Total
822 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-41690 | 1 Offis | 1 Dcmtk | 2024-08-04 | 7.5 High |
| DCMTK through 3.6.6 does not handle memory free properly. The malloced memory for storing all file information are recorded in a global variable LST and are not freed properly. Sending specific requests to the dcmqrdb program can incur a memory leak. An attacker can use it to launch a DoS attack. | ||||
| CVE-2021-41490 | 1 Rice | 1 Open Motion Planning Library | 2024-08-04 | 7.5 High |
| Memory leaks in LazyPRM.cpp of OMPL v1.5.0 can cause unexpected behavior. | ||||
| CVE-2021-41229 | 3 Bluez, Debian, Redhat | 3 Bluez, Debian Linux, Enterprise Linux | 2024-08-04 | 4.3 Medium |
| BlueZ is a Bluetooth protocol stack for Linux. In affected versions a vulnerability exists in sdp_cstate_alloc_buf which allocates memory which will always be hung in the singly linked list of cstates and will not be freed. This will cause a memory leak over time. The data can be a very large object, which can be caused by an attacker continuously sending sdp packets and this may cause the service of the target device to crash. | ||||
| CVE-2021-41145 | 1 Freeswitch | 1 Freeswitch | 2024-08-04 | 8.6 High |
| FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. FreeSWITCH prior to version 1.10.7 is susceptible to Denial of Service via SIP flooding. When flooding FreeSWITCH with SIP messages, it was observed that after a number of seconds the process was killed by the operating system due to memory exhaustion. By abusing this vulnerability, an attacker is able to crash any FreeSWITCH instance by flooding it with SIP messages, leading to Denial of Service. The attack does not require authentication and can be carried out over UDP, TCP or TLS. This issue was patched in version 1.10.7. | ||||
| CVE-2021-40633 | 1 Giflib Project | 1 Giflib | 2024-08-04 | 8.8 High |
| A memory leak (out-of-memory) in gif2rgb in util/gif2rgb.c in giflib 5.1.4 allows remote attackers trigger an out of memory exception or denial of service via a gif format file. | ||||
| CVE-2021-40047 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-08-04 | 7.5 High |
| There is a vulnerability of memory not being released after effective lifetime in the Bastet module. Successful exploitation of this vulnerability may affect integrity. | ||||
| CVE-2021-39282 | 1 Live555 | 1 Live555 | 2024-08-04 | 7.5 High |
| Live555 through 1.08 has a memory leak in AC3AudioStreamParser for AC3 files. | ||||
| CVE-2021-39176 | 1 Detect-character-encoding Project | 1 Detect-character-encoding | 2024-08-04 | 7.5 High |
| detect-character-encoding is a package for detecting character encoding using ICU. In detect-character-encoding v0.3.0 and earlier, allocated memory is not released. The problem has been patched in detect-character-encoding v0.3.1. | ||||
| CVE-2021-37205 | 1 Siemens | 95 Simatic Drive Controller Cpu 1504d Tf, Simatic Drive Controller Cpu 1504d Tf Firmware, Simatic Drive Controller Cpu 1507d Tf and 92 more | 2024-08-04 | 7.5 High |
| A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V21.9 < V21.9.4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions >= V4.5.0 < V4.5.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions >= V2.9.2 < V2.9.4), SIMATIC S7-1500 Software Controller (All versions >= V21.9 < V21.9.4), SIMATIC S7-PLCSIM Advanced (All versions >= V4.0 < V4.0 SP1), SIPLUS TIM 1531 IRC (All versions < V2.3.6), TIM 1531 IRC (All versions < V2.3.6). An unauthenticated attacker could cause a denial-of-service condition in a PLC when sending specially prepared packets over port 102/tcp. A restart of the affected device is needed to restore normal operations. | ||||
| CVE-2021-37046 | 1 Huawei | 2 Emui, Magic Ui | 2024-08-04 | 7.5 High |
| There is a Memory leak vulnerability with the codec detection module in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart due to memory exhaustion. | ||||
| CVE-2021-36993 | 1 Huawei | 2 Emui, Magic Ui | 2024-08-04 | 7.5 High |
| There is a Memory leaks vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability. | ||||
| CVE-2021-35078 | 1 Qualcomm | 214 Aqt1000, Aqt1000 Firmware, Ar8035 and 211 more | 2024-08-04 | 7.5 High |
| Possible memory leak due to improper validation of certificate chain length while parsing server certificate chain in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | ||||
| CVE-2021-34431 | 1 Eclipse | 1 Mosquitto | 2024-08-04 | 6.5 Medium |
| In Eclipse Mosquitto version 1.6 to 2.0.10, if an authenticated client that had connected with MQTT v5 sent a crafted CONNECT message to the broker a memory leak would occur, which could be used to provide a DoS attack against the broker. | ||||
| CVE-2021-34389 | 1 Nvidia | 9 Jetson Agx Xavier 16gb, Jetson Agx Xavier 32gb, Jetson Agx Xavier 8gb and 6 more | 2024-08-04 | 5 Medium |
| Trusty contains a vulnerability in NVIDIA OTE protocol message parsing code, which is present in all the TAs. An incorrect bounds check can allow a local user through a malicious client to access memory from the heap in the TrustZone, which may lead to information disclosure. | ||||
| CVE-2021-33646 | 4 Fedoraproject, Feep, Huawei and 1 more | 4 Fedora, Libtar, Openeuler and 1 more | 2024-08-03 | 7.5 High |
| The th_read() function doesn’t free a variable t->th_buf.gnu_longname after allocating memory, which may cause a memory leak. | ||||
| CVE-2021-33645 | 4 Fedoraproject, Feep, Huawei and 1 more | 4 Fedora, Libtar, Openeuler and 1 more | 2024-08-03 | 7.5 High |
| The th_read() function doesn’t free a variable t->th_buf.gnu_longlink after allocating memory, which may cause a memory leak. | ||||
| CVE-2021-33364 | 1 Gpac | 1 Gpac | 2024-08-03 | 5.5 Medium |
| Memory leak in the def_parent_box_new function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file. | ||||
| CVE-2021-33366 | 1 Gpac | 1 Gpac | 2024-08-03 | 5.5 Medium |
| Memory leak in the gf_isom_oinf_read_entry function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file. | ||||
| CVE-2021-33363 | 1 Gpac | 1 Gpac | 2024-08-03 | 5.5 Medium |
| Memory leak in the infe_box_read function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file. | ||||
| CVE-2021-33365 | 1 Gpac | 1 Gpac | 2024-08-03 | 5.5 Medium |
| Memory leak in the gf_isom_get_root_od function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file. | ||||