Total
822 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-35679 | 2 Fedoraproject, Opensmtpd | 2 Fedora, Opensmtpd | 2024-08-04 | 7.5 High |
| smtpd/table.c in OpenSMTPD before 6.8.0p1 lacks a certain regfree, which might allow attackers to trigger a "very significant" memory leak via messages to an instance that performs many regex lookups. | ||||
| CVE-2020-35502 | 1 Privoxy | 1 Privoxy | 2024-08-04 | 7.5 High |
| A flaw was found in Privoxy in versions before 3.0.29. Memory leaks when a response is buffered and the buffer limit is reached or Privoxy is running out of memory can lead to a system crash. | ||||
| CVE-2020-29485 | 3 Debian, Fedoraproject, Xen | 3 Debian Linux, Fedora, Xen | 2024-08-04 | 5.5 Medium |
| An issue was discovered in Xen 4.6 through 4.14.x. When acting upon a guest XS_RESET_WATCHES request, not all tracking information is freed. A guest can cause unbounded memory usage in oxenstored. This can lead to a system-wide DoS. Only systems using the Ocaml Xenstored implementation are vulnerable. Systems using the C Xenstored implementation are not vulnerable. | ||||
| CVE-2020-29260 | 2 Debian, Libvncserver Project | 2 Debian Linux, Libvncserver | 2024-08-04 | 7.5 High |
| libvncclient v0.9.13 was discovered to contain a memory leak via the function rfbClientCleanup(). | ||||
| CVE-2020-28723 | 1 Cloudavid | 1 Pparam | 2024-08-04 | 7.5 High |
| Memory leak in IPv6Param::setAddress in CloudAvid PParam 1.3.1. | ||||
| CVE-2020-27822 | 1 Redhat | 5 Jboss Enterprise Application Platform, Jbosseapxp, Openshift Application Runtimes and 2 more | 2024-08-04 | 5.9 Medium |
| A flaw was found in Wildfly affecting versions 19.0.0.Final, 19.1.0.Final, 20.0.0.Final, 20.0.1.Final, and 21.0.0.Final. When an application uses the OpenTracing API's java-interceptors, there is a possibility of a memory leak. This flaw allows an attacker to impact the availability of the server. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2020-27753 | 1 Imagemagick | 1 Imagemagick | 2024-08-04 | 5.5 Medium |
| There are several memory leaks in the MIFF coder in /coders/miff.c due to improper image depth values, which can be triggered by a specially crafted input file. These leaks could potentially lead to an impact to application availability or cause a denial of service. It was originally reported that the issues were in `AcquireMagickMemory()` because that is where LeakSanitizer detected the leaks, but the patch resolves issues in the MIFF coder, which incorrectly handles data being passed to `AcquireMagickMemory()`. This flaw affects ImageMagick versions prior to 7.0.9-0. | ||||
| CVE-2020-27725 | 1 F5 | 3 Big-ip Domain Name System, Big-ip Global Traffic Manager, Big-ip Link Controller | 2024-08-04 | 4.3 Medium |
| In version 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2 of BIG-IP DNS, GTM, and Link Controller, zxfrd leaks memory when listing DNS zones. Zones can be listed via TMSH, iControl or SNMP; only users with access to those services can trigger this vulnerability. | ||||
| CVE-2020-27713 | 1 F5 | 1 Big-ip Advanced Firewall Manager | 2024-08-04 | 7.5 High |
| In certain configurations on version 13.1.3.4, when a BIG-IP AFM HTTP security profile is applied to a virtual server and the BIG-IP system receives a request with specific characteristics, the connection is reset and the Traffic Management Microkernel (TMM) leaks memory. | ||||
| CVE-2020-27755 | 1 Imagemagick | 1 Imagemagick | 2024-08-04 | 3.3 Low |
| in SetImageExtent() of /MagickCore/image.c, an incorrect image depth size can cause a memory leak because the code which checks for the proper image depth size does not reset the size in the event there is an invalid size. The patch resets the depth to a proper size before throwing an exception. The memory leak can be triggered by a crafted input file that is processed by ImageMagick and could cause an impact to application reliability, such as denial of service. This flaw affects ImageMagick versions prior to 7.0.9-0. | ||||
| CVE-2020-27174 | 1 Amazon | 1 Firecracker | 2024-08-04 | 7.5 High |
| In Amazon AWS Firecracker before 0.21.3, and 0.22.x before 0.22.1, the serial console buffer can grow its memory usage without limit when data is sent to the standard input. This can result in a memory leak on the microVM emulation thread, possibly occupying more memory than intended on the host. | ||||
| CVE-2020-27038 | 1 Google | 1 Android | 2024-08-04 | 6.5 Medium |
| In process of C2SoftVorbisDec.cpp, there is a possible resource exhaustion due to a memory leak. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-154302257 | ||||
| CVE-2020-26420 | 3 Fedoraproject, Oracle, Wireshark | 3 Fedora, Zfs Storage Appliance Kit, Wireshark | 2024-08-04 | 3.1 Low |
| Memory leak in RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file. | ||||
| CVE-2020-26418 | 4 Debian, Fedoraproject, Oracle and 1 more | 4 Debian Linux, Fedora, Zfs Storage Appliance Kit and 1 more | 2024-08-04 | 3.1 Low |
| Memory leak in Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file. | ||||
| CVE-2020-26419 | 3 Fedoraproject, Oracle, Wireshark | 3 Fedora, Zfs Storage Appliance Kit, Wireshark | 2024-08-04 | 3.1 Low |
| Memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service via packet injection or crafted capture file. | ||||
| CVE-2020-25795 | 1 Sized-chunks Project | 1 Sized-chunks | 2024-08-04 | 7.5 High |
| An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, insert_from can have a memory-safety issue upon a panic. | ||||
| CVE-2020-25794 | 1 Sized-chunks Project | 1 Sized-chunks | 2024-08-04 | 7.5 High |
| An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, clone can have a memory-safety issue upon a panic. | ||||
| CVE-2020-25689 | 2 Netapp, Redhat | 11 Active Iq Unified Manager, Oncommand Insight, Service Level Manager and 8 more | 2024-08-04 | 5.3 Medium |
| A memory leak flaw was found in WildFly in all versions up to 21.0.0.Final, where host-controller tries to reconnect in a loop, generating new connections which are not properly closed while not able to connect to domain-controller. This flaw allows an attacker to cause an Out of memory (OOM) issue, leading to a denial of service. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2020-25704 | 4 Debian, Linux, Redhat and 1 more | 9 Debian Linux, Linux Kernel, Enterprise Linux and 6 more | 2024-08-04 | 5.5 Medium |
| A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERF_EVENT_IOC_SET_FILTER. A local user could use this flaw to starve the resources causing denial of service. | ||||
| CVE-2020-25644 | 2 Netapp, Redhat | 11 Oncommand Insight, Oncommand Workflow Automation, Service Level Manager and 8 more | 2024-08-04 | 7.5 High |
| A memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes an HTTP session. It may allow the attacker to cause OOM leading to a denial of service. The highest threat from this vulnerability is to system availability. | ||||