08-24 | 6.1 MEDIUM | 6.5 MEDIUM |
| A missing check on incoming client requests can be exploited to cause a situation where the Kea server's lease storage contains leases which are rejected as invalid when the server tries to load leases from storage on restart. If the number of such leases exceeds a hard-coded limit in the Kea code, a server trying to restart will conclude that there is a problem with its lease store and give up. Versions affected: 1.4.0 to 1.5.0, 1.6.0-beta1, and 1.6.0-beta2 | |||||
| CVE-2019-10520 | 1 Qualcomm | 26 Qcs405, Qcs405 Firmware, Sd 205 and 23 more | 2020-08-24 | 4.9 MEDIUM | 5.5 MEDIUM |
| An unprivileged application can allocate GPU memory by calling memory allocation ioctl function and can exhaust all the memory which results in out of memory in Snapdragon Mobile, Snapdragon Voice & Music in QCS405, SD 210/SD 212/SD 205, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 845 / SD 850, SD 855 | |||||
| CVE-2009-2903 | 3 Canonical, Linux, Suse | 6 Ubuntu Linux, Linux Kernel, Linux Enterprise Debuginfo and 3 more | 2020-08-06 | 7.1 HIGH | N/A |
| Memory leak in the appletalk subsystem in the Linux kernel 2.4.x through 2.4.37.6 and 2.6.x through 2.6.31, when the appletalk and ipddp modules are loaded but the ipddp"N" device is not found, allows remote attackers to cause a denial of service (memory consumption) via IP-DDP datagrams. | |||||
| CVE-2018-19132 | 2 Debian, Squid-cache | 2 Debian Linux, Squid | 2020-07-11 | 4.3 MEDIUM | 5.9 MEDIUM |
| Squid before 4.4, when SNMP is enabled, allows a denial of service (Memory Leak) via an SNMP packet. | |||||
| CVE-2018-16548 | 1 Zziplib Project | 1 Zziplib | 2020-06-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in ZZIPlib through 0.13.69. There is a memory leak triggered in the function __zzip_parse_root_directory in zip.c, which will lead to a denial of service attack. | |||||
| CVE-2015-7701 | 5 Debian, Netapp, Ntp and 2 more | 13 Debian Linux, Clustered Data Ontap, Data Ontap and 10 more | 2020-06-18 | 5.0 MEDIUM | 7.5 HIGH |
| Memory leak in the CRYPTO_ASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (memory consumption). | |||||
| CVE-2017-6414 | 1 Libcacard Project | 1 Libcacard | 2020-05-20 | 4.9 MEDIUM | 6.5 MEDIUM |
| Memory leak in the vcard_apdu_new function in card_7816.c in libcacard before 2.5.3 allows local guest OS users to cause a denial of service (host memory consumption) via vectors related to allocating a new APDU object. | |||||
| CVE-2019-15879 | 1 Freebsd | 1 Freebsd | 2020-05-18 | 5.8 MEDIUM | 7.4 HIGH |
| In FreeBSD 12.1-STABLE before r356908, 12.1-RELEASE before p5, 11.3-STABLE before r356908, and 11.3-RELEASE before p9, a race condition in the cryptodev module permitted a data structure in the kernel to be used after it was freed, allowing an unprivileged process can overwrite arbitrary kernel memory. | |||||
| CVE-2010-4683 | 1 Cisco | 1 Ios | 2020-05-13 | 7.8 HIGH | N/A |
| Memory leak in Cisco IOS before 15.0(1)XA5 might allow remote attackers to cause a denial of service (memory consumption) by sending a crafted SIP REGISTER message over UDP, aka Bug ID CSCtg41733. | |||||
| CVE-2009-5039 | 1 Cisco | 1 Ios | 2020-05-13 | 5.0 MEDIUM | N/A |
| Memory leak in the gk_circuit_info_do_in_acf function in the H.323 implementation in Cisco IOS before 15.0(1)XA allows remote attackers to cause a denial of service (memory consumption) via a large number of calls over a long duration, as demonstrated by InterZone Clear Token (IZCT) test traffic, aka Bug ID CSCsz72535. | |||||
| CVE-2018-20126 | 3 Canonical, Opensuse, Qemu | 3 Ubuntu Linux, Leap, Qemu | 2020-05-12 | 2.1 LOW | 5.5 MEDIUM |
| hw/rdma/vmw/pvrdma_cmd.c in QEMU allows create_cq and create_qp memory leaks because errors are mishandled. | |||||
| CVE-2018-20123 | 3 Canonical, Fedoraproject, Qemu | 3 Ubuntu Linux, Fedora, Qemu | 2020-05-12 | 2.1 LOW | 5.5 MEDIUM |
| pvrdma_realize in hw/rdma/vmw/pvrdma_main.c in QEMU has a Memory leak after an initialisation error. | |||||
| CVE-2010-5321 | 1 Linux | 1 Linux Kernel | 2020-05-11 | 4.9 MEDIUM | 4.3 MEDIUM |
| Memory leak in drivers/media/video/videobuf-core.c in the videobuf subsystem in the Linux kernel 2.6.x through 4.x allows local users to cause a denial of service (memory consumption) by leveraging /dev/video access for a series of mmap calls that require new allocations, a different vulnerability than CVE-2007-6761. NOTE: as of 2016-06-18, this affects only 11 drivers that have not been updated to use videobuf2 instead of videobuf. | |||||
| CVE-2020-12134 | 1 Nanometrics | 2 Centaur, Titansma | 2020-05-06 | 7.5 HIGH | 9.8 CRITICAL |
| Nanometrics Centaur through 4.3.23 and TitanSMA through 4.2.20 mishandle access control for the syslog log. | |||||
| CVE-2018-20540 | 1 Liblas | 1 Liblas | 2020-04-25 | 4.3 MEDIUM | 6.5 MEDIUM |
| There is memory leak at liblas::Open (liblas/liblas.hpp) in libLAS 1.8.1. | |||||
| CVE-2017-18675 | 2 Google, Samsung | 3 Android, Exynos 7420, Exynox 8890 | 2020-04-08 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) (Exynos7420 or Exynox8890 chipsets) software. The Camera application can leak uninitialized memory via ion. The Samsung ID is SVE-2016-6989 (April 2017). | |||||
| CVE-2020-9375 | 1 Tp-link | 2 Archer C5, Archer C50 | 2020-03-31 | 7.8 HIGH | 7.5 HIGH |
| TP-Link Archer C50 V3 devices before Build 200318 Rel. 62209 allows remote attackers to cause a denial of service via a crafted HTTP Header containing an unexpected Referer field. | |||||
| CVE-2018-18226 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2020-03-20 | 7.8 HIGH | 7.5 HIGH |
| In Wireshark 2.6.0 to 2.6.3, the Steam IHS Discovery dissector could consume system memory. This was addressed in epan/dissectors/packet-steam-ihs-discovery.c by changing the memory-management approach. | |||||
| CVE-2011-4661 | 1 Cisco | 1 Ios | 2020-03-02 | 4.3 MEDIUM | 7.5 HIGH |
| A memory leak vulnerability exists in Cisco IOS before 15.2(1)T due to a memory leak in the HTTP PROXY Server process (aka CSCtu52820), when configured with Cisco ISR Web Security with Cisco ScanSafe and User Authenticaiton NTLM configured. | |||||
| CVE-2011-2498 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2020-02-25 | 4.9 MEDIUM | 5.5 MEDIUM |
| The Linux kernel from v2.3.36 before v2.6.39 allows local unprivileged users to cause a denial of service (memory consumption) by triggering creation of PTE pages. | |||||
| CVE-2019-19533 | 1 Linux | 1 Linux Kernel | 2020-01-18 | 2.1 LOW | 2.4 LOW |
| In the Linux kernel before 5.3.4, there is an info-leak bug that can be caused by a malicious USB device in the drivers/media/usb/ttusb-dec/ttusb_dec.c driver, aka CID-a10feaf8c464. | |||||
| CVE-2018-11364 | 1 Wizardmac | 1 Readstat | 2019-12-02 | 5.0 MEDIUM | 7.5 HIGH |
| sav_parse_machine_integer_info_record in spss/readstat_sav_read.c in libreadstat.a in ReadStat 0.1.1 has a memory leak related to an iconv_open call. | |||||
| CVE-2011-1489 | 3 Debian, Opensuse, Rsyslog | 3 Debian Linux, Opensuse, Rsyslog | 2019-11-20 | 2.1 LOW | 5.5 MEDIUM |
| A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages were logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the rsyslogd daemon service via a log message belonging to more than one ruleset. | |||||
| CVE-2011-1490 | 3 Debian, Opensuse, Rsyslog | 3 Debian Linux, Opensuse, Rsyslog | 2019-11-20 | 2.1 LOW | 5.5 MEDIUM |
| A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the rsyslogd daemon service via a log message belonging to more than one ruleset | |||||
| CVE-2010-4657 | 3 Debian, Php, Redhat | 3 Debian Linux, Php, Enterprise Linux | 2019-11-20 | 5.0 MEDIUM | 7.5 HIGH |
| PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which are then misparsed by libxml2. This results in memory leak into the resulting output. | |||||
| CVE-2011-1488 | 3 Debian, Opensuse, Rsyslog | 3 Debian Linux, Opensuse, Rsyslog | 2019-11-19 | 1.9 LOW | 5.5 MEDIUM |
| A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when $RepeatedMsgReduction was enabled. A local attacker could use this flaw to cause a denial of the rsyslogd daemon service by crashing the service via a sequence of repeated log messages sent within short periods of time. | |||||
| CVE-2018-20657 | 2 F5, Gnu | 2 Traffix Signaling Delivery Controller, Binutils | 2019-11-06 | 5.0 MEDIUM | 7.5 HIGH |
| The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, has a memory leak via a crafted string, leading to a denial of service (memory consumption), as demonstrated by cxxfilt, a related issue to CVE-2018-12698. | |||||