Total
990 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-46944 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: media: staging/intel-ipu3: Fix memory leak in imu_fmt We are losing the reference to an allocated memory if try. Change the order of the check to avoid that. | |||||
| CVE-2021-46924 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: NFC: st21nfca: Fix memory leak in device probe and remove 'phy->pending_skb' is alloced when device probe, but forgot to free in the error handling path and remove path, this cause memory leak as follows: unreferenced object 0xffff88800bc06800 (size 512): comm "8", pid 11775, jiffies 4295159829 (age 9.032s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<00000000d66c09ce>] __kmalloc_node_track_caller+0x1ed/0x450 [<00000000c93382b3>] kmalloc_reserve+0x37/0xd0 [<000000005fea522c>] __alloc_skb+0x124/0x380 [<0000000019f29f9a>] st21nfca_hci_i2c_probe+0x170/0x8f2 Fix it by freeing 'pending_skb' in error and remove. | |||||
| CVE-2021-46481 | 1 Jsish | 1 Jsish | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Jsish v3.5.0 was discovered to contain a memory leak via linenoise at src/linenoise.c. | |||||
| CVE-2021-46082 | 1 Moxa | 12 Mgate 5101-pbm-mn, Mgate 5101-pbm-mn-t, Mgate 5101-pbm-mn-t Firmware and 9 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| Moxa TN-5900 v3.1 series routers, MGate 5109 v2.2 series protocol gateways, and MGate 5101-PBM-MN v2.1 series protocol gateways were discovered to contain a memory leak which allows attackers to cause a Denial of Service (DoS) via crafted packets. | |||||
| CVE-2021-45481 | 1 Webkitgtk | 1 Webkitgtk | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| In WebKitGTK before 2.32.4, there is incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create, leading to a segmentation violation and application crash, a different vulnerability than CVE-2021-30889. | |||||
| CVE-2021-45480 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-11-21 | 4.7 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in the Linux kernel before 5.15.11. There is a memory leak in the __rds_conn_create() function in net/rds/connection.c in a certain combination of circumstances. | |||||
| CVE-2021-45346 | 2 Netapp, Sqlite | 2 Ontap Select Deploy Administration Utility, Sqlite | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| A Memory Leak vulnerability exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries (made via editing the Database File), it is possible to query a record, and leak subsequent bytes of memory that extend beyond the record, which could let a malicious user obtain sensitive information. NOTE: The developer disputes this as a vulnerability stating that If you give SQLite a corrupted database file and submit a query against the database, it might read parts of the database that you did not intend or expect. | |||||
| CVE-2021-44961 | 1 Slic3r | 1 Libslic3r | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| A memory leakage flaw exists in the class PerimeterGenerator of Slic3r libslic3r 1.3.0 and Master Commit b1a5500. Specially crafted stl files can exhaust available memory. An attacker can provide malicious files to trigger this vulnerability. | |||||
| CVE-2021-44542 | 1 Privoxy | 1 Privoxy | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A memory leak vulnerability was found in Privoxy when handling errors. | |||||
| CVE-2021-44541 | 1 Privoxy | 1 Privoxy | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability was found in Privoxy which was fixed in process_encrypted_request_headers() by freeing header memory when failing to get the request destination. | |||||
| CVE-2021-44540 | 1 Privoxy | 1 Privoxy | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability was found in Privoxy which was fixed in get_url_spec_param() by freeing memory of compiled pattern spec before bailing. | |||||
| CVE-2021-42523 | 1 Colord Project | 1 Colord | 2024-11-21 | N/A | 7.5 HIGH |
| There are two Information Disclosure vulnerabilities in colord, and they lie in colord/src/cd-device-db.c and colord/src/cd-profile-db.c separately. They exist because the 'err_msg' of 'sqlite3_exec' is not releasing after use, while libxml2 emphasizes that the caller needs to release it. | |||||
| CVE-2021-42522 | 1 Gnome | 1 Anjuta | 2024-11-21 | N/A | 7.5 HIGH |
| There is a Information Disclosure vulnerability in anjuta/plugins/document-manager/anjuta-bookmarks.c. This issue was caused by the incorrect use of libxml2 API. The vendor forgot to call 'g_free()' to release the return value of 'xmlGetProp()'. | |||||
| CVE-2021-42218 | 1 Rice | 1 Open Motion Planning Library | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| OMPL v1.5.2 contains a memory leak in VFRRT.cpp | |||||
| CVE-2021-42197 | 1 Swftools | 1 Swftools | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in swftools through 20201222 through a memory leak in the swftools when swfdump is used. It allows an attacker to cause code execution. | |||||
| CVE-2021-41959 | 1 Jerryscript | 1 Jerryscript | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| JerryScript Git version 14ff5bf does not sufficiently track and release allocated memory via jerry-core/ecma/operations/ecma-regexp-object.c after RegExp, which causes a memory leak. | |||||
| CVE-2021-41690 | 1 Offis | 1 Dcmtk | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| DCMTK through 3.6.6 does not handle memory free properly. The malloced memory for storing all file information are recorded in a global variable LST and are not freed properly. Sending specific requests to the dcmqrdb program can incur a memory leak. An attacker can use it to launch a DoS attack. | |||||
| CVE-2021-41687 | 1 Offis | 1 Dcmtk | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| DCMTK through 3.6.6 does not handle memory free properly. The program malloc a heap memory for parsing data, but does not free it when error in parsing. Sending specific requests to the dcmqrdb program incur the memory leak. An attacker can use it to launch a DoS attack. | |||||
| CVE-2021-41490 | 1 Rice | 1 Open Motion Planning Library | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Memory leaks in LazyPRM.cpp of OMPL v1.5.0 can cause unexpected behavior. | |||||
| CVE-2021-41229 | 2 Bluez, Debian | 2 Bluez, Debian Linux | 2024-11-21 | 3.3 LOW | 4.3 MEDIUM |
| BlueZ is a Bluetooth protocol stack for Linux. In affected versions a vulnerability exists in sdp_cstate_alloc_buf which allocates memory which will always be hung in the singly linked list of cstates and will not be freed. This will cause a memory leak over time. The data can be a very large object, which can be caused by an attacker continuously sending sdp packets and this may cause the service of the target device to crash. | |||||