Total
620 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-6458 | 1 Gnu | 1 Recutils | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in GNU Recutils 1.8. There is a memory leak in rec_buf_new in rec-buf.c when called from rec_parse_rset in rec-parser.c in librec.a. | |||||
| CVE-2019-6457 | 1 Gnu | 1 Recutils | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in GNU Recutils 1.8. There is a memory leak in rec_aggregate_reg_new in rec-aggregate.c in librec.a. | |||||
| CVE-2019-19083 | 3 Canonical, Linux, Opensuse | 3 Ubuntu Linux, Linux Kernel, Leap | 2020-08-24 | 4.7 MEDIUM | 4.7 MEDIUM |
| Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption). This affects the dce112_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, the dce100_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c, the dcn10_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_resource.c, the dcn20_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn20/dcn20_resource.c, the dce120_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce120/dce120_resource.c, the dce110_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_resource.c, and the dce80_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce80/dce80_resource.c, aka CID-055e547478a1. | |||||
| CVE-2019-15921 | 2 Linux, Opensuse | 2 Linux Kernel, Leap | 2020-08-24 | 4.7 MEDIUM | 4.7 MEDIUM |
| An issue was discovered in the Linux kernel before 5.0.6. There is a memory leak issue when idr_alloc() fails in genl_register_family() in net/netlink/genetlink.c. | |||||
| CVE-2019-5540 | 2 Apple, Vmware | 3 Mac Os X, Fusion, Workstation | 2020-08-24 | 4.0 MEDIUM | 7.7 HIGH |
| VMware Workstation (15.x before 15.5.1) and Fusion (11.x before 11.5.1) contain an information disclosure vulnerability in vmnetdhcp. Successful exploitation of this issue may allow an attacker on a guest VM to disclose sensitive information by leaking memory from the host process. | |||||
| CVE-2019-6608 | 1 F5 | 14 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 11 more | 2020-08-24 | 7.1 HIGH | 5.9 MEDIUM |
| On BIG-IP 11.5.1-11.6.3, 12.1.0-12.1.3, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, the snmpd daemon may leak memory on a multi-blade BIG-IP vCMP guest when processing authorized SNMP requests. | |||||
| CVE-2019-6647 | 1 F5 | 13 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 10 more | 2020-08-24 | 4.3 MEDIUM | 5.3 MEDIUM |
| On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.2, 12.1.0-12.1.4.1, 11.5.2-11.6.4, when processing authentication attempts for control-plane users MCPD leaks a small amount of memory. Under rare conditions attackers with access to the management interface could eventually deplete memory on the system. | |||||
| CVE-2019-7732 | 1 Live555 | 1 Streaming Media | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| In Live555 0.95, a setup packet can cause a memory leak leading to DoS because, when there are multiple instances of a single field (username, realm, nonce, uri, or response), only the last instance can ever be freed. | |||||
| CVE-2019-6459 | 1 Gnu | 1 Recutils | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in GNU Recutils 1.8. There is a memory leak in rec_extract_type in rec-utils.c in librec.a. | |||||
| CVE-2019-6138 | 1 Mz-automation | 1 Libiec61850 | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| An issue has been found in libIEC61850 v1.3.1. Memory_malloc and Memory_calloc in hal/memory/lib_memory.c have memory leaks when called from mms/iso_mms/common/mms_value.c, server/mms_mapping/mms_mapping.c, and server/mms_mapping/mms_sv.c (via common/string_utilities.c), as demonstrated by iec61850_9_2_LE_example.c. | |||||
| CVE-2019-18807 | 1 Linux | 1 Linux Kernel | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| Two memory leaks in the sja1105_static_config_upload() function in drivers/net/dsa/sja1105/sja1105_spi.c in the Linux kernel before 5.3.5 allow attackers to cause a denial of service (memory consumption) by triggering static_config_buf_prepare_for_upload() or sja1105_inhibit_tx() failures, aka CID-68501df92d11. | |||||
| CVE-2019-19077 | 3 Canonical, Linux, Opensuse | 3 Ubuntu Linux, Linux Kernel, Leap | 2020-08-24 | 4.9 MEDIUM | 5.5 MEDIUM |
| A memory leak in the bnxt_re_create_srq() function in drivers/infiniband/hw/bnxt_re/ib_verbs.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy to udata failures, aka CID-4a9d46a9fe14. | |||||
| CVE-2020-8916 | 1 Openthread | 1 Wpantund | 2020-07-16 | 2.1 LOW | 5.5 MEDIUM |
| A memory leak in Openthread's wpantund versions up to commit 0e5d1601febb869f583e944785e5685c6c747be7, when used in an environment where wpanctl is directly interfacing with the control driver (eg: debug environments) can allow an attacker to crash the service (DoS). We recommend updating, or to restrict access in your debug environments. | |||||
| CVE-2019-20888 | 1 Mattermost | 1 Mattermost Server | 2020-06-20 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Mattermost Server before 5.7, 5.6.3, 5.5.2, and 4.10.5. It allows attackers to cause a denial of service (memory consumption) via an outgoing webhook or a slash command integration. | |||||
| CVE-2018-21079 | 1 Google | 1 Android | 2020-04-09 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Samsung mobile devices with L(5.x), M(6.0), N(7.x), and O(8.0) software. There is a kernel pointer leak in the USB gadget driver. The Samsung ID is SVE-2017-10993 (March 2018). | |||||
| CVE-2020-3914 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2020-04-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2. An application may be able to read restricted memory. | |||||
| CVE-2001-0543 | 1 Microsoft | 3 Exchange Server, Windows 2000, Windows Nt | 2020-04-02 | 5.0 MEDIUM | N/A |
| Memory leak in NNTP service in Windows NT 4.0 and Windows 2000 allows remote attackers to cause a denial of service (memory exhaustion) via a large number of malformed posts. | |||||
| CVE-2020-10840 | 2 Google, Samsung | 2 Android, Exynos 9610 | 2020-03-26 | 3.6 LOW | 7.1 HIGH |
| An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (Exynos 9610 chipsets) software. There is a kernel pointer leak in the vipx driver. The Samsung ID is SVE-2019-16293 (February 2020). | |||||
| CVE-2017-15094 | 1 Powerdns | 1 Recursor | 2019-10-09 | 4.3 MEDIUM | 5.9 MEDIUM |
| An issue has been found in the DNSSEC parsing code of PowerDNS Recursor from 4.0.0 up to and including 4.0.6 leading to a memory leak when parsing specially crafted DNSSEC ECDSA keys. These keys are only parsed when validation is enabled by setting dnssec to a value other than off or process-no-validate (default). | |||||
| CVE-2017-7654 | 2 Debian, Eclipse | 2 Debian Linux, Mosquitto | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| In Eclipse Mosquitto 1.4.15 and earlier, a Memory Leak vulnerability was found within the Mosquitto Broker. Unauthenticated clients can send crafted CONNECT packets which could cause a denial of service in the Mosquitto Broker. | |||||