VYPR

CWE-404

Improper Resource Shutdown or Release

ClassDraftLikelihood: Medium

Description

The product does not release or incorrectly releases a resource before it is made available for re-use.

When a resource is created or allocated, the developer is responsible for properly releasing the resource as well as accounting for all potential paths of expiration or invalidation, such as a set period of time or revocation.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-125 · CAPEC-130 · CAPEC-131 · CAPEC-494 · CAPEC-495 · CAPEC-496 · CAPEC-666

CVEs mapped to this weakness (306)

page 12 of 16
  • CVE-2025-11000LowSep 26, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was determined in Open Babel up to 3.1.1. This affects the function PQSFormat::ReadMolecule of the file /src/formats/PQSformat.cpp. This manipulation causes null pointer dereference. The attack is restricted to local execution. The exploit has been publicly…

  • CVE-2025-10999LowSep 26, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was found in Open Babel up to 3.1.1. The impacted element is the function CacaoFormat::SetHilderbrandt of the file /src/formats/cacaoformat.cpp. The manipulation results in null pointer dereference. The attack is only possible with local access. The exploit has…

  • CVE-2025-10998LowSep 26, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability has been found in Open Babel up to 3.1.1. The affected element is the function ChemKinFormat::ReadReactionQualifierLines of the file /src/formats/chemkinformat.cpp. The manipulation leads to null pointer dereference. The attack can only be performed from a local…

  • CVE-2025-10823LowSep 23, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was found in axboe fio up to 3.41. This affects the function str_buffer_pattern_cb of the file options.c. Performing manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been made public and could…

  • CVE-2025-9649LowAug 29, 2025
    risk 0.21cvss 3.3epss 0.00

    A security vulnerability has been detected in appneta tcpreplay 4.5.1. Impacted is the function calc_sleep_time of the file send_packets.c. Such manipulation leads to divide by zero. An attack has to be approached locally. The exploit has been disclosed publicly and may be used.…

  • CVE-2025-9396LowAug 24, 2025
    risk 0.21cvss 3.3epss 0.00

    A security flaw has been discovered in ckolivas lrzip up to 0.651. This impacts the function __GI_____strtol_l_internal of the file strtol_l.c. Performing manipulation results in null pointer dereference. The attack is only possible with local access. The exploit has been…

  • CVE-2025-9384LowAug 24, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was detected in appneta tcpreplay up to 4.5.1. Impacted is the function tcpedit_post_args of the file /src/tcpedit/parse_args.c. The manipulation results in null pointer dereference. The attack is only possible with local access. The exploit is now public and may…

  • CVE-2025-8844LowAug 11, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was determined in NASM Netwide Assember 2.17rc0. This vulnerability affects the function parse_smacro_template of the file preproc.c. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the…

  • CVE-2025-8835LowAug 11, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was found in JasPer up to 4.2.5. Affected by this vulnerability is the function jas_image_chclrspc of the file src/libjasper/base/jas_image.c of the component Image Color Space Conversion Handler. The manipulation leads to null pointer dereference. It is possible…

  • CVE-2025-8735LowAug 8, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability classified as problematic was found in GNU cflow up to 1.8. Affected by this vulnerability is the function yylex of the file c.c of the component Lexer. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has…

  • CVE-2025-8586LowAug 5, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability, which was classified as problematic, was found in libav up to 12.3. This affects the function ff_seek_frame_binary of the file /libavformat/utils.c of the component MPEG File Parser. The manipulation leads to null pointer dereference. It is possible to launch…

  • CVE-2025-8584LowAug 5, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability classified as problematic was found in libav up to 12.3. Affected by this vulnerability is the function av_buffer_unref of the file libavutil/buffer.c of the component AVI File Parser. The manipulation leads to null pointer dereference. Local access is required…

  • CVE-2025-8225LowJul 27, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was found in GNU Binutils 2.44 and classified as problematic. This issue affects the function process_debug_info of the file binutils/dwarf.c of the component DWARF Section Handler. The manipulation leads to memory leak. Attacking locally is a requirement. The…

  • CVE-2025-8224LowJul 27, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability has been found in GNU Binutils 2.44 and classified as problematic. This vulnerability affects the function bfd_elf_get_str_section of the file bfd/elf.c of the component BFD Library. The manipulation leads to null pointer dereference. Local access is required to…

  • CVE-2025-7209LowJul 9, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability has been found in 9fans plan9port up to 9da5b44 and classified as problematic. Affected by this vulnerability is the function value_decode in the library src/libsec/port/x509.c. The manipulation leads to null pointer dereference. Local access is required to…

  • CVE-2025-7068LowJul 4, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. This issue affects the function H5FL__malloc of the file src/H5FL.c. The manipulation leads to memory leak. Attacking locally is a requirement. The exploit has been disclosed to the public and…

  • CVE-2025-6858LowJun 29, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was found in HDF5 1.14.6 and classified as problematic. Affected by this issue is the function H5C__flush_single_entry of the file src/H5Centry.c. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been…

  • CVE-2025-6817LowJun 28, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. This issue affects the function H5C__load_entry of the file /src/H5Centry.c. The manipulation leads to resource consumption. The attack needs to be approached locally. The exploit has been…

  • CVE-2025-6498LowJun 23, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability classified as problematic has been found in HTACG tidy-html5 5.8.0. Affected is the function defaultAlloc of the file src/alloc.c. The manipulation leads to memory leak. It is possible to launch the attack on the local host. The exploit has been disclosed to the…

  • CVE-2025-6496LowJun 23, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was found in HTACG tidy-html5 5.8.0. It has been declared as problematic. This vulnerability affects the function InsertNodeAsParent of the file src/parser.c. The manipulation leads to null pointer dereference. Local access is required to approach this attack.…