Total
391 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-1999043 | 1 Jenkins | 1 Jenkins | 2019-10-02 | 5.0 MEDIUM | 7.5 HIGH |
A denial of service vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in BasicAuthenticationFilter.java, BasicHeaderApiTokenAuthenticator.java that allows attackers to create ephemeral in-memory user records by attempting to log in using invalid credentials. | |||||
CVE-2018-20002 | 3 F5, Gnu, Netapp | 4 Traffix Signaling Delivery Controller, Binutils, Cluster Data Ontap and 1 more | 2019-10-02 | 4.3 MEDIUM | 5.5 MEDIUM |
The _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service (memory consumption), as demonstrated by nm. | |||||
CVE-2018-20407 | 1 Axiosys | 1 Bento4 | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
An issue was discovered in Bento4 1.5.1-627. There is a memory leak in AP4_DescriptorFactory::CreateDescriptorFromStream in Core/Ap4DescriptorFactory.cpp, as demonstrated by mp42hls. | |||||
CVE-2018-20408 | 1 Axiosys | 1 Bento4 | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
An issue was discovered in Bento4 1.5.1-627. There is a memory leak in AP4_StdcFileByteStream::Create in System/StdC/Ap4StdCFileByteStream.cpp, as demonstrated by mp42hls. | |||||
CVE-2017-13066 | 1 Graphicsmagick | 1 Graphicsmagick | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
GraphicsMagick 1.3.26 has a memory leak vulnerability in the function CloneImage in magick/image.c. | |||||
CVE-2018-5179 | 1 Mozilla | 1 Firefox | 2019-10-02 | 5.0 MEDIUM | 7.5 HIGH |
A service worker can send the activate event on itself periodically which allows it to run perpetually, allowing it to monitor activity by users. Affects all versions prior to Firefox 60. | |||||
CVE-2018-5246 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImage in coders/pattern.c. | |||||
CVE-2018-5247 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadRLAImage in coders/rla.c. | |||||
CVE-2018-5357 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
ImageMagick 7.0.7-22 Q16 has memory leaks in the ReadDCMImage function in coders/dcm.c. | |||||
CVE-2018-5358 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
ImageMagick 7.0.7-22 Q16 has memory leaks in the EncodeImageAttributes function in coders/json.c, as demonstrated by the ReadPSDLayersInternal function in coders/psd.c. | |||||
CVE-2018-5527 | 1 F5 | 13 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 10 more | 2019-10-02 | 7.8 HIGH | 7.5 HIGH |
On BIG-IP 13.1.0-13.1.0.7, a remote attacker using undisclosed methods against virtual servers configured with a Client SSL or Server SSL profile that has the SSL Forward Proxy feature enabled can force the Traffic Management Microkernel (tmm) to leak memory. As a result, system memory usage increases over time, which may eventually cause a decrease in performance or a system reboot due to memory exhaustion. | |||||
CVE-2018-5536 | 1 F5 | 1 Big-ip Access Policy Manager | 2019-10-02 | 5.0 MEDIUM | 7.5 HIGH |
A remote attacker via undisclosed measures, may be able to exploit an F5 BIG-IP APM 13.0.0-13.1.0.7 or 12.1.0-12.1.3.5 virtual server configured with an APM per-request policy object and cause a memory leak in the APM module. | |||||
CVE-2017-13062 | 1 Imagemagick | 1 Imagemagick | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function formatIPTC in coders/meta.c, which allows attackers to cause a denial of service (WriteMETAImage memory consumption) via a crafted file. | |||||
CVE-2018-6957 | 1 Vmware | 3 Fusion, Workstation Player, Workstation Pro | 2019-10-02 | 3.5 LOW | 5.3 MEDIUM |
VMware Workstation (14.x before 14.1.1, 12.x) and Fusion (10.x before 10.1.1 and 8.x) contain a denial-of-service vulnerability which can be triggered by opening a large number of VNC sessions. Note: In order for exploitation to be possible on Workstation and Fusion, VNC must be manually enabled. | |||||
CVE-2018-7727 | 2 Redhat, Zziplib Project | 4 Enterprise Linux Desktop, Enterprise Linux Server, Enterprise Linux Workstation and 1 more | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
An issue was discovered in ZZIPlib 0.13.68. There is a memory leak triggered in the function zzip_mem_disk_new in memdisk.c, which will lead to a denial of service attack. | |||||
CVE-2018-7757 | 1 Linux | 1 Linux Kernel | 2019-10-02 | 2.1 LOW | 5.5 MEDIUM |
Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (memory consumption) via many read accesses to files in the /sys/class/sas_phy directory, as demonstrated by the /sys/class/sas_phy/phy-1:0:12/invalid_dword_count file. | |||||
CVE-2018-7869 | 2 Debian, Libming | 2 Debian Linux, Libming | 2019-10-02 | 4.3 MEDIUM | 7.5 HIGH |
There is a memory leak triggered in the function dcinit of util/decompile.c in libming 0.4.8, which will lead to a denial of service attack. | |||||
CVE-2018-7994 | 1 Huawei | 7 Ips Module, Ngfw Module, Nip6300 and 4 more | 2019-10-02 | 7.8 HIGH | 7.5 HIGH |
Some Huawei products IPS Module V500R001C50; NGFW Module V500R001C50; V500R002C10; NIP6300 V500R001C50; NIP6600 V500R001C50; NIP6800 V500R001C50; Secospace USG6600 V500R001C50; USG9500 V500R001C50 have a memory leak vulnerability. The software does not release allocated memory properly when processing Protal questionnaire. A remote attacker could send a lot questionnaires to the device, successful exploit could cause the device to reboot since running out of memory. | |||||
CVE-2018-8087 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2019-10-02 | 4.9 MEDIUM | 5.5 MEDIUM |
Memory leak in the hwsim_new_radio_nl function in drivers/net/wireless/mac80211_hwsim.c in the Linux kernel through 4.15.9 allows local users to cause a denial of service (memory consumption) by triggering an out-of-array error case. | |||||
CVE-2018-9268 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2019-10-02 | 5.0 MEDIUM | 7.5 HIGH |
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-smb2.c has a memory leak. |