Total
994 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-1634 | 2025-06-30 | N/A | 7.5 HIGH | ||
| A flaw was found in the quarkus-resteasy extension, which causes memory leaks when client requests with low timeouts are made. If a client request times out, a buffer is not released correctly, leading to increased memory usage and eventual application crash due to OutOfMemoryError. | |||||
| CVE-2023-28366 | 1 Eclipse | 1 Mosquitto | 2025-06-26 | N/A | 7.5 HIGH |
| The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function. | |||||
| CVE-2021-47296 | 1 Linux | 1 Linux Kernel | 2025-06-23 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak vcpu_put is not called if the user copy fails. This can result in preempt notifier corruption and crashes, among other issues. | |||||
| CVE-2025-6498 | 2025-06-23 | 1.7 LOW | 3.3 LOW | ||
| A vulnerability classified as problematic has been found in HTACG tidy-html5 5.8.0. Affected is the function defaultAlloc of the file src/alloc.c. The manipulation leads to memory leak. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-24267 | 1 Gpac | 1 Gpac | 2025-06-20 | N/A | 7.5 HIGH |
| gpac v2.2.1 was discovered to contain a memory leak via the gfio_blob variable in the gf_fileio_from_blob function. | |||||
| CVE-2023-4969 | 3 Amd, Imaginationtech, Khronos | 261 Athlon 3000g, Athlon 3000g Firmware, Instinct Mi100 and 258 more | 2025-06-20 | N/A | 6.5 MEDIUM |
| A GPU kernel can read sensitive data from another GPU kernel (even from another user or app) through an optimized GPU memory region called _local memory_ on various architectures. | |||||
| CVE-2024-26829 | 1 Linux | 1 Linux Kernel | 2025-06-19 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: media: ir_toy: fix a memleak in irtoy_tx When irtoy_command fails, buf should be freed since it is allocated by irtoy_tx, or there is a memleak. | |||||
| CVE-2024-25450 | 1 Enlightenment | 1 Imlib2 | 2025-06-16 | N/A | 8.8 HIGH |
| imlib2 v1.9.1 was discovered to mishandle memory allocation in the function init_imlib_fonts(). | |||||
| CVE-2025-29828 | 2025-06-12 | N/A | 8.1 HIGH | ||
| Missing release of memory after effective lifetime in Windows Cryptographic Services allows an unauthorized attacker to execute code over a network. | |||||
| CVE-2019-20386 | 5 Canonical, Fedoraproject, Netapp and 2 more | 7 Ubuntu Linux, Fedora, Active Iq Unified Manager and 4 more | 2025-06-09 | 2.1 LOW | 2.4 LOW |
| An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur. | |||||
| CVE-2024-24258 | 1 Artifex | 1 Mupdf | 2025-06-05 | N/A | 7.5 HIGH |
| freeglut 3.4.0 was discovered to contain a memory leak via the menuEntry variable in the glutAddSubMenu function. | |||||
| CVE-2022-23091 | 1 Freebsd | 1 Freebsd | 2025-06-04 | N/A | 4.0 MEDIUM |
| A particular case of memory sharing is mishandled in the virtual memory system. This is very similar to SA-21:08.vm, but with a different root cause. An unprivileged local user process can maintain a mapping of a page after it is freed, allowing that process to read private data belonging to other processes or the kernel. | |||||
| CVE-2024-22563 | 1 Openvswitch | 1 Openvswitch | 2025-06-02 | N/A | 7.5 HIGH |
| openvswitch 2.17.8 was discovered to contain a memory leak via the function xmalloc__ in openvswitch-2.17.8/lib/util.c. | |||||
| CVE-2025-5324 | 2025-05-30 | 1.7 LOW | 3.3 LOW | ||
| A vulnerability, which was classified as problematic, was found in TechPowerUp GPU-Z 2.23.0. Affected is the function sub_140001880 in the library GPU-Z.sys of the component 0x8000645C IOCTL Handler. The manipulation leads to memory leak. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2022-38178 | 4 Debian, Fedoraproject, Isc and 1 more | 4 Debian Linux, Fedora, Bind and 1 more | 2025-05-28 | N/A | 7.5 HIGH |
| By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources. | |||||
| CVE-2022-38177 | 4 Debian, Fedoraproject, Isc and 1 more | 4 Debian Linux, Fedora, Bind and 1 more | 2025-05-28 | N/A | 7.5 HIGH |
| By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources. | |||||
| CVE-2022-2906 | 1 Isc | 1 Bind | 2025-05-28 | N/A | 7.5 HIGH |
| An attacker can leverage this flaw to gradually erode available memory to the point where named crashes for lack of resources. Upon restart the attacker would have to begin again, but nevertheless there is the potential to deny service. | |||||
| CVE-2022-35085 | 1 Swftools | 1 Swftools | 2025-05-27 | N/A | 5.5 MEDIUM |
| SWFTools commit 772e55a2 was discovered to contain a memory leak via /lib/mem.c. | |||||
| CVE-2024-27508 | 1 Atheme | 1 Atheme | 2025-05-23 | N/A | 7.5 HIGH |
| Atheme 7.2.12 contains a memory leak vulnerability in /atheme/src/crypto-benchmark/main.c. | |||||
| CVE-2024-26458 | 2 Mit, Netapp | 12 Kerberos 5, Active Iq Unified Manager, Cloud Volumes Ontap Mediator and 9 more | 2025-05-23 | N/A | 5.3 MEDIUM |
| Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c. | |||||