ReportizFlow
Filtered by vendor
Subscriptions
Total
963 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-44961 | 1 Slic3r | 1 Libslic3r | 2024-11-21 | 5.5 Medium |
| A memory leakage flaw exists in the class PerimeterGenerator of Slic3r libslic3r 1.3.0 and Master Commit b1a5500. Specially crafted stl files can exhaust available memory. An attacker can provide malicious files to trigger this vulnerability. | ||||
| CVE-2021-44542 | 1 Privoxy | 1 Privoxy | 2024-11-21 | 7.5 High |
| A memory leak vulnerability was found in Privoxy when handling errors. | ||||
| CVE-2021-44541 | 1 Privoxy | 1 Privoxy | 2024-11-21 | 7.5 High |
| A vulnerability was found in Privoxy which was fixed in process_encrypted_request_headers() by freeing header memory when failing to get the request destination. | ||||
| CVE-2021-44540 | 1 Privoxy | 1 Privoxy | 2024-11-21 | 7.5 High |
| A vulnerability was found in Privoxy which was fixed in get_url_spec_param() by freeing memory of compiled pattern spec before bailing. | ||||
| CVE-2021-42523 | 1 Colord Project | 1 Colord | 2024-11-21 | 7.5 High |
| There are two Information Disclosure vulnerabilities in colord, and they lie in colord/src/cd-device-db.c and colord/src/cd-profile-db.c separately. They exist because the 'err_msg' of 'sqlite3_exec' is not releasing after use, while libxml2 emphasizes that the caller needs to release it. | ||||
| CVE-2021-42522 | 1 Gnome | 1 Anjuta | 2024-11-21 | 7.5 High |
| There is a Information Disclosure vulnerability in anjuta/plugins/document-manager/anjuta-bookmarks.c. This issue was caused by the incorrect use of libxml2 API. The vendor forgot to call 'g_free()' to release the return value of 'xmlGetProp()'. | ||||
| CVE-2021-42218 | 1 Rice | 1 Open Motion Planning Library | 2024-11-21 | 7.5 High |
| OMPL v1.5.2 contains a memory leak in VFRRT.cpp | ||||
| CVE-2021-42197 | 1 Swftools | 1 Swftools | 2024-11-21 | 7.8 High |
| An issue was discovered in swftools through 20201222 through a memory leak in the swftools when swfdump is used. It allows an attacker to cause code execution. | ||||
| CVE-2021-41959 | 1 Jerryscript | 1 Jerryscript | 2024-11-21 | 7.5 High |
| JerryScript Git version 14ff5bf does not sufficiently track and release allocated memory via jerry-core/ecma/operations/ecma-regexp-object.c after RegExp, which causes a memory leak. | ||||
| CVE-2021-41690 | 1 Offis | 1 Dcmtk | 2024-11-21 | 7.5 High |
| DCMTK through 3.6.6 does not handle memory free properly. The malloced memory for storing all file information are recorded in a global variable LST and are not freed properly. Sending specific requests to the dcmqrdb program can incur a memory leak. An attacker can use it to launch a DoS attack. | ||||
| CVE-2021-41687 | 1 Offis | 1 Dcmtk | 2024-11-21 | 7.5 High |
| DCMTK through 3.6.6 does not handle memory free properly. The program malloc a heap memory for parsing data, but does not free it when error in parsing. Sending specific requests to the dcmqrdb program incur the memory leak. An attacker can use it to launch a DoS attack. | ||||
| CVE-2021-41490 | 1 Rice | 1 Open Motion Planning Library | 2024-11-21 | 7.5 High |
| Memory leaks in LazyPRM.cpp of OMPL v1.5.0 can cause unexpected behavior. | ||||
| CVE-2021-41229 | 3 Bluez, Debian, Redhat | 3 Bluez, Debian Linux, Enterprise Linux | 2024-11-21 | 4.3 Medium |
| BlueZ is a Bluetooth protocol stack for Linux. In affected versions a vulnerability exists in sdp_cstate_alloc_buf which allocates memory which will always be hung in the singly linked list of cstates and will not be freed. This will cause a memory leak over time. The data can be a very large object, which can be caused by an attacker continuously sending sdp packets and this may cause the service of the target device to crash. | ||||
| CVE-2021-41145 | 1 Freeswitch | 1 Freeswitch | 2024-11-21 | 8.6 High |
| FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. FreeSWITCH prior to version 1.10.7 is susceptible to Denial of Service via SIP flooding. When flooding FreeSWITCH with SIP messages, it was observed that after a number of seconds the process was killed by the operating system due to memory exhaustion. By abusing this vulnerability, an attacker is able to crash any FreeSWITCH instance by flooding it with SIP messages, leading to Denial of Service. The attack does not require authentication and can be carried out over UDP, TCP or TLS. This issue was patched in version 1.10.7. | ||||
| CVE-2021-40633 | 1 Giflib Project | 1 Giflib | 2024-11-21 | 8.8 High |
| A memory leak (out-of-memory) in gif2rgb in util/gif2rgb.c in giflib 5.1.4 allows remote attackers trigger an out of memory exception or denial of service via a gif format file. | ||||
| CVE-2021-40047 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 7.5 High |
| There is a vulnerability of memory not being released after effective lifetime in the Bastet module. Successful exploitation of this vulnerability may affect integrity. | ||||
| CVE-2021-3905 | 4 Canonical, Fedoraproject, Openvswitch and 1 more | 5 Ubuntu Linux, Fedora, Openvswitch and 2 more | 2024-11-21 | 7.5 High |
| A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments. | ||||
| CVE-2021-3764 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | 5.5 Medium |
| A memory leak flaw was found in the Linux kernel's ccp_run_aes_gcm_cmd() function that allows an attacker to cause a denial of service. The vulnerability is similar to the older CVE-2019-18808. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2021-3744 | 5 Debian, Fedoraproject, Linux and 2 more | 24 Debian Linux, Fedora, Linux Kernel and 21 more | 2024-11-21 | 5.5 Medium |
| A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808. | ||||
| CVE-2021-3736 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 5.5 Medium |
| A flaw was found in the Linux kernel. A memory leak problem was found in mbochs_ioctl in samples/vfio-mdev/mbochs.c in Virtual Function I/O (VFIO) Mediated devices. This flaw could allow a local attacker to leak internal kernel information. | ||||