Filtered by CWE-401
Filtered by vendor Subscriptions
Total 1310 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-41490 1 Rice 1 Open Motion Planning Library 2024-11-21 7.5 High
Memory leaks in LazyPRM.cpp of OMPL v1.5.0 can cause unexpected behavior.
CVE-2021-41229 3 Bluez, Debian, Redhat 3 Bluez, Debian Linux, Enterprise Linux 2024-11-21 4.3 Medium
BlueZ is a Bluetooth protocol stack for Linux. In affected versions a vulnerability exists in sdp_cstate_alloc_buf which allocates memory which will always be hung in the singly linked list of cstates and will not be freed. This will cause a memory leak over time. The data can be a very large object, which can be caused by an attacker continuously sending sdp packets and this may cause the service of the target device to crash.
CVE-2021-41145 1 Freeswitch 1 Freeswitch 2024-11-21 8.6 High
FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. FreeSWITCH prior to version 1.10.7 is susceptible to Denial of Service via SIP flooding. When flooding FreeSWITCH with SIP messages, it was observed that after a number of seconds the process was killed by the operating system due to memory exhaustion. By abusing this vulnerability, an attacker is able to crash any FreeSWITCH instance by flooding it with SIP messages, leading to Denial of Service. The attack does not require authentication and can be carried out over UDP, TCP or TLS. This issue was patched in version 1.10.7.
CVE-2021-40633 1 Giflib Project 1 Giflib 2024-11-21 8.8 High
A memory leak (out-of-memory) in gif2rgb in util/gif2rgb.c in giflib 5.1.4 allows remote attackers trigger an out of memory exception or denial of service via a gif format file.
CVE-2021-40047 1 Huawei 3 Emui, Harmonyos, Magic Ui 2024-11-21 7.5 High
There is a vulnerability of memory not being released after effective lifetime in the Bastet module. Successful exploitation of this vulnerability may affect integrity.
CVE-2021-3905 4 Canonical, Fedoraproject, Openvswitch and 1 more 5 Ubuntu Linux, Fedora, Openvswitch and 2 more 2024-11-21 7.5 High
A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments.
CVE-2021-3764 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2024-11-21 5.5 Medium
A memory leak flaw was found in the Linux kernel's ccp_run_aes_gcm_cmd() function that allows an attacker to cause a denial of service. The vulnerability is similar to the older CVE-2019-18808. The highest threat from this vulnerability is to system availability.
CVE-2021-3744 5 Debian, Fedoraproject, Linux and 2 more 24 Debian Linux, Fedora, Linux Kernel and 21 more 2024-11-21 5.5 Medium
A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808.
CVE-2021-3736 1 Linux 1 Linux Kernel 2024-11-21 5.5 Medium
A flaw was found in the Linux kernel. A memory leak problem was found in mbochs_ioctl in samples/vfio-mdev/mbochs.c in Virtual Function I/O (VFIO) Mediated devices. This flaw could allow a local attacker to leak internal kernel information.
CVE-2021-3690 1 Redhat 14 Camel Quarkus, Enterprise Linux, Fuse and 11 more 2024-11-21 7.5 High
A flaw was found in Undertow. A buffer leak on the incoming WebSocket PONG message may lead to memory exhaustion. This flaw allows an attacker to cause a denial of service. The highest threat from this vulnerability is availability.
CVE-2021-3574 2 Fedoraproject, Imagemagick 2 Fedora, Imagemagick 2024-11-21 3.3 Low
A vulnerability was found in ImageMagick-7.0.11-5, where executing a crafted file with the convert command, ASAN detects memory leaks.
CVE-2021-3544 2 Debian, Qemu 2 Debian Linux, Qemu 2024-11-21 6.5 Medium
Several memory leaks were found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. They exist in contrib/vhost-user-gpu/vhost-user-gpu.c and contrib/vhost-user-gpu/virgl.c due to improper release of memory (i.e., free) after effective lifetime.
CVE-2021-3492 1 Canonical 1 Ubuntu Linux 2024-11-21 8.8 High
Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copy_from_user() correctly. These could lead to either a double-free situation or memory not being freed at all. An attacker could use this to cause a denial of service (kernel memory exhaustion) or gain privileges via executing arbitrary code. AKA ZDI-CAN-13562.
CVE-2021-3181 4 Debian, Fedoraproject, Mutt and 1 more 4 Debian Linux, Fedora, Mutt and 1 more 2024-11-21 6.5 Medium
rfc822.c in Mutt through 2.0.4 allows remote attackers to cause a denial of service (mailbox unavailability) by sending email messages with sequences of semicolon characters in RFC822 address fields (aka terminators of empty groups). A small email message from the attacker can cause large memory consumption, and the victim may then be unable to see email messages from other persons.
CVE-2021-39282 1 Live555 1 Live555 2024-11-21 7.5 High
Live555 through 1.08 has a memory leak in AC3AudioStreamParser for AC3 files.
CVE-2021-39176 1 Detect-character-encoding Project 1 Detect-character-encoding 2024-11-21 7.5 High
detect-character-encoding is a package for detecting character encoding using ICU. In detect-character-encoding v0.3.0 and earlier, allocated memory is not released. The problem has been patched in detect-character-encoding v0.3.1.
CVE-2021-37046 1 Huawei 2 Emui, Magic Ui 2024-11-21 7.5 High
There is a Memory leak vulnerability with the codec detection module in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart due to memory exhaustion.
CVE-2021-36993 1 Huawei 2 Emui, Magic Ui 2024-11-21 7.5 High
There is a Memory leaks vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability.
CVE-2021-35078 1 Qualcomm 214 Aqt1000, Aqt1000 Firmware, Ar8035 and 211 more 2024-11-21 7.5 High
Possible memory leak due to improper validation of certificate chain length while parsing server certificate chain in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CVE-2021-34792 1 Cisco 18 Adaptive Security Appliance Software, Asa 5505, Asa 5505 Firmware and 15 more 2024-11-21 8.6 High
A vulnerability in the memory management of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper resource management when connection rates are high. An attacker could exploit this vulnerability by opening a significant number of connections on an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.