Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-772
Total 391 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-1999043 1 Jenkins 1 Jenkins 2019-10-02 5.0 MEDIUM 7.5 HIGH
A denial of service vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in BasicAuthenticationFilter.java, BasicHeaderApiTokenAuthenticator.java that allows attackers to create ephemeral in-memory user records by attempting to log in using invalid credentials.
CVE-2018-20002 3 F5, Gnu, Netapp 4 Traffix Signaling Delivery Controller, Binutils, Cluster Data Ontap and 1 more 2019-10-02 4.3 MEDIUM 5.5 MEDIUM
The _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service (memory consumption), as demonstrated by nm.
CVE-2018-20407 1 Axiosys 1 Bento4 2019-10-02 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in Bento4 1.5.1-627. There is a memory leak in AP4_DescriptorFactory::CreateDescriptorFromStream in Core/Ap4DescriptorFactory.cpp, as demonstrated by mp42hls.
CVE-2018-20408 1 Axiosys 1 Bento4 2019-10-02 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in Bento4 1.5.1-627. There is a memory leak in AP4_StdcFileByteStream::Create in System/StdC/Ap4StdCFileByteStream.cpp, as demonstrated by mp42hls.
CVE-2017-13066 1 Graphicsmagick 1 Graphicsmagick 2019-10-02 4.3 MEDIUM 6.5 MEDIUM
GraphicsMagick 1.3.26 has a memory leak vulnerability in the function CloneImage in magick/image.c.
CVE-2018-5179 1 Mozilla 1 Firefox 2019-10-02 5.0 MEDIUM 7.5 HIGH
A service worker can send the activate event on itself periodically which allows it to run perpetually, allowing it to monitor activity by users. Affects all versions prior to Firefox 60.
CVE-2018-5246 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2019-10-02 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImage in coders/pattern.c.
CVE-2018-5247 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2019-10-02 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadRLAImage in coders/rla.c.
CVE-2018-5357 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2019-10-02 4.3 MEDIUM 6.5 MEDIUM
ImageMagick 7.0.7-22 Q16 has memory leaks in the ReadDCMImage function in coders/dcm.c.
CVE-2018-5358 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2019-10-02 4.3 MEDIUM 6.5 MEDIUM
ImageMagick 7.0.7-22 Q16 has memory leaks in the EncodeImageAttributes function in coders/json.c, as demonstrated by the ReadPSDLayersInternal function in coders/psd.c.
CVE-2018-5527 1 F5 13 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 10 more 2019-10-02 7.8 HIGH 7.5 HIGH
On BIG-IP 13.1.0-13.1.0.7, a remote attacker using undisclosed methods against virtual servers configured with a Client SSL or Server SSL profile that has the SSL Forward Proxy feature enabled can force the Traffic Management Microkernel (tmm) to leak memory. As a result, system memory usage increases over time, which may eventually cause a decrease in performance or a system reboot due to memory exhaustion.
CVE-2018-5536 1 F5 1 Big-ip Access Policy Manager 2019-10-02 5.0 MEDIUM 7.5 HIGH
A remote attacker via undisclosed measures, may be able to exploit an F5 BIG-IP APM 13.0.0-13.1.0.7 or 12.1.0-12.1.3.5 virtual server configured with an APM per-request policy object and cause a memory leak in the APM module.
CVE-2017-13062 1 Imagemagick 1 Imagemagick 2019-10-02 4.3 MEDIUM 6.5 MEDIUM
In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function formatIPTC in coders/meta.c, which allows attackers to cause a denial of service (WriteMETAImage memory consumption) via a crafted file.
CVE-2018-6957 1 Vmware 3 Fusion, Workstation Player, Workstation Pro 2019-10-02 3.5 LOW 5.3 MEDIUM
VMware Workstation (14.x before 14.1.1, 12.x) and Fusion (10.x before 10.1.1 and 8.x) contain a denial-of-service vulnerability which can be triggered by opening a large number of VNC sessions. Note: In order for exploitation to be possible on Workstation and Fusion, VNC must be manually enabled.
CVE-2018-7727 2 Redhat, Zziplib Project 4 Enterprise Linux Desktop, Enterprise Linux Server, Enterprise Linux Workstation and 1 more 2019-10-02 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in ZZIPlib 0.13.68. There is a memory leak triggered in the function zzip_mem_disk_new in memdisk.c, which will lead to a denial of service attack.
CVE-2018-7757 1 Linux 1 Linux Kernel 2019-10-02 2.1 LOW 5.5 MEDIUM
Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (memory consumption) via many read accesses to files in the /sys/class/sas_phy directory, as demonstrated by the /sys/class/sas_phy/phy-1:0:12/invalid_dword_count file.
CVE-2018-7869 2 Debian, Libming 2 Debian Linux, Libming 2019-10-02 4.3 MEDIUM 7.5 HIGH
There is a memory leak triggered in the function dcinit of util/decompile.c in libming 0.4.8, which will lead to a denial of service attack.
CVE-2018-7994 1 Huawei 7 Ips Module, Ngfw Module, Nip6300 and 4 more 2019-10-02 7.8 HIGH 7.5 HIGH
Some Huawei products IPS Module V500R001C50; NGFW Module V500R001C50; V500R002C10; NIP6300 V500R001C50; NIP6600 V500R001C50; NIP6800 V500R001C50; Secospace USG6600 V500R001C50; USG9500 V500R001C50 have a memory leak vulnerability. The software does not release allocated memory properly when processing Protal questionnaire. A remote attacker could send a lot questionnaires to the device, successful exploit could cause the device to reboot since running out of memory.
CVE-2018-8087 3 Canonical, Debian, Linux 3 Ubuntu Linux, Debian Linux, Linux Kernel 2019-10-02 4.9 MEDIUM 5.5 MEDIUM
Memory leak in the hwsim_new_radio_nl function in drivers/net/wireless/mac80211_hwsim.c in the Linux kernel through 4.15.9 allows local users to cause a denial of service (memory consumption) by triggering an out-of-array error case.
CVE-2018-9268 2 Debian, Wireshark 2 Debian Linux, Wireshark 2019-10-02 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-smb2.c has a memory leak.