VYPR

CWE-772

Missing Release of Resource after Effective Lifetime

BaseDraftLikelihood: High

Description

The product does not release a resource after its effective lifetime has ended, i.e., after the resource is no longer needed.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-469

CVEs mapped to this weakness (345)

page 1 of 18
  • CVE-2017-15032CriOct 5, 2017
    risk 0.64cvss 9.8epss 0.02

    ImageMagick version 7.0.7-2 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.

  • CVE-2017-14138CriSep 4, 2017
    risk 0.64cvss 9.8epss 0.02

    ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in coders/webp.c because memory is not freed in certain error cases, as demonstrated by VP8 errors.

  • CVE-2017-11641CriJul 26, 2017
    risk 0.64cvss 9.8epss 0.02

    GraphicsMagick 1.3.26 has a Memory Leak in the PersistCache function in magick/pixel_cache.c during writing of Magick Persistent Cache (MPC) files.

  • CVE-2017-14495HigOct 3, 2017
    risk 0.58cvss 7.5epss 0.84

    Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation.

  • CVE-2017-13146HigAug 23, 2017
    risk 0.57cvss 8.8epss 0.01

    In ImageMagick before 6.9.8-5 and 7.x before 7.0.5-6, there is a memory leak in the ReadMATImage function in coders/mat.c.

  • CVE-2017-12669HigAug 7, 2017
    risk 0.57cvss 8.8epss 0.01

    ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteCALSImage in coders/cals.c.

  • CVE-2017-12668HigAug 7, 2017
    risk 0.57cvss 8.8epss 0.01

    ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePCXImage in coders/pcx.c.

  • CVE-2017-12667HigAug 7, 2017
    risk 0.57cvss 8.8epss 0.01

    ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadMATImage in coders\mat.c.

  • CVE-2017-12666HigAug 7, 2017
    risk 0.57cvss 8.8epss 0.02

    ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteINLINEImage in coders/inline.c.

  • CVE-2017-12665HigAug 7, 2017
    risk 0.57cvss 8.8epss 0.01

    ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePICTImage in coders/pict.c.

  • CVE-2017-12664HigAug 7, 2017
    risk 0.57cvss 8.8epss 0.01

    ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePALMImage in coders/palm.c.

  • CVE-2017-12663HigAug 7, 2017
    risk 0.57cvss 8.8epss 0.01

    ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMAPImage in coders/map.c.

  • CVE-2017-12662HigAug 7, 2017
    risk 0.57cvss 8.8epss 0.02

    ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePDFImage in coders/pdf.c.

  • CVE-2017-12644HigAug 7, 2017
    risk 0.57cvss 8.8epss 0.02

    ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadDCMImage in coders\dcm.c.

  • CVE-2017-12642HigAug 7, 2017
    risk 0.57cvss 8.8epss 0.01

    ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadMPCImage in coders\mpc.c.

  • CVE-2017-12641HigAug 7, 2017
    risk 0.57cvss 8.8epss 0.01

    ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadOneJNGImage in coders\png.c.

  • CVE-2017-11310HigJul 13, 2017
    risk 0.57cvss 8.8epss 0.01

    The read_user_chunk_callback function in coders\png.c in ImageMagick 7.0.6-1 Q16 2017-06-21 (beta) has memory leak vulnerabilities via crafted PNG files.

  • CVE-2017-11170HigJul 11, 2017
    risk 0.57cvss 8.8epss 0.02

    The ReadTGAImage function in coders\tga.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via invalid colors data in the header of a TGA or VST file.

  • CVE-2026-20082HigMar 4, 2026
    risk 0.56cvss 8.6epss 0.00

    A vulnerability in the handling of the embryonic connection limits in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause incoming TCP SYN packets to be dropped incorrectly. This vulnerability is due to…

  • CVE-2018-0421HigOct 5, 2018
    risk 0.56cvss 8.6epss 0.03

    A vulnerability in TCP connection management in Cisco Prime Access Registrar could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition when the application unexpectedly restarts. The vulnerability is due to incorrect handling of incoming TCP…