Total
402 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-14326 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2019-10-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file. | |||||
| CVE-2017-7624 | 1 Entropymine | 1 Imageworsener | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| The iw_read_bmp_file function in imagew-bmp.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to consume an amount of available memory via a crafted file. | |||||
| CVE-2017-0719 | 1 Google | 1 Android | 2019-10-03 | 9.3 HIGH | 7.8 HIGH |
| A remote code execution vulnerability in the Android media framework (mpeg2 decoder). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37273673. | |||||
| CVE-2017-12428 | 1 Imagemagick | 1 Imagemagick | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| In ImageMagick 7.0.6-1, a memory leak vulnerability was found in the function ReadWMFImage in coders/wmf.c, which allows attackers to cause a denial of service in CloneDrawInfo in draw.c. | |||||
| CVE-2017-1786 | 1 Ibm | 1 Websphere Mq | 2019-10-03 | 3.5 LOW | 5.3 MEDIUM |
| IBM WebSphere MQ 8.0 through 8.0.0.8 and 9.0 through 9.0.4 under special circumstances could allow an authenticated user to consume all resources due to a memory leak resulting in service loss. IBM X-Force ID: 136975. | |||||
| CVE-2017-13234 | 1 Google | 1 Android | 2019-10-03 | 7.1 HIGH | 6.5 MEDIUM |
| In DLSParser of the sonivox library, there is possible resource exhaustion due to a memory leak. This could lead to remote temporary denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68159767. | |||||
| CVE-2017-13196 | 1 Google | 1 Android | 2019-10-03 | 7.8 HIGH | 7.5 HIGH |
| In several places in ihevcd_decode.c, a dead loop could occur due to incomplete frames which could lead to memory leaks. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-63522067. | |||||
| CVE-2018-7727 | 2 Redhat, Zziplib Project | 4 Enterprise Linux Desktop, Enterprise Linux Server, Enterprise Linux Workstation and 1 more | 2019-10-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in ZZIPlib 0.13.68. There is a memory leak triggered in the function zzip_mem_disk_new in memdisk.c, which will lead to a denial of service attack. | |||||
| CVE-2017-14431 | 1 Xen | 1 Xen | 2019-10-03 | 4.9 MEDIUM | 5.5 MEDIUM |
| Memory leak in Xen 3.3 through 4.8.x allows guest OS users to cause a denial of service (ARM or x86 AMD host OS memory consumption) by continually rebooting, because certain cleanup is skipped if no pass-through device was ever assigned, aka XSA-207. | |||||
| CVE-2017-17329 | 1 Huawei | 2 Viewpoint 8660, Viewpoint 8660 Firmware | 2019-10-03 | 2.1 LOW | 3.3 LOW |
| Huawei ViewPoint 8660 V100R008C03 have a memory leak vulnerability. The software does not release allocated memory properly when parse XML Schema data. An authenticated attacker could upload a crafted XML file, successful exploit could cause the system service abnormal since run out of memory. | |||||
| CVE-2017-14684 | 1 Imagemagick | 1 Imagemagick | 2019-10-03 | 7.1 HIGH | 6.5 MEDIUM |
| In ImageMagick 7.0.7-4 Q16, a memory leak vulnerability was found in the function ReadVIPSImage in coders/vips.c, which allows attackers to cause a denial of service (memory consumption in ResizeMagickMemory in MagickCore/memory.c) via a crafted file. | |||||
| CVE-2017-2315 | 1 Juniper | 1 Junos | 2019-10-03 | 7.8 HIGH | 7.5 HIGH |
| On Juniper Networks EX Series Ethernet Switches running affected Junos OS versions, a vulnerability in IPv6 processing has been discovered that may allow a specially crafted IPv6 Neighbor Discovery (ND) packet destined to an EX Series Ethernet Switch to cause a slow memory leak. A malicious network-based packet flood of these crafted IPv6 NDP packets may eventually lead to resource exhaustion and a denial of service. The affected Junos OS versions are: 12.3 prior to 12.3R12-S4, 12.3R13; 13.3 prior to 13.3R10; 14.1 prior to 14.1R8-S3, 14.1R9; 14.1X53 prior ro 14.1X53-D12, 14.1X53-D40; 14.1X55 prior to 14.1X55-D35; 14.2 prior to 14.2R6-S4, 14.2R7-S6, 14.2R8; 15.1 prior to 15.1R5; 16.1 before 16.1R3; 16.2 before 16.2R1-S3, 16.2R2. 17.1R1 and all subsequent releases have a resolution for this vulnerability. | |||||
| CVE-2018-19760 | 1 Libconfuse Project | 1 Libconfuse | 2019-10-03 | 6.8 MEDIUM | 8.8 HIGH |
| cfg_init in confuse.c in libConfuse 3.2.2 has a memory leak. | |||||
| CVE-2017-7942 | 1 Imagemagick | 1 Imagemagick | 2019-10-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| The ReadAVSImage function in avs.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file. | |||||
| CVE-2017-9261 | 1 Imagemagick | 1 Imagemagick | 2019-10-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| In ImageMagick 7.0.5-6 Q16, the ReadMNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file. | |||||
| CVE-2017-8354 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2019-10-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| In ImageMagick 7.0.5-5, the ReadBMPImage function in bmp.c allows attackers to cause a denial of service (memory leak) via a crafted file. | |||||
| CVE-2017-11528 | 1 Imagemagick | 1 Imagemagick | 2019-10-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| The ReadDIBImage function in coders/dib.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file. | |||||
| CVE-2017-12433 | 1 Imagemagick | 1 Imagemagick | 2019-10-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| In ImageMagick 7.0.6-1, a memory leak vulnerability was found in the function ReadPESImage in coders/pes.c, which allows attackers to cause a denial of service, related to ResizeMagickMemory in memory.c. | |||||
| CVE-2017-17164 | 1 Huawei | 2 Secospace Antiddos8000, Secospace Antiddos8000 Firmware | 2019-10-03 | 5.0 MEDIUM | 5.3 MEDIUM |
| Huawei Secospace AntiDDoS8000 V500R001C20SPC500 have a memory leak vulnerability due to memory don't be released when the system open some function. An attacker could exploit it to cause memory leak, which may further lead to system exceptions. | |||||
| CVE-2017-14970 | 1 Openvswitch | 1 Openvswitch | 2019-10-03 | 4.3 MEDIUM | 5.9 MEDIUM |
| In lib/ofp-util.c in Open vSwitch (OvS) before 2.8.1, there are multiple memory leaks while parsing malformed OpenFlow group mod messages. NOTE: the vendor disputes the relevance of this report, stating "it can only be triggered by an OpenFlow controller, but OpenFlow controllers have much more direct and powerful ways to force Open vSwitch to allocate memory, such as by inserting flows into the flow table." | |||||