CWE-404— Improper Resource Shutdown or Release
684 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-404page 1 of 14
- CVE-2010-10001MEDIUMCVSS 5.3EG 5.52022-03-28
A vulnerability, which was classified as problematic, was found in Shemes GrabIt up to 1.7.2 Beta 4. This affects the component NZB Date Parser. The manipulation of the argument date with the input 1000000000000000 as part of a NZB File le…
- CVE-2010-4038HIGHCVSS 7.5EG 7.52010-10-21
The Web Sockets implementation in Google Chrome before 7.0.517.41 does not properly handle a shutdown action, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
- CVE-2013-1054MEDIUMCVSS 4.3EG 6.52021-04-07
The unity-firefox-extension package could be tricked into destroying the Unity webapps context, causing Firefox to crash. This could be achieved by spinning the event loop inside the webapps initialization callback. Fixed in 3.0.0+14.04.20…
- CVE-2013-1055MEDIUMCVSS 4.3EG 4.32021-04-07
The unity-firefox-extension package could be tricked into dropping a C callback which was still in use, which Firefox would then free, causing Firefox to crash. This could be achieved by adding an action to the launcher and updating it wit…
- CVE-2013-4133HIGHCVSS 7.5EG 7.52019-12-10
kde-workspace before 4.10.5 has a memory leak in plasma desktop
- CVE-2014-125066MEDIUMCVSS 4.3EG 7.52023-01-08
A vulnerability was found in emmflo yuko-bot. It has been declared as problematic. This vulnerability affects unknown code. The manipulation of the argument title leads to denial of service. The attack can be initiated remotely. The name o…
- CVE-2015-10002MEDIUMCVSS 5.3EG 5.52022-03-28
A vulnerability classified as problematic has been found in Kiddoware Kids Place. This affects the Home Button Protection. A repeated pressing of the button causes a local denial of service. It is recommended to upgrade the affected compon…
- CVE-2015-10025LOWCVSS 3.5EG 7.52023-01-07
A vulnerability has been found in luelista miniConf up to 1.7.6 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file miniConf/MessageView.cs of the component URL Scanning. The manipulation l…
- CVE-2015-10085LOWCVSS 3.5EG 3.52023-02-21
A vulnerability was found in GoPistolet. It has been declared as problematic. This vulnerability affects unknown code of the component MTA. The manipulation leads to denial of service. Continious delivery with rolling releases is used by t…
- CVE-2016-15024LOWCVSS 2.5EG 5.52023-02-19
A vulnerability was found in doomsider shadow. It has been classified as problematic. Affected is an unknown function. The manipulation leads to denial of service. Attacking locally is a requirement. The complexity of an attack is rather h…
- CVE-2017-1000411HIGHCVSS 7.5EG 7.52018-01-31
OpenFlow Plugin and OpenDayLight Controller versions Nitrogen, Carbon, Boron, Robert Varga, Anil Vishnoi contain a flaw when multiple 'expired' flows take up the memory resource of CONFIG DATASTORE which leads to CONTROLLER shutdown. If mu…
- CVE-2017-18898MEDIUMCVSS 5.3EG 5.32020-06-19
An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. It allows crafted posts that potentially cause a web browser to hang.
- CVE-2017-20011LOWCVSS 2.8EG 5.52022-03-28
A vulnerability was found in WEKA INTEREST Security Scanner 1.8. It has been rated as problematic. This issue affects some unknown processing of the component HTTP Handler. The manipulation with an unknown input leads to denial of service.…
- CVE-2017-20012LOWCVSS 2.8EG 5.52022-03-28
A vulnerability classified as problematic has been found in WEKA INTEREST Security Scanner up to 1.8. Affected is Stresstest Scheme Handler which leads to a denial of service. The attack needs to be approached locally. The exploit has been…
- CVE-2017-20013LOWCVSS 2.8EG 5.52022-03-28
A vulnerability classified as problematic was found in WEKA INTEREST Security Scanner up to 1.8. Affected by this vulnerability is the Stresstest Configuration Handler. A manipulation leads to a local denial of service. The exploit has bee…
- CVE-2017-20014LOWCVSS 2.8EG 5.52022-03-28
A vulnerability, which was classified as problematic, has been found in WEKA INTEREST Security Scanner up to 1.8. Affected by this issue is some unknown functionality of the component Webspider. The manipulation with an unknown input leads…
- CVE-2017-20015LOWCVSS 2.8EG 5.52022-03-28
A vulnerability, which was classified as problematic, was found in WEKA INTEREST Security Scanner up to 1.8. This affects an unknown part of the component LAN Viewer. The manipulation with an unknown input leads to denial of service. Attac…
- CVE-2017-20024MEDIUMCVSS 5.3EG 7.52022-06-09
A vulnerability was found in Solare Solar-Log 2.8.4-56/3.5.2-85. It has been classified as problematic. Affected is an unknown function. The manipulation leads to denial of service. It is possible to launch the attack remotely. Upgrading t…
- CVE-2017-20154LOWCVSS 3.5EG 7.52022-12-30
A vulnerability was found in ghostlander Phoenixcoin. It has been classified as problematic. Affected is the function CTxMemPool::accept of the file src/main.cpp. The manipulation leads to denial of service. Upgrading to version 0.6.6.1-px…
- CVE-2017-20186LOWCVSS 3.5EG 3.52023-08-28
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in nikooo777 ckSurf up to 1.19.2. It has been declared as problematic. This vulnerability affects the function SpecListMenuDead of the file csgo/addons/sourcemod/scripting/ckSurf/mi…
- CVE-2017-6627HIGHCVSS 7.5EG 9.0⚠ KEV2017-09-07
A vulnerability in the UDP processing code of Cisco IOS 15.1, 15.2, and 15.4 and IOS XE 3.14 through 3.18 could allow an unauthenticated, remote attacker to cause the input queue of an affected system to hold UDP packets, causing an interf…
- CVE-2018-1000808MEDIUMCVSS 5.9EG 5.92018-10-08
Python Cryptographic Authority pyopenssl version Before 17.5.0 contains a CWE - 401 : Failure to Release Memory Before Removing Last Reference vulnerability in PKCS #12 Store that can result in Denial of service if memory runs low or is ex…
- CVE-2018-11055MEDIUMCVSS 5.5EG 5.52018-08-31
RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6.1 (in 4.1.x), contains an Improper Clearing of Heap Memory Before Release ('Heap Inspection') vulnerability. Decoded PKCS #12 data in heap memory is not …
- CVE-2018-19591HIGHCVSS 7.5EG 7.52018-12-04
In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. This is related to the if_nametoindex() function.
- CVE-2018-25021HIGHCVSS 7.5EG 7.52021-12-13
The TCP Server module in toxcore before 0.2.8 doesn't free the TCP priority queue under certain conditions, which allows a remote attacker to exhaust the system's memory, causing a denial of service (DoS).
- CVE-2018-25062LOWCVSS 3.5EG 7.52023-01-01
A vulnerability classified as problematic has been found in flar2 ElementalX up to 6.x on Nexus 9. Affected is the function xfrm_dump_policy_done of the file net/xfrm/xfrm_user.c of the component ipsec. The manipulation leads to denial of …
- CVE-2018-25087LOWCVSS 3.5EG 3.52023-06-06
A vulnerability classified as problematic was found in Arborator Server. This vulnerability affects the function start of the file project.cgi. The manipulation of the argument project leads to denial of service. Continious delivery with r…
- CVE-2018-25098MEDIUMCVSS 4.3EG 4.32024-02-04
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in blockmason credit-protocol. It has been declared as problematic. Affected by this vulnerability is the function executeUcacTx of the file contracts/CreditProtocol.sol of the comp…
- CVE-2018-6592HIGHCVSS 7.8EG 7.82018-02-19
Unisys Stealth 3.3 Windows endpoints before 3.3.016.1 allow local users to gain access to Stealth-enabled devices by leveraging improper cleanup of memory used for negotiation key storage.
- CVE-2018-8120HIGHCVSS 7.0EG 9.0⚠ KEV2018-05-09
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server …
- CVE-2018-8124HIGHCVSS 7.0EG 7.02018-05-09
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8…
- CVE-2018-8164HIGHCVSS 7.8EG 7.82018-05-09
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8…
- CVE-2018-8165HIGHCVSS 7.8EG 7.82018-05-09
An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2016, Wi…
- CVE-2018-8166HIGHCVSS 7.0EG 7.02018-05-09
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8…
- CVE-2018-8167HIGHCVSS 7.0EG 7.02018-05-09
An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka "Windows Common Log File System Driver Elevation of Privilege Vulnerability." This affects Windo…
- CVE-2018-8169HIGHCVSS 7.0EG 7.02018-06-14
An elevation of privilege vulnerability exists when the (Human Interface Device) HID Parser Library driver improperly handles objects in memory, aka "HIDParser Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2…
- CVE-2018-8170HIGHCVSS 7.0EG 7.02018-05-09
An elevation of privilege vulnerability exists in the way that the Windows kernel image handles objects in memory, aka "Windows Image Elevation of Privilege Vulnerability." This affects Windows 10, Windows 10 Servers.
- CVE-2018-8210HIGHCVSS 7.8EG 7.82018-06-14
A remote code execution vulnerability exists when Windows improperly handles objects in memory, aka "Windows Remote Code Execution Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows Server 201…
- CVE-2018-8213HIGHCVSS 7.8EG 7.82018-06-14
A remote code execution vulnerability exists when Windows improperly handles objects in memory, aka "Windows Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from…
- CVE-2018-8224HIGHCVSS 7.0EG 7.02018-06-14
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 …
- CVE-2018-8233HIGHCVSS 7.8EG 7.82018-06-14
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 10, Windows 10 Servers.
- CVE-2018-8282HIGHCVSS 7.8EG 7.82018-07-11
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Wi…
- CVE-2018-8308MEDIUMCVSS 6.6EG 6.62018-07-11
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, W…
- CVE-2018-8329HIGHCVSS 7.8EG 7.82018-10-10
An Elevation of Privilege vulnerability exists in Windows Subsystem for Linux when it fails to properly handle objects in memory, aka "Linux On Windows Elevation Of Privilege Vulnerability." This affects Windows 10, Windows 10 Servers.
- CVE-2018-8333HIGHCVSS 7.0EG 7.02018-10-10
An Elevation of Privilege vulnerability exists in Filter Manager when it improperly handles objects in memory, aka "Microsoft Filter Manager Elevation Of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT …
- CVE-2018-8399HIGHCVSS 7.0EG 7.02018-08-15
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 10 Servers, Windows 10. This CVE ID is …
- CVE-2018-8400HIGHCVSS 7.8EG 7.82018-08-15
An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability." This affects Windows 10 Servers, Win…
- CVE-2018-8401HIGHCVSS 7.8EG 7.82018-08-15
An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2016, Wi…
- CVE-2018-8404HIGHCVSS 7.0EG 7.02018-08-15
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows Serv…
- CVE-2018-8405HIGHCVSS 7.8EG 9.0⚠ KEV2018-08-15
An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2,…
Map vulnerabilities like CWE-404 to your infrastructure
EchelonGraph correlates every CVE — across CWE-404 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →