Vulnerabilities (CVE)

Filtered by CWE-401
Total 994 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2025-1634 2025-06-30 N/A 7.5 HIGH
A flaw was found in the quarkus-resteasy extension, which causes memory leaks when client requests with low timeouts are made. If a client request times out, a buffer is not released correctly, leading to increased memory usage and eventual application crash due to OutOfMemoryError.
CVE-2023-28366 1 Eclipse 1 Mosquitto 2025-06-26 N/A 7.5 HIGH
The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function.
CVE-2021-47296 1 Linux 1 Linux Kernel 2025-06-23 N/A 5.5 MEDIUM
In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak vcpu_put is not called if the user copy fails. This can result in preempt notifier corruption and crashes, among other issues.
CVE-2025-6498 2025-06-23 1.7 LOW 3.3 LOW
A vulnerability classified as problematic has been found in HTACG tidy-html5 5.8.0. Affected is the function defaultAlloc of the file src/alloc.c. The manipulation leads to memory leak. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.
CVE-2024-24267 1 Gpac 1 Gpac 2025-06-20 N/A 7.5 HIGH
gpac v2.2.1 was discovered to contain a memory leak via the gfio_blob variable in the gf_fileio_from_blob function.
CVE-2023-4969 3 Amd, Imaginationtech, Khronos 261 Athlon 3000g, Athlon 3000g Firmware, Instinct Mi100 and 258 more 2025-06-20 N/A 6.5 MEDIUM
A GPU kernel can read sensitive data from another GPU kernel (even from another user or app) through an optimized GPU memory region called _local memory_ on various architectures.
CVE-2024-26829 1 Linux 1 Linux Kernel 2025-06-19 N/A 5.5 MEDIUM
In the Linux kernel, the following vulnerability has been resolved: media: ir_toy: fix a memleak in irtoy_tx When irtoy_command fails, buf should be freed since it is allocated by irtoy_tx, or there is a memleak.
CVE-2024-25450 1 Enlightenment 1 Imlib2 2025-06-16 N/A 8.8 HIGH
imlib2 v1.9.1 was discovered to mishandle memory allocation in the function init_imlib_fonts().
CVE-2025-29828 2025-06-12 N/A 8.1 HIGH
Missing release of memory after effective lifetime in Windows Cryptographic Services allows an unauthorized attacker to execute code over a network.
CVE-2019-20386 5 Canonical, Fedoraproject, Netapp and 2 more 7 Ubuntu Linux, Fedora, Active Iq Unified Manager and 4 more 2025-06-09 2.1 LOW 2.4 LOW
An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.
CVE-2024-24258 1 Artifex 1 Mupdf 2025-06-05 N/A 7.5 HIGH
freeglut 3.4.0 was discovered to contain a memory leak via the menuEntry variable in the glutAddSubMenu function.
CVE-2022-23091 1 Freebsd 1 Freebsd 2025-06-04 N/A 4.0 MEDIUM
A particular case of memory sharing is mishandled in the virtual memory system. This is very similar to SA-21:08.vm, but with a different root cause. An unprivileged local user process can maintain a mapping of a page after it is freed, allowing that process to read private data belonging to other processes or the kernel.
CVE-2024-22563 1 Openvswitch 1 Openvswitch 2025-06-02 N/A 7.5 HIGH
openvswitch 2.17.8 was discovered to contain a memory leak via the function xmalloc__ in openvswitch-2.17.8/lib/util.c.
CVE-2025-5324 2025-05-30 1.7 LOW 3.3 LOW
A vulnerability, which was classified as problematic, was found in TechPowerUp GPU-Z 2.23.0. Affected is the function sub_140001880 in the library GPU-Z.sys of the component 0x8000645C IOCTL Handler. The manipulation leads to memory leak. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2022-38178 4 Debian, Fedoraproject, Isc and 1 more 4 Debian Linux, Fedora, Bind and 1 more 2025-05-28 N/A 7.5 HIGH
By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.
CVE-2022-38177 4 Debian, Fedoraproject, Isc and 1 more 4 Debian Linux, Fedora, Bind and 1 more 2025-05-28 N/A 7.5 HIGH
By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.
CVE-2022-2906 1 Isc 1 Bind 2025-05-28 N/A 7.5 HIGH
An attacker can leverage this flaw to gradually erode available memory to the point where named crashes for lack of resources. Upon restart the attacker would have to begin again, but nevertheless there is the potential to deny service.
CVE-2022-35085 1 Swftools 1 Swftools 2025-05-27 N/A 5.5 MEDIUM
SWFTools commit 772e55a2 was discovered to contain a memory leak via /lib/mem.c.
CVE-2024-27508 1 Atheme 1 Atheme 2025-05-23 N/A 7.5 HIGH
Atheme 7.2.12 contains a memory leak vulnerability in /atheme/src/crypto-benchmark/main.c.
CVE-2024-26458 2 Mit, Netapp 12 Kerberos 5, Active Iq Unified Manager, Cloud Volumes Ontap Mediator and 9 more 2025-05-23 N/A 5.3 MEDIUM
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c.