Filtered by CWE-401
Filtered by vendor Subscriptions
Total 914 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2011-1576 2 Linux, Redhat 5 Linux Kernel, Enterprise Linux, Enterprise Mrg and 2 more 2024-11-21 N/A
The Generic Receive Offload (GRO) implementation in the Linux kernel 2.6.18 on Red Hat Enterprise Linux 5 and 2.6.32 on Red Hat Enterprise Linux 6, as used in Red Hat Enterprise Virtualization (RHEV) Hypervisor and other products, allows remote attackers to cause a denial of service via crafted VLAN packets that are processed by the napi_reuse_skb function, leading to (1) a memory leak or (2) memory corruption, a different vulnerability than CVE-2011-1478.
CVE-2011-1490 3 Debian, Opensuse, Rsyslog 3 Debian Linux, Opensuse, Rsyslog 2024-11-21 5.5 Medium
A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the rsyslogd daemon service via a log message belonging to more than one ruleset
CVE-2011-1489 3 Debian, Opensuse, Rsyslog 3 Debian Linux, Opensuse, Rsyslog 2024-11-21 5.5 Medium
A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages were logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the rsyslogd daemon service via a log message belonging to more than one ruleset.
CVE-2011-1488 3 Debian, Opensuse, Rsyslog 3 Debian Linux, Opensuse, Rsyslog 2024-11-21 5.5 Medium
A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when $RepeatedMsgReduction was enabled. A local attacker could use this flaw to cause a denial of the rsyslogd daemon service by crashing the service via a sequence of repeated log messages sent within short periods of time.
CVE-2011-1468 2 Php, Redhat 2 Php, Enterprise Linux 2024-11-21 N/A
Multiple memory leaks in the OpenSSL extension in PHP before 5.3.6 might allow remote attackers to cause a denial of service (memory consumption) via (1) plaintext data to the openssl_encrypt function or (2) ciphertext data to the openssl_decrypt function.
CVE-2010-4746 1 Fedoraproject 1 389 Directory Server 2024-11-21 N/A
Multiple memory leaks in the normalization functionality in 389 Directory Server before 1.2.7.5 allow remote attackers to cause a denial of service (memory consumption) via "badly behaved applications," related to (1) Slapi_Attr mishandling in the DN normalization code and (2) pointer mishandling in the syntax normalization code, a different issue than CVE-2011-0019.
CVE-2010-4250 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Mrg 2024-11-21 N/A
Memory leak in the inotify_init1 function in fs/notify/inotify/inotify_user.c in the Linux kernel before 2.6.37 allows local users to cause a denial of service (memory consumption) via vectors involving failed attempts to create files.
CVE-2010-3078 6 Canonical, Linux, Opensuse and 3 more 7 Ubuntu Linux, Linux Kernel, Opensuse and 4 more 2024-11-21 5.5 Medium
The xfs_ioc_fsgetxattr function in fs/xfs/linux-2.6/xfs_ioctl.c in the Linux kernel before 2.6.36-rc4 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an ioctl call.
CVE-2010-2942 7 Avaya, Canonical, Linux and 4 more 15 Aura Communication Manager, Aura Presence Services, Aura Session Manager and 12 more 2024-11-21 5.5 Medium
The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which allows local users to obtain potentially sensitive information from kernel memory via vectors related to (1) the tcf_gact_dump function in net/sched/act_gact.c, (2) the tcf_mirred_dump function in net/sched/act_mirred.c, (3) the tcf_nat_dump function in net/sched/act_nat.c, (4) the tcf_simp_dump function in net/sched/act_simple.c, and (5) the tcf_skbedit_dump function in net/sched/act_skbedit.c.
CVE-2010-2249 9 Apple, Canonical, Debian and 6 more 13 Iphone Os, Itunes, Safari and 10 more 2024-11-21 6.5 Medium
Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks.
CVE-2009-5063 1 Libpng 1 Libpng 2024-11-21 N/A
Memory leak in the embedded_profile_len function in pngwutil.c in libpng before 1.2.39beta5 allows context-dependent attackers to cause a denial of service (memory leak or segmentation fault) via a JPEG image containing an iCCP chunk with a negative embedded profile length. NOTE: this is due to an incomplete fix for CVE-2006-7244.
CVE-2009-4355 2 Openssl, Redhat 3 Openssl, Enterprise Linux, Openssl 2024-11-21 N/A
Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service (memory consumption) via vectors that trigger incorrect calls to the CRYPTO_cleanup_all_ex_data function, as demonstrated by use of SSLv3 and PHP with the Apache HTTP Server, a related issue to CVE-2008-1678.
CVE-2009-3228 3 Canonical, Linux, Redhat 8 Ubuntu Linux, Linux Kernel, Enterprise Linux and 5 more 2024-11-21 N/A
The tc_fill_tclass function in net/sched/sch_api.c in the tc subsystem in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.31-rc9 does not initialize certain (1) tcm__pad1 and (2) tcm__pad2 structure members, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors.
CVE-2009-1632 2 Ipsec-tools, Redhat 2 Ipsec-tools, Enterprise Linux 2024-11-21 N/A
Multiple memory leaks in Ipsec-tools before 0.7.2 allow remote attackers to cause a denial of service (memory consumption) via vectors involving (1) signature verification during user authentication with X.509 certificates, related to the eay_check_x509sign function in src/racoon/crypto_openssl.c; and (2) the NAT-Traversal (aka NAT-T) keepalive implementation, related to src/racoon/nattraversal.c.
CVE-2009-1378 3 Canonical, Openssl, Redhat 3 Ubuntu Linux, Openssl, Enterprise Linux 2024-11-21 N/A
Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or (2) have sequence numbers much greater than current sequence numbers, aka "DTLS fragment handling memory leak."
CVE-2009-1341 2 Debian, Redhat 2 Libdbd-pg-perl, Enterprise Linux 2024-11-21 N/A
Memory leak in the dequote_bytea function in quote.c in the DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module before 2.0.0 for Perl allows context-dependent attackers to cause a denial of service (memory consumption) by fetching data with BYTEA columns.
CVE-2009-0581 5 Gimp, Littlecms, Mozilla and 2 more 5 Gimp, Little Cms, Firefox and 2 more 2024-11-21 N/A
Memory leak in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allows context-dependent attackers to cause a denial of service (memory consumption and application crash) via a crafted image file.
CVE-2008-6218 1 Libpng 1 Libpng 2024-11-21 N/A
Memory leak in the png_handle_tEXt function in pngrutil.c in libpng before 1.2.33 rc02 and 1.4.0 beta36 allows context-dependent attackers to cause a denial of service (memory exhaustion) via a crafted PNG file.
CVE-2008-4298 1 Lighttpd 1 Lighttpd 2024-11-21 N/A
Memory leak in the http_request_parse function in request.c in lighttpd before 1.4.20 allows remote attackers to cause a denial of service (memory consumption) via a large number of requests with duplicate request headers.
CVE-2008-3913 2 Clamav, Debian 2 Clamav, Debian Linux 2024-11-21 N/A
Multiple memory leaks in freshclam/manager.c in ClamAV before 0.94 might allow attackers to cause a denial of service (memory consumption) via unspecified vectors related to "error handling logic".