Total
822 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-22341 | 1 Huawei | 14 Ips Module, Ips Module Firmware, Ngfw Module and 11 more | 2024-08-03 | 4.9 Medium |
| There is a memory leak vulnerability in Huawei products. A resource management weakness exists in a module. Attackers with high privilege can exploit this vulnerability by performing some operations. This can lead to memory leak. Affected product versions include:IPS Module V500R005C00SPC100,V500R005C00SPC200;NGFW Module V500R005C00SPC100,V500R005C00SPC200;NIP6300 V500R005C00SPC100,V500R005C10SPC200;NIP6600 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6300 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6500 V500R005C00SPC100,V500R005C10SPC200;Secospace USG6600 V500R005C00SPC100,V500R005C00SPC200. | ||||
| CVE-2021-22312 | 1 Huawei | 24 Ips6000e, Ips6000e Firmware, Ips Module and 21 more | 2024-08-03 | 6.5 Medium |
| There is a memory leak vulnerability in some Huawei products. An authenticated remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause some service abnormal. Affected product include some versions of IPS Module, NGFW Module, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500. | ||||
| CVE-2021-22173 | 3 Fedoraproject, Oracle, Wireshark | 3 Fedora, Zfs Storage Appliance, Wireshark | 2024-08-03 | 3.7 Low |
| Memory leak in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file | ||||
| CVE-2021-21723 | 1 Zte | 10 Zxr10 9904, Zxr10 9904-s, Zxr10 9904-s Firmware and 7 more | 2024-08-03 | 7.5 High |
| Some ZTE products have a DoS vulnerability. Due to the improper handling of memory release in some specific scenarios, a remote attacker can trigger the vulnerability by performing a series of operations, resulting in memory leak, which may eventually lead to device denial of service. This affects: ZXR10 9904, ZXR10 9908, ZXR10 9916, ZXR10 9904-S, ZXR10 9908-S; all versions up to V1.01.10.B12. | ||||
| CVE-2021-21724 | 1 Zte | 2 Zxr10 8900e, Zxr10 8900e Firmware | 2024-08-03 | 4.4 Medium |
| A ZTE product has a memory leak vulnerability. Due to the product's improper handling of memory release in certain scenarios, a local attacker with device permissions repeatedly attenuated the optical signal to cause memory leak and abnormal service. This affects: ZXR10 8900E, all versions up to V3.03.20R2B30P1. | ||||
| CVE-2021-20265 | 3 Linux, Oracle, Redhat | 5 Linux Kernel, Tekelec Platform Distribution, Enterprise Linux and 2 more | 2024-08-03 | 5.5 Medium |
| A flaw was found in the way memory resources were freed in the unix_stream_recvmsg function in the Linux kernel when a signal was pending. This flaw allows an unprivileged local user to crash the system by exhausting available memory. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2021-20234 | 1 Zeromq | 1 Libzmq | 2024-08-03 | 6.5 Medium |
| An uncontrolled resource consumption (memory leak) flaw was found in the ZeroMQ client in versions before 4.3.3 in src/pipe.cpp. This issue causes a client that connects to multiple malicious or compromised servers to crash. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2021-20237 | 1 Zeromq | 1 Libzmq | 2024-08-03 | 7.5 High |
| An uncontrolled resource consumption (memory leak) flaw was found in ZeroMQ's src/xpub.cpp in versions before 4.3.3. This flaw allows a remote unauthenticated attacker to send crafted PUB messages that consume excessive memory if the CURVE/ZAP authentication is disabled on the server, causing a denial of service. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2021-20216 | 1 Privoxy | 1 Privoxy | 2024-08-03 | 7.5 High |
| A flaw was found in Privoxy in versions before 3.0.31. A memory leak that occurs when decompression fails unexpectedly may lead to a denial of service. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2021-20211 | 1 Privoxy | 1 Privoxy | 2024-08-03 | 7.5 High |
| A flaw was found in Privoxy in versions before 3.0.29. Memory leak when client tags are active can cause a system crash. | ||||
| CVE-2021-20214 | 1 Privoxy | 1 Privoxy | 2024-08-03 | 7.5 High |
| A flaw was found in Privoxy in versions before 3.0.29. Memory leaks in the client-tags CGI handler when client tags are configured and memory allocations fail can lead to a system crash. | ||||
| CVE-2021-20193 | 1 Gnu | 1 Tar | 2024-08-03 | 5.5 Medium |
| A flaw was found in the src/list.c of tar 1.33 and earlier. This flaw allows an attacker who can submit a crafted input file to tar to cause uncontrolled consumption of memory. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2021-20108 | 1 Zohocorp | 1 Manageengine Assetexplorer | 2024-08-03 | 7.5 High |
| Manage Engine Asset Explorer Agent 1.0.34 listens on port 9000 for incoming commands over HTTPS from Manage Engine Server. The HTTPS certificates are not verified which allows any arbitrary user on the network to send commands over port 9000. While these commands may not be executed (due to authtoken validation), the Asset Explorer agent will reach out to the manage engine server for an HTTP request. During this process, AEAgent.cpp allocates 0x66 bytes using "malloc". This memory is never free-ed in the program, causing a memory leak. Additionally, the instruction sent to aeagent (ie: NEWSCAN, DELTASCAN, etc) is converted to a unicode string, but is never freed. These memory leaks allow a remote attacker to exploit a Denial of Service scenario through repetitively sending these commands to an agent and eventually crashing it the agent due to an out-of-memory condition. | ||||
| CVE-2021-20212 | 1 Privoxy | 1 Privoxy | 2024-08-03 | 7.5 High |
| A flaw was found in Privoxy in versions before 3.0.29. Memory leak if multiple filters are executed and the last one is skipped due to a pcre error leading to a system crash. | ||||
| CVE-2021-20209 | 1 Privoxy | 1 Privoxy | 2024-08-03 | 7.5 High |
| A memory leak vulnerability was found in Privoxy before 3.0.29 in the show-status CGI handler when no action files are configured. | ||||
| CVE-2021-20210 | 1 Privoxy | 1 Privoxy | 2024-08-03 | 7.5 High |
| A flaw was found in Privoxy in versions before 3.0.29. Memory leak in the show-status CGI handler when no filter files are configured can lead to a system crash. | ||||
| CVE-2021-20215 | 1 Privoxy | 1 Privoxy | 2024-08-03 | 7.5 High |
| A flaw was found in Privoxy in versions before 3.0.29. Memory leaks in the show-status CGI handler when memory allocations fail can lead to a system crash. | ||||
| CVE-2021-4213 | 3 Debian, Dogtagpki, Redhat | 4 Debian Linux, Network Security Services For Java, Certificate System and 1 more | 2024-08-03 | 7.5 High |
| A flaw was found in JSS, where it did not properly free up all memory. Over time, the wasted memory builds up in the server memory, saturating the server’s RAM. This flaw allows an attacker to force the invocation of an out-of-memory process, causing a denial of service. | ||||
| CVE-2021-4135 | 1 Linux | 1 Linux Kernel | 2024-08-03 | 5.5 Medium |
| A memory leak vulnerability was found in the Linux kernel's eBPF for the Simulated networking device driver in the way user uses BPF for the device such that function nsim_map_alloc_elem being called. A local user could use this flaw to get unauthorized access to some data. | ||||
| CVE-2021-4002 | 5 Debian, Fedoraproject, Linux and 2 more | 7 Debian Linux, Fedora, Linux Kernel and 4 more | 2024-08-03 | 4.4 Medium |
| A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages. A local user could use this flaw to get unauthorized access to some data. | ||||