CWE-401

Medium likelihood

Missing Release of Memory after Effective Lifetime

Parent: CWE-772 - Missing Release of Resource after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

1,757 vulnerabilities with CWE-401
CVE-2023-40534 HIGH
F5 BIG-IP - Denial of Service via HTTP/2 Profile and MRF Router Configuration
CVSS 7.5
CVE-2023-44821 MEDIUM
Gifsicle < 1.94 - Denial of Service via Memory Consumption
CVSS 5.5
CVE-2023-3576 MEDIUM
Libtiff's tiffcrop - Memory Corruption
CVSS 5.5
CVE-2023-3592 MEDIUM
Mosquitto <2.0.16 - Memory Corruption
CVSS 5.8
CVE-2023-20251 MEDIUM
Cisco Wireless LAN Controller - Memory Corruption
CVSS 6.1
CVE-2023-5170 HIGH
Firefox < 118.0 - Use-After-Free in Canvas Rendering
CVSS 7.4
CVE-2023-5156 HIGH
glibc 2.34-2.38 - Use-After-Free in getaddrinfo
CVSS 7.5
CVE-2023-41484 HIGH
Cimg Library <2.9.3 - Info Disclosure
CVSS 8.1
CVE-2023-28366 HIGH
Eclipse Mosquitto 1.3.2-2.0.15 - Memory Leak via QoS 2 Message Handling
CVSS 7.5
CVE-2023-4569 MEDIUM
Linux Kernel - Memory Leak in nft_set_catchall_flush
CVSS 5.5
CVE-2023-4513 MEDIUM
Wireshark 3.6.0-3.6.15 and 4.0.0-4.0.7 - Denial of Service via BT SDP Dissector Memory Leak
CVSS 5.3
CVE-2023-39978 LOW
ImageMagick < 6.9.12-91 - Denial of Service via Memory Consumption in Magick::Draw
CVSS 3.3
CVE-2023-32247 HIGH
Linux Kernel >=5.15 <5.15.145 - Denial of Service via SMB2_SESSION_SETUP Resource Consumption
CVSS 7.5
CVE-2023-25399 MEDIUM
scipy < 1.10.0 - Use-After-Free in Py_FindObjects
CVSS 5.5
CVE-2023-34451 HIGH
CometBFT < 0.34.29 - Use-After-Free in Mempool Transaction Tracking
CVSS 8.2
CVE-2023-34450 LOW
CometBFT 0.34.28 - Denial of Service via PeerState JSON Serialization Deadlock
CVSS 3.7
CVE-2023-2683 MEDIUM
EFR32 Bluetooth LE <5.1.1 - Memory Corruption
CVSS 5.3
CVE-2023-2602 LOW
libcap - Use-After-Free in pthread_create
CVSS 3.3
CVE-2023-33460 MEDIUM
yajl 2.1.0 - Memory Leak via yajl_tree_parse Function
CVSS 6.5
CVE-2023-33717 MEDIUM
mp4v2 <2.1.3 - Memory Corruption
CVSS 5.5
CVE-2023-33719 MEDIUM
mp4v2 v2.1.3 - Memory Leak in MP4SdpAtom::Read()
CVSS 5.5
CVE-2023-33716 MEDIUM
mp4v2 v2.1.3 - Memory Leak in MP4StringProperty
CVSS 5.5
CVE-2023-33718 HIGH
mp4v2 <2.1.3 - Memory Corruption
CVSS 8.8
CVE-2023-31517 HIGH
Teeworlds 0.7.5 - Denial of Service via Memory Leak in CConsole::Chain
CVSS 7.5
CVE-2023-2700 MEDIUM
libvirt - Use-After-Free in SR-IOV PCI Device Capability Query
CVSS 5.5
Details
Vulnerabilities 1,757
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits