CWE-772
Missing Release of Resource after Effective Lifetime
BaseDraftLikelihood: High
Description
The product does not release a resource after its effective lifetime has ended, i.e., after the resource is no longer needed.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-469
CVEs mapped to this weakness (223)
page 8 of 12| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-8355 | Med | 0.42 | 6.5 | 0.00 | Apr 30, 2017 | In ImageMagick 7.0.5-5, the ReadMTVImage function in mtv.c allows attackers to cause a denial of service (memory leak) via a crafted file. | |
| CVE-2017-8354 | Med | 0.42 | 6.5 | 0.01 | Apr 30, 2017 | In ImageMagick 7.0.5-5, the ReadBMPImage function in bmp.c allows attackers to cause a denial of service (memory leak) via a crafted file. | |
| CVE-2017-8353 | Med | 0.42 | 6.5 | 0.01 | Apr 30, 2017 | In ImageMagick 7.0.5-5, the ReadPICTImage function in pict.c allows attackers to cause a denial of service (memory leak) via a crafted file. | |
| CVE-2017-8352 | Med | 0.42 | 6.5 | 0.01 | Apr 30, 2017 | In ImageMagick 7.0.5-5, the ReadXWDImage function in xwd.c allows attackers to cause a denial of service (memory leak) via a crafted file. | |
| CVE-2017-8351 | Med | 0.42 | 6.5 | 0.00 | Apr 30, 2017 | In ImageMagick 7.0.5-5, the ReadPCDImage function in pcd.c allows attackers to cause a denial of service (memory leak) via a crafted file. | |
| CVE-2017-8350 | Med | 0.42 | 6.5 | 0.00 | Apr 30, 2017 | In ImageMagick 7.0.5-5, the ReadJNGImage function in png.c allows attackers to cause a denial of service (memory leak) via a crafted file. | |
| CVE-2017-8349 | Med | 0.42 | 6.5 | 0.00 | Apr 30, 2017 | In ImageMagick 7.0.5-5, the ReadSFWImage function in sfw.c allows attackers to cause a denial of service (memory leak) via a crafted file. | |
| CVE-2017-8348 | Med | 0.42 | 6.5 | 0.01 | Apr 30, 2017 | In ImageMagick 7.0.5-5, the ReadMATImage function in mat.c allows attackers to cause a denial of service (memory leak) via a crafted file. | |
| CVE-2017-8347 | Med | 0.42 | 6.5 | 0.01 | Apr 30, 2017 | In ImageMagick 7.0.5-5, the ReadEXRImage function in exr.c allows attackers to cause a denial of service (memory leak) via a crafted file. | |
| CVE-2017-8346 | Med | 0.42 | 6.5 | 0.01 | Apr 30, 2017 | In ImageMagick 7.0.5-5, the ReadDCMImage function in dcm.c allows attackers to cause a denial of service (memory leak) via a crafted file. | |
| CVE-2017-8345 | Med | 0.42 | 6.5 | 0.01 | Apr 30, 2017 | In ImageMagick 7.0.5-5, the ReadMNGImage function in png.c allows attackers to cause a denial of service (memory leak) via a crafted file. | |
| CVE-2017-8344 | Med | 0.42 | 6.5 | 0.01 | Apr 30, 2017 | In ImageMagick 7.0.5-5, the ReadPCXImage function in pcx.c allows attackers to cause a denial of service (memory leak) via a crafted file. | |
| CVE-2017-8343 | Med | 0.42 | 6.5 | 0.00 | Apr 30, 2017 | In ImageMagick 7.0.5-5, the ReadAAIImage function in aai.c allows attackers to cause a denial of service (memory leak) via a crafted file. | |
| CVE-2017-2312 | Med | 0.42 | 6.5 | 0.00 | Apr 24, 2017 | On Juniper Networks devices running Junos OS affected versions and with LDP enabled, a specific LDP packet destined to the RE (Routing Engine) will consume a small amount of the memory allocated for the rpd (routing protocol daemon) process. Over time, repeatedly receiving this type of LDP packet(s) will cause the memory to exhaust and the rpd process to crash and restart. It is not possible to free up the memory that has been consumed without restarting the rpd process. This issue affects Junos OS based devices with either IPv4 or IPv6 LDP enabled via the [protocols ldp] configuration (the native IPv6 support for LDP is available in Junos OS 16.1 and higher). The interface on which the packet arrives needs to have LDP enabled. The affected Junos versions are: 13.3 prior to 13.3R10; 14.1 prior to 14.1R8; 14.2 prior to 14.2R7-S6 or 14.2R8; 15.1 prior to 15.1F2-S14, 15.1F6-S4, 15.1F7, 15.1R4-S7, 15.1R5; 15.1X49 before 15.1X49-D70; 15.1X53 before 15.1X53-D230, 15.1X53-D63, 15.1X53-D70; 16.1 before 16.1R2. 16.2R1 and all subsequent releases have a resolution for this vulnerability. | |
| CVE-2017-7943 | Med | 0.42 | 6.5 | 0.01 | Apr 18, 2017 | The ReadSVGImage function in svg.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file. | |
| CVE-2017-7942 | Med | 0.42 | 6.5 | 0.00 | Apr 18, 2017 | The ReadAVSImage function in avs.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file. | |
| CVE-2017-7941 | Med | 0.42 | 6.5 | 0.01 | Apr 18, 2017 | The ReadSGIImage function in sgi.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file. | |
| CVE-2015-8568 | Med | 0.42 | 6.5 | 0.00 | Apr 11, 2017 | Memory leak in QEMU, when built with a VMWARE VMXNET3 paravirtual NIC emulator support, allows local guest users to cause a denial of service (host memory consumption) by trying to activate the vmxnet3 device repeatedly. | |
| CVE-2017-6414 | Med | 0.42 | 6.5 | 0.00 | Mar 15, 2017 | Memory leak in the vcard_apdu_new function in card_7816.c in libcacard before 2.5.3 allows local guest OS users to cause a denial of service (host memory consumption) via vectors related to allocating a new APDU object. | |
| CVE-2017-6386 | Med | 0.42 | 6.5 | 0.00 | Mar 15, 2017 | Memory leak in the vrend_create_vertex_elements_state function in vrend_renderer.c in virglrenderer allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRGL_OBJECT_VERTEX_ELEMENTS commands. |