Vulnerabilities (CVE)

CWE filter

CWE-399

Filter

3563 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-8980 1 Linux 1 Linux Kernel 2019-02-21 7.8
A memory leak in the kernel_read_file function in fs/exec.c in the Linux kernel through 4.20.11 allows attackers to cause a denial of service (memory consumption) by triggering vfs_read failures.
CVE-2018-1333 1 Apache 1 Http Server 2019-02-19 5.0
By specially crafting HTTP/2 requests, workers would be allocated 60 seconds longer than necessary, leading to worker exhaustion and a denial of service. Fixed in Apache HTTP Server 2.4.34 (Affected 2.4.18-2.4.30,2.4.33).
CVE-2019-7397 1 Imagemagick 1 Imagemagick 2019-02-18 5.0
In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c.
CVE-2018-15006 1 Zteusa 1 Zte Zmax Champ Firmware 2019-02-15 4.9
The ZTE ZMAX Champ Android device with a build fingerprint of ZTE/Z917VL/fortune:6.0.1/MMB29M/20170327.120922:user/release-keys contains a pre-installed platform app with a package name of com.android.zte.hiddenmenu (versionCode=23,...
CVE-2018-20659 1 Axiosys 1 Bento4 2019-02-14 4.3
An issue was discovered in Bento4 1.5.1-627. The AP4_StcoAtom class in Core/Ap4StcoAtom.cpp has an attempted excessive memory allocation when called from AP4_AtomFactory::CreateAtomFromStream in Core/Ap4AtomFactory.cpp, as demonstrated by mp42hls.
CVE-2018-3658 1 Intel 1 Converged Security Management Engine Firmware 2019-02-14 5.0
Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via network access.
CVE-2015-8104 5 Xen, Linux, Oracle and 2 more 6 Solaris, Vm Virtualbox, Xen and 3 more 2019-02-13 4.7
The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c.
CVE-2015-7419 1 Ibm 1 Websphere Portal 2019-02-13 7.8
IBM WebSphere Portal 8.0.0.1 before CF19 and 8.5.0 before CF09 allows remote attackers to cause a denial of service (memory consumption) via crafted requests.
CVE-2019-0010 1 Juniper 1 Junos 2019-02-13 5.0
An SRX Series Service Gateway configured for Unified Threat Management (UTM) may experience a system crash with the error message "mbuf exceed" -- an indication of memory buffer exhaustion -- due to the receipt of crafted HTTP traffic. Each...
CVE-2018-5739 1 Isc 1 Kea 2019-02-13 5.0
An extension to hooks capabilities which debuted in Kea 1.4.0 introduced a memory leak for operators who are using certain hooks library facilities. In order to support multiple requests simultaneously, Kea 1.4 added a callout handle store but...
CVE-2018-5736 2 Isc, Netapp 3 Bind, Cloud Backup, Data Ontap Edge 2019-02-13 3.5
An error in zone database reference counting can lead to an assertion failure if a server which is running an affected version of BIND attempts several transfers of a slave zone in quick succession. This defect could be deliberately exercised by...
CVE-2015-5307 5 Xen, Linux, Oracle and 2 more 5 Vm Virtualbox, Xen, Linux Kernel and 2 more 2019-02-12 4.9
The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c.
CVE-2019-7732 1 Live555 1 Streaming Media 2019-02-12 5.0
In Live555 0.95, a setup packet can cause a memory leak leading to DoS because, when there are multiple instances of a single field (username, realm, nonce, uri, or response), only the last instance can ever be freed.
CVE-2018-1000852 2019-02-08 7.5
FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_capability_request that can result in The RDP...
CVE-2018-14048 2 Libpng, Oracle 3 Libpng, Jdk, Jre 2019-02-08 4.3
An issue has been found in libpng 1.6.34. It is a SEGV in the function png_free_data in png.c, related to the recommended error handling for png_read_image.
CVE-2018-15458 1 Cisco 1 Firepower Management Center 2019-02-08 5.0
A vulnerability in the Shell Access Filter feature of Cisco Firepower Management Center (FMC), when used in conjunction with remote authentication, could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a...
CVE-2018-1000872 2019-02-07 4.3
OpenKMIP PyKMIP version All versions before 0.8.0 contains a CWE 399: Resource Management Errors (similar issue to CVE-2015-5262) vulnerability in PyKMIP server that can result in DOS: the server can be made unavailable by one or more clients...
CVE-2019-7398 1 Imagemagick 1 Imagemagick 2019-02-07 5.0
In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c.
CVE-2019-6486 1 Golang 1 Go 2019-02-07 7.8
Go before 1.10.8 and 1.11.x before 1.11.5 mishandles P-521 and P-384 elliptic curves, which allows attackers to cause a denial of service (CPU consumption) or possibly conduct ECDH private key recovery attacks.
CVE-2017-14223 1 Ffmpeg 1 Ffmpeg 2019-02-07 7.1
In libavformat/asfdec_f.c in FFmpeg 3.3.3, a DoS in asf_build_simple_index() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted ASF file, which claims a large "ict" field in the header but does not contain...