ReportizFlow
Filtered by vendor
Subscriptions
Total
964 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-20046 | 2 Google, Mediatek | 7 Android, Mt8167, Mt8175 and 4 more | 2024-11-21 | 5.5 Medium |
| In Bluetooth, there is a possible memory corruption due to a logic error. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06142410; Issue ID: ALPS06142410. | ||||
| CVE-2022-1651 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 7.1 High |
| A memory leak flaw was found in the Linux kernel in acrn_dev_ioctl in the drivers/virt/acrn/hsm.c function in how the ACRN Device Model emulates virtual NICs in VM. This flaw allows a local privileged attacker to leak unauthorized kernel information, causing a denial of service. | ||||
| CVE-2022-1515 | 1 Matio Project | 1 Matio | 2024-11-21 | 5.5 Medium |
| A memory leak was discovered in matio 1.5.21 and earlier in Mat_VarReadNextInfo5() in mat5.c via a crafted file. This issue can potentially result in DoS. | ||||
| CVE-2022-1473 | 3 Netapp, Openssl, Redhat | 44 A250, A250 Firmware, A700s and 41 more | 2024-11-21 | 7.5 High |
| The OPENSSL_LH_flush() function, which empties a hash table, contains a bug that breaks reuse of the memory occuppied by the removed hash table entries. This function is used when decoding certificates or keys. If a long lived process periodically decodes certificates or keys its memory usage will expand without bounds and the process might be terminated by the operating system causing a denial of service. Also traversing the empty hash table entries will take increasingly more time. Typically such long lived processes might be TLS clients or TLS servers configured to accept client certificate authentication. The function was added in the OpenSSL 3.0 version thus older releases are not affected by the issue. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). | ||||
| CVE-2022-1012 | 2 Linux, Redhat | 5 Linux Kernel, Enterprise Linux, Rhel E4s and 2 more | 2024-11-21 | 8.2 High |
| A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem. | ||||
| CVE-2022-0854 | 3 Debian, Linux, Redhat | 5 Debian Linux, Linux Kernel, Enterprise Linux and 2 more | 2024-11-21 | 5.5 Medium |
| A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls DMA_FROM_DEVICE. This flaw allows a local user to read random memory from the kernel space. | ||||
| CVE-2022-0853 | 1 Redhat | 6 Descision Manager, Jboss Enterprise Application Platform, Jboss Enterprise Application Platform Expansion Pack and 3 more | 2024-11-21 | 7.5 High |
| A flaw was found in JBoss-client. The vulnerability occurs due to a memory leak on the JBoss client-side, when using UserTransaction repeatedly and leads to information leakage vulnerability. | ||||
| CVE-2022-0812 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.3 Medium |
| An information leak flaw was found in NFS over RDMA in the net/sunrpc/xprtrdma/rpc_rdma.c in the Linux Kernel. This flaw allows an attacker with normal user privileges to leak kernel information. | ||||
| CVE-2022-0742 | 2 Linux, Netapp | 27 Linux Kernel, A400, A400 Firmware and 24 more | 2024-11-21 | 9.1 Critical |
| Memory leak in icmp6 implementation in Linux Kernel 5.13+ allows a remote attacker to DoS a host by making it go out-of-memory via icmp6 packets of type 130 or 131. We recommend upgrading past commit 2d3916f3189172d5c69d33065c3c21119fe539fc. | ||||
| CVE-2021-4213 | 3 Debian, Dogtagpki, Redhat | 4 Debian Linux, Network Security Services For Java, Certificate System and 1 more | 2024-11-21 | 7.5 High |
| A flaw was found in JSS, where it did not properly free up all memory. Over time, the wasted memory builds up in the server memory, saturating the server’s RAM. This flaw allows an attacker to force the invocation of an out-of-memory process, causing a denial of service. | ||||
| CVE-2021-4135 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 5.5 Medium |
| A memory leak vulnerability was found in the Linux kernel's eBPF for the Simulated networking device driver in the way user uses BPF for the device such that function nsim_map_alloc_elem being called. A local user could use this flaw to get unauthorized access to some data. | ||||
| CVE-2021-4002 | 5 Debian, Fedoraproject, Linux and 2 more | 7 Debian Linux, Fedora, Linux Kernel and 4 more | 2024-11-21 | 4.4 Medium |
| A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages. A local user could use this flaw to get unauthorized access to some data. | ||||
| CVE-2021-46854 | 1 Proftpd | 1 Proftpd | 2024-11-21 | 7.5 High |
| mod_radius in ProFTPD before 1.3.7c allows memory disclosure to RADIUS servers because it copies blocks of 16 characters. | ||||
| CVE-2021-46481 | 1 Jsish | 1 Jsish | 2024-11-21 | 5.5 Medium |
| Jsish v3.5.0 was discovered to contain a memory leak via linenoise at src/linenoise.c. | ||||
| CVE-2021-46142 | 4 Debian, Fedoraproject, Opensuse and 1 more | 7 Debian Linux, Extra Packages For Enterprise Linux, Fedora and 4 more | 2024-11-21 | 5.5 Medium |
| An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax. | ||||
| CVE-2021-46141 | 4 Debian, Fedoraproject, Opensuse and 1 more | 7 Debian Linux, Extra Packages For Enterprise Linux, Fedora and 4 more | 2024-11-21 | 5.5 Medium |
| An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriFreeUriMembers and uriMakeOwner. | ||||
| CVE-2021-46082 | 1 Moxa | 12 Mgate 5101-pbm-mn, Mgate 5101-pbm-mn-t, Mgate 5101-pbm-mn-t Firmware and 9 more | 2024-11-21 | 7.5 High |
| Moxa TN-5900 v3.1 series routers, MGate 5109 v2.2 series protocol gateways, and MGate 5101-PBM-MN v2.1 series protocol gateways were discovered to contain a memory leak which allows attackers to cause a Denial of Service (DoS) via crafted packets. | ||||
| CVE-2021-45481 | 2 Redhat, Webkitgtk | 2 Enterprise Linux, Webkitgtk | 2024-11-21 | 6.5 Medium |
| In WebKitGTK before 2.32.4, there is incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create, leading to a segmentation violation and application crash, a different vulnerability than CVE-2021-30889. | ||||
| CVE-2021-45480 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-11-21 | 5.5 Medium |
| An issue was discovered in the Linux kernel before 5.15.11. There is a memory leak in the __rds_conn_create() function in net/rds/connection.c in a certain combination of circumstances. | ||||
| CVE-2021-45346 | 2 Netapp, Sqlite | 2 Ontap Select Deploy Administration Utility, Sqlite | 2024-11-21 | 4.3 Medium |
| A Memory Leak vulnerability exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries (made via editing the Database File), it is possible to query a record, and leak subsequent bytes of memory that extend beyond the record, which could let a malicious user obtain sensitive information. NOTE: The developer disputes this as a vulnerability stating that If you give SQLite a corrupted database file and submit a query against the database, it might read parts of the database that you did not intend or expect. | ||||