CWE-772— Missing Release of Resource after Effective Lifetime
308 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-772page 1 of 7
- CVE-1999-1127HIGHCVSS 7.5EG 7.51999-12-31
Windows NT 4.0 does not properly shut down invalid named pipe RPC connections, which allows remote attackers to cause a denial of service (resource exhaustion) via a series of connections containing malformed data, aka the "Named Pipes Ove…
- CVE-2003-0132NONECVSS 0.0EG 9.02003-04-11
A memory leak in Apache 2.0 through 2.0.44 allows remote attackers to cause a denial of service (memory consumption) via large chunks of linefeed characters, which causes Apache to allocate 80 bytes for each linefeed.
- CVE-2007-0897HIGHCVSS 7.5EG 7.52007-02-16
Clam AntiVirus ClamAV before 0.90 does not close open file descriptors under certain conditions, which allows remote attackers to cause a denial of service (file descriptor consumption and failed scans) via CAB archives with a cabinet head…
- CVE-2007-4103HIGHCVSS 7.5EG 7.52007-07-31
The IAX2 channel driver (chan_iax2) in Asterisk Open 1.2.x before 1.2.23, 1.4.x before 1.4.9, and Asterisk Appliance Developer Kit before 0.6.0, when configured to allow unauthenticated calls, allows remote attackers to cause a denial of s…
- CVE-2008-2122HIGHCVSS 7.5EG 7.52008-05-09
IBM Rational Build Forge 7.0.2 allows remote attackers to cause a denial of service (CPU consumption) via a port scan, which spawns multiple bfagent server processes that attempt to read data from closed sockets.
- CVE-2008-3799NONECVSS 0.0EG 0.02008-09-26
Memory leak in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote attackers to cause a denial of service (memory consumption and voice-service outage) via unspecified…
- CVE-2009-2903NONECVSS 0.0EG 0.02009-09-15
Memory leak in the appletalk subsystem in the Linux kernel 2.4.x through 2.4.37.6 and 2.6.x through 2.6.31, when the appletalk and ipddp modules are loaded but the ipddp"N" device is not found, allows remote attackers to cause a denial of …
- CVE-2009-3519NONECVSS 0.0EG 0.02009-10-01
Multiple memory leaks in the IP module in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_109, allow local users to cause a denial of service (memory consumption) via vectors related to (1) M_DATA, (2) M_PROTO, (3) M_PCP…
- CVE-2009-5039NONECVSS 0.0EG 0.02011-01-07
Memory leak in the gk_circuit_info_do_in_acf function in the H.323 implementation in Cisco IOS before 15.0(1)XA allows remote attackers to cause a denial of service (memory consumption) via a large number of calls over a long duration, as …
- CVE-2010-4657HIGHCVSS 7.5EG 7.52019-11-13
PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which are then misparsed by libxml2. This results in memory leak into the resulting output.
- CVE-2010-4683NONECVSS 0.0EG 0.02011-01-07
Memory leak in Cisco IOS before 15.0(1)XA5 might allow remote attackers to cause a denial of service (memory consumption) by sending a crafted SIP REGISTER message over UDP, aka Bug ID CSCtg41733.
- CVE-2011-1488MEDIUMCVSS 5.5EG 5.52019-11-14
A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when $RepeatedMsgReduction was enabled. A local attacker could use this flaw to cause a denial of the rsyslogd daemon service by crashing t…
- CVE-2011-1489MEDIUMCVSS 5.5EG 5.52019-11-14
A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages were logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cau…
- CVE-2011-1490MEDIUMCVSS 5.5EG 5.52019-11-14
A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could caus…
- CVE-2011-2498MEDIUMCVSS 5.5EG 5.52020-02-20
The Linux kernel from v2.3.36 before v2.6.39 allows local unprivileged users to cause a denial of service (memory consumption) by triggering creation of PTE pages.
- CVE-2011-4661HIGHCVSS 7.5EG 7.52020-02-12
A memory leak vulnerability exists in Cisco IOS before 15.2(1)T due to a memory leak in the HTTP PROXY Server process (aka CSCtu52820), when configured with Cisco ISR Web Security with Cisco ScanSafe and User Authenticaiton NTLM configured.
- CVE-2013-6707NONECVSS 0.0EG 0.02013-12-07
Memory leak in the connection-manager implementation in Cisco Adaptive Security Appliance (ASA) Software 9.1(.3) and earlier allows remote attackers to cause a denial of service (multi-protocol management outage) by making multiple managem…
- CVE-2017-0855HIGHCVSS 7.5EG 7.52018-01-12
In MPEG4Extractor.cpp, there are several places where functions return early without cleaning up internal buffers which could lead to memory leaks. This could lead to remote denial of service of a critical system process with no additional…
- CVE-2017-1000408HIGHCVSS 7.8EG 7.82018-02-01
A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached and amplified through the LD_HWCAP_MASK environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366.
- CVE-2017-12463HIGHCVSS 7.5EG 7.52018-02-07
Memory leak in the ccnl_app_RX function in ccnl-uapi.c in CCN-lite before 2.00 allows context-dependent attackers to cause a denial of service (memory consumption) via vectors involving an envelope_s structure pointer when the packet forma…
- CVE-2017-12467HIGHCVSS 7.5EG 7.52018-02-07
Memory leak in CCN-lite before 2.00 allows context-dependent attackers to cause a denial of service (memory consumption) by leveraging failure to allocate memory for the comp or complen structure member.
- CVE-2017-13196HIGHCVSS 7.5EG 7.52018-01-12
In several places in ihevcd_decode.c, a dead loop could occur due to incomplete frames which could lead to memory leaks. This could lead to a remote denial of service of a critical system process with no additional execution privileges nee…
- CVE-2017-13234MEDIUMCVSS 6.5EG 6.52018-02-12
In DLSParser of the sonivox library, there is possible resource exhaustion due to a memory leak. This could lead to remote temporary denial of service with no additional execution privileges needed. User interaction is needed for exploitat…
- CVE-2017-15094MEDIUMCVSS 5.9EG 5.92018-01-23
An issue has been found in the DNSSEC parsing code of PowerDNS Recursor from 4.0.0 up to and including 4.0.6 leading to a memory leak when parsing specially crafted DNSSEC ECDSA keys. These keys are only parsed when validation is enabled b…
- CVE-2017-15132HIGHCVSS 7.5EG 7.52018-01-25
A flaw was found in dovecot 2.0 up to 2.2.33 and 2.3.0. An abort of SASL authentication results in a memory leak in dovecot's auth client used by login processes. The leak has impact in high performance configuration where same login proce…
- CVE-2017-15314MEDIUMCVSS 5.5EG 5.52018-03-09
Huawei DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900,…
- CVE-2017-15315MEDIUMCVSS 6.5EG 6.52018-03-09
Patch module of Huawei NIP6300 V500R001C20SPC100, V500R001C20SPC200, NIP6600 V500R001C20SPC100, V500R001C20SPC200, Secospace USG6300 V500R001C20SPC100, V500R001C20SPC200, Secospace USG6500 V500R001C20SPC100, V500R001C20SPC200 has a memory …
- CVE-2017-15332MEDIUMCVSS 5.3EG 5.32018-02-15
Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R00…
- CVE-2017-15349HIGHCVSS 7.5EG 7.52018-02-15
Huawei CloudEngine 12800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 6800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C0…
- CVE-2017-15824MEDIUMCVSS 5.5EG 5.52018-07-06
In Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, the function UpdateDeviceStatus() writes a local stack buffer without initialization to flash me…
- CVE-2017-15845HIGHCVSS 7.8EG 7.82018-01-10
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, an invalid input of firmware size (negative value) from user space can potentially lead to the memory leak or buffer overflow d…
- CVE-2017-16232HIGHCVSS 7.5EG 7.52019-03-21
LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service (memory consumption), as demonstrated by tif_open.c, tif_lzw.c, and tif_aux.c. NOTE: Third parties were unable to reproduce the issue
- CVE-2017-17141LOWCVSS 3.7EG 3.72018-03-05
Huawei S12700 V200R005C00; V200R006C00; V200R007C00; V200R007C01; V200R007C20; V200R008C00; V200R009C00;S1700 V200R006C10; V200R009C00;S2700 V100R006C03; V200R003C00; V200R005C00; V200R006C00; V200R006C10; V200R007C00; V200R007C00B050; V20…
- CVE-2017-17153HIGHCVSS 7.5EG 7.52018-02-15
IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001…
- CVE-2017-17162MEDIUMCVSS 5.5EG 5.52018-02-15
Huawei Secospace USG6600 V500R001C30SPC100, Secospace USG6600 V500R001C30SPC200, Secospace USG6600 V500R001C30SPC300, USG9500 V500R001C30SPC100, USG9500 V500R001C30SPC200, USG9500 V500R001C30SPC300 have a memory leak vulnerability due to m…
- CVE-2017-17164MEDIUMCVSS 5.3EG 5.32018-02-15
Huawei Secospace AntiDDoS8000 V500R001C20SPC500 have a memory leak vulnerability due to memory don't be released when the system open some function. An attacker could exploit it to cause memory leak, which may further lead to system except…
- CVE-2017-17256HIGHCVSS 7.5EG 7.52018-04-24
Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R00…
- CVE-2017-17257HIGHCVSS 7.5EG 7.52018-04-24
Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R00…
- CVE-2017-17289LOWCVSS 3.3EG 3.32018-02-15
Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability…
- CVE-2017-17291MEDIUMCVSS 5.5EG 5.52018-02-15
Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R00…
- CVE-2017-17296MEDIUMCVSS 5.3EG 5.32018-02-15
Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R00…
- CVE-2017-17302LOWCVSS 3.3EG 3.32018-02-15
Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability. An authenti…
- CVE-2017-17329LOWCVSS 3.3EG 3.32018-03-09
Huawei ViewPoint 8660 V100R008C03 have a memory leak vulnerability. The software does not release allocated memory properly when parse XML Schema data. An authenticated attacker could upload a crafted XML file, successful exploit could cau…
- CVE-2017-17330LOWCVSS 3.3EG 3.32018-03-09
Huawei AR3200 V200R005C32; V200R006C10; V200R006C11; V200R007C00; V200R007C01; V200R007C02; V200R008C00; V200R008C10; V200R008C20; V200R008C30; NGFW Module V500R001C00; V500R001C20; V500R002C00 have a memory leak vulnerability. The softwar…
- CVE-2017-1786MEDIUMCVSS 5.3EG 5.32018-04-23
IBM WebSphere MQ 8.0 through 8.0.0.8 and 9.0 through 9.0.4 under special circumstances could allow an authenticated user to consume all resources due to a memory leak resulting in service loss. IBM X-Force ID: 136975.
- CVE-2017-18008MEDIUMCVSS 6.5EG 6.52018-01-01
In ImageMagick 7.0.7-17 Q16, there is a Memory Leak in ReadPWPImage in coders/pwp.c.
- CVE-2017-18022MEDIUMCVSS 6.5EG 6.52018-01-05
In ImageMagick 7.0.7-12 Q16, there are memory leaks in MontageImageCommand in MagickWand/montage.c.
- CVE-2017-18027MEDIUMCVSS 6.5EG 6.52018-01-12
In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file.
- CVE-2017-18029MEDIUMCVSS 6.5EG 6.52018-01-12
In ImageMagick 7.0.6-10 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file.
- CVE-2017-18251MEDIUMCVSS 6.5EG 6.52018-03-27
An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function ReadPCDImage in coders/pcd.c, which allow remote attackers to cause a denial of service via a crafted file.
Map vulnerabilities like CWE-772 to your infrastructure
EchelonGraph correlates every CVE — across CWE-772 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →