VYPR

CWE-404

Improper Resource Shutdown or Release

ClassDraftLikelihood: Medium

Description

The product does not release or incorrectly releases a resource before it is made available for re-use.

When a resource is created or allocated, the developer is responsible for properly releasing the resource as well as accounting for all potential paths of expiration or invalidation, such as a set period of time or revocation.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-125 · CAPEC-130 · CAPEC-131 · CAPEC-494 · CAPEC-495 · CAPEC-496 · CAPEC-666

CVEs mapped to this weakness (306)

page 1 of 16
  • CVE-2018-8120HigKEVMay 9, 2018
    risk 0.72cvss 7.0epss 0.74

    An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2. This CVE ID is unique from…

  • CVE-2018-8406HigKEVAug 15, 2018
    risk 0.69cvss 7.8epss 0.03

    An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE…

  • CVE-2018-8405HigKEVAug 15, 2018
    risk 0.69cvss 7.8epss 0.03

    An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016,…

  • CVE-2017-6627HigKEVSep 7, 2017
    risk 0.61cvss 7.5epss 0.06

    A vulnerability in the UDP processing code of Cisco IOS 15.1, 15.2, and 15.4 and IOS XE 3.14 through 3.18 could allow an unauthenticated, remote attacker to cause the input queue of an affected system to hold UDP packets, causing an interface queue wedge and a denial of service…

  • CVE-2026-11317HigJun 16, 2026
    risk 0.57cvss epss 0.00

    A denial of service security issue exists in the affected product. The security issue stems from a fault occurring when a crafted CIP message is sent. Devices with less memory are more likely to be affected. This can result in a major nonrecoverable fault (MNRF). A program…

  • CVE-2017-1145HigMar 20, 2017
    risk 0.56cvss 8.6epss 0.02

    IBM WebSphere MQ 8.0.0.6 does not properly terminate channel agents when they are no longer needed, which could allow a user to cause a denial of service through resource exhaustion. IBM Reference #: 1999672.

  • CVE-2026-45174HigJun 11, 2026
    risk 0.55cvss epss 0.00

    Idira Endpoint Privilege Manager Linux Agent versions prior to 26.5 allow a local attacker to potentially compromise the agent daemon initialization. CyberArk Security Bulletin: CA26-19

  • CVE-2018-8410HigSep 13, 2018
    risk 0.54cvss 7.8epss 0.04

    An elevation of privilege vulnerability exists when the Windows Kernel API improperly handles registry objects in memory, aka "Windows Registry Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows…

  • CVE-2018-8210HigJun 14, 2018
    risk 0.53cvss 7.8epss 0.25

    A remote code execution vulnerability exists when Windows improperly handles objects in memory, aka "Windows Remote Code Execution Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows Server 2016, Windows 8.1, Windows 10, Windows 10…

  • CVE-2018-8497HigOct 10, 2018
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers.

  • CVE-2018-8484HigOct 10, 2018
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012,…

  • CVE-2018-8329HigOct 10, 2018
    risk 0.51cvss 7.8epss 0.01

    An Elevation of Privilege vulnerability exists in Windows Subsystem for Linux when it fails to properly handle objects in memory, aka "Linux On Windows Elevation Of Privilege Vulnerability." This affects Windows 10, Windows 10 Servers.

  • CVE-2018-8462HigSep 13, 2018
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

  • CVE-2018-8455HigSep 13, 2018
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10…

  • CVE-2018-8401HigAug 15, 2018
    risk 0.51cvss 7.8epss 0.02

    An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE…

  • CVE-2018-8400HigAug 15, 2018
    risk 0.51cvss 7.8epss 0.02

    An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability." This affects Windows 10 Servers, Windows 10. This CVE ID is unique from…

  • CVE-2018-8282HigJul 11, 2018
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008,…

  • CVE-2018-8233HigJun 14, 2018
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 10, Windows 10 Servers.

  • CVE-2018-8213HigJun 14, 2018
    risk 0.51cvss 7.8epss 0.08

    A remote code execution vulnerability exists when Windows improperly handles objects in memory, aka "Windows Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8210.

  • CVE-2018-8165HigMay 9, 2018
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.