Total
1585 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-8929 | 2 Libarchive, Suse | 4 Libarchive, Linux Enterprise Desktop, Linux Enterprise Server and 1 more | 2025-04-12 | N/A |
| Memory leak in the __archive_read_get_extract function in archive_read_extract2.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service via a tar file. | ||||
| CVE-2015-0206 | 2 Openssl, Redhat | 2 Openssl, Enterprise Linux | 2025-04-12 | N/A |
| Memory leak in the dtls1_buffer_record function in d1_pkt.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate records for the next epoch, leading to failure of replay detection. | ||||
| CVE-2016-9913 | 1 Qemu | 1 Qemu | 2025-04-12 | 6.5 Medium |
| Memory leak in the v9fs_device_unrealize_common function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) via vectors involving the order of resource cleanup. | ||||
| CVE-2016-9914 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2025-04-12 | 6.5 Medium |
| Memory leak in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) by leveraging a missing cleanup operation in FileOperations. | ||||
| CVE-2015-3195 | 9 Apple, Canonical, Debian and 6 more | 28 Mac Os X, Ubuntu Linux, Debian Linux and 25 more | 2025-04-12 | 5.3 Medium |
| The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by triggering a decoding failure in a PKCS#7 or CMS application. | ||||
| CVE-2016-9915 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2025-04-12 | 6.5 Medium |
| Memory leak in hw/9pfs/9p-handle.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) by leveraging a missing cleanup operation in the handle backend. | ||||
| CVE-2016-5400 | 1 Linux | 1 Linux Kernel | 2025-04-12 | 4.6 Medium |
| Memory leak in the airspy_probe function in drivers/media/usb/airspy/airspy.c in the airspy USB driver in the Linux kernel before 4.7 allows local users to cause a denial of service (memory consumption) via a crafted USB device that emulates many VFL_TYPE_SDR or VFL_TYPE_SUBDEV devices and performs many connect and disconnect operations. | ||||
| CVE-2016-9916 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2025-04-12 | 6.5 Medium |
| Memory leak in hw/9pfs/9p-proxy.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) by leveraging a missing cleanup operation in the proxy backend. | ||||
| CVE-2015-8631 | 5 Debian, Mit, Opensuse and 2 more | 12 Debian Linux, Kerberos 5, Leap and 9 more | 2025-04-12 | 6.5 Medium |
| Multiple memory leaks in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 allow remote authenticated users to cause a denial of service (memory consumption) via a request specifying a NULL principal name. | ||||
| CVE-2025-30658 | 2025-04-11 | 7.5 High | ||
| A Missing Release of Memory after Effective Lifetime vulnerability in the Anti-Virus processing of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). On all SRX platforms with Anti-Virus enabled, if a server sends specific content in the HTTP body of a response to a client request, these packets are queued by Anti-Virus processing in Juniper Buffers (jbufs) which are never released. When these jbufs are exhausted, the device stops forwarding all transit traffic. A jbuf memory leak can be noticed from the following logs: (<node>.)<fpc> Warning: jbuf pool id <#> utilization level (<current level>%) is above <threshold>%! To recover from this issue, the affected device needs to be manually rebooted to free the leaked jbufs. This issue affects Junos OS on SRX Series: * all versions before 21.2R3-S9, * 21.4 versions before 21.4R3-S10, * 22.2 versions before 22.2R3-S6, * 22.4 versions before 22.4R3-S6, * 23.2 versions before 23.2R2-S3, * 23.4 versions before 23.4R2-S3, * 24.2 versions before 24.2R2. | ||||
| CVE-2025-30647 | 2025-04-11 | 6.5 Medium | ||
| A Missing Release of Memory after Effective Lifetime vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on MX Series allows an unauthenticated adjacent attacker to cause a Denial-of-Service (DoS). In a subscriber management scenario, login/logout activity triggers a memory leak, and the leaked memory gradually increments and eventually results in a crash. user@host> show chassis fpc Temp CPU Utilization (%) CPU Utilization (%) Memory Utilization (%) Slot State (C) Total Interrupt 1min 5min 15min DRAM (MB) Heap Buffer 2 Online 36 10 0 9 8 9 32768 26 0 This issue affects Junos OS on MX Series: * All versions before 21.2R3-S9 * from 21.4 before 21.4R3-S10 * from 22.2 before 22.2R3-S6 * from 22.4 before 22.4R3-S5 * from 23.2 before 23.2R2-S3 * from 23.4 before 23.4R2-S3 * from 24.2 before 24.2R2. | ||||
| CVE-2024-39539 | 1 Juniper | 21 Junos, Mx, Mx10 and 18 more | 2025-04-11 | 5.3 Medium |
| A Missing Release of Memory after Effective Lifetime vulnerability in Juniper Networks Junos OS on MX Series allows an unauthenticated adjacent attacker to cause a Denial-of-Service (DoS). In a subscriber management scenario continuous subscriber logins will trigger a memory leak and eventually lead to an FPC crash and restart. This issue affects Junos OS on MX Series: * All version before 21.2R3-S6, * 21.4 versions before 21.4R3-S6, * 22.1 versions before 22.1R3-S5, * 22.2 versions before 22.2R3-S3, * 22.3 versions before 22.3R3-S2, * 22.4 versions before 22.4R3, * 23.2 versions before 23.2R2. | ||||
| CVE-2010-4746 | 1 Fedoraproject | 1 389 Directory Server | 2025-04-11 | N/A |
| Multiple memory leaks in the normalization functionality in 389 Directory Server before 1.2.7.5 allow remote attackers to cause a denial of service (memory consumption) via "badly behaved applications," related to (1) Slapi_Attr mishandling in the DN normalization code and (2) pointer mishandling in the syntax normalization code, a different issue than CVE-2011-0019. | ||||
| CVE-2013-4592 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-11 | N/A |
| Memory leak in the __kvm_set_memory_region function in virt/kvm/kvm_main.c in the Linux kernel before 3.9 allows local users to cause a denial of service (memory consumption) by leveraging certain device access to trigger movement of memory slots. | ||||
| CVE-2012-3954 | 4 Canonical, Debian, Isc and 1 more | 4 Ubuntu Linux, Debian Linux, Dhcp and 1 more | 2025-04-11 | N/A |
| Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and 4.1-ESV before 4.1-ESV-R6 allow remote attackers to cause a denial of service (memory consumption) by sending many requests. | ||||
| CVE-2010-3078 | 6 Canonical, Linux, Opensuse and 3 more | 7 Ubuntu Linux, Linux Kernel, Opensuse and 4 more | 2025-04-11 | 5.5 Medium |
| The xfs_ioc_fsgetxattr function in fs/xfs/linux-2.6/xfs_ioctl.c in the Linux kernel before 2.6.36-rc4 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an ioctl call. | ||||
| CVE-2010-2942 | 7 Avaya, Canonical, Linux and 4 more | 15 Aura Communication Manager, Aura Presence Services, Aura Session Manager and 12 more | 2025-04-11 | 5.5 Medium |
| The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which allows local users to obtain potentially sensitive information from kernel memory via vectors related to (1) the tcf_gact_dump function in net/sched/act_gact.c, (2) the tcf_mirred_dump function in net/sched/act_mirred.c, (3) the tcf_nat_dump function in net/sched/act_nat.c, (4) the tcf_simp_dump function in net/sched/act_simple.c, and (5) the tcf_skbedit_dump function in net/sched/act_skbedit.c. | ||||
| CVE-2006-7244 | 1 Libpng | 1 Libpng | 2025-04-11 | N/A |
| Memory leak in pngwutil.c in libpng 1.2.13beta1, and other versions before 1.2.15beta3, allows context-dependent attackers to cause a denial of service (memory leak or segmentation fault) via a JPEG image containing an iCCP chunk with a negative embedded profile length. | ||||
| CVE-2012-0789 | 2 Php, Redhat | 2 Php, Enterprise Linux | 2025-04-11 | N/A |
| Memory leak in the timezone functionality in PHP before 5.3.9 allows remote attackers to cause a denial of service (memory consumption) by triggering many strtotime function calls, which are not properly handled by the php_date_parse_tzfile cache. | ||||
| CVE-2012-1148 | 3 Apple, Libexpat Project, Redhat | 4 Mac Os X, Libexpat, Enterprise Linux and 1 more | 2025-04-11 | N/A |
| Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding entities. | ||||