CWE-401

Medium likelihood

Missing Release of Memory after Effective Lifetime

Parent: CWE-772 - Missing Release of Resource after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

1,759 vulnerabilities with CWE-401
CVE-2020-25704 MEDIUM
Linux Kernel < 5.9 - Use-After-Free in Performance Monitoring Subsystem
CVSS 5.5
CVE-2020-28723 HIGH
CloudAvid PParam 1.3.1 - Memory Leak in IPv6Param::setAddress
CVSS 7.5
CVE-2020-25689 MEDIUM
WildFly < 21.0.0 - Denial of Service via Host-Controller Reconnection Loop
CVSS 5.3
CVE-2020-3572 HIGH
Cisco ASA <9.6 & FTD <6.3.0.6 - DoS via SSL/TLS Memory Leak
CVSS 8.6
CVE-2020-3373 HIGH
Cisco ASA & FTD DoS via IP Fragment Reassembly Memory Leak
CVSS 8.6
CVE-2020-3995 MEDIUM
VMware ESXi - Memory Leak via VMCI Host Drivers
CVSS 5.3
CVE-2020-16949 MEDIUM
Microsoft Outlook - Denial of Service via Specially Crafted Email
CVSS 4.7
CVE-2020-1683 HIGH
Juniper Junos OS Use-After-Free via SNMP OID Poll
CVSS 7.5
CVE-2020-1678 MEDIUM
Juniper Junos OS and Junos OS Evolved - Memory Leak via EVPN BGP Packet Processing
CVSS 6.5
CVE-2020-15254 HIGH
crossbeam-channel < 0.4.4 - Use-After-Free via Bounded Channel Destructor
CVSS 8.1
CVE-2020-27174 HIGH
Amazon AWS Firecracker <0.21.3-0.22.1 - Memory Corruption
CVSS 7.5
CVE-2020-11637 MEDIUM
B&R Automation Runtime <4.10 - Unauthenticated Denial of Service via TFTP Service Memory Leak
CVSS 5.8
CVE-2020-3543 MEDIUM
Cisco Video Surveillance 8000 Series IP Cameras - Denial of Service via Cisco Discovery Protocol Memory Leak
CVSS 6.5
CVE-2020-25644 HIGH
WildFly OpenSSL < 1.1.3 - Memory Leak Denial of Service via HTTP Session Removal
CVSS 7.5
CVE-2020-25795 HIGH
sized-chunks < 0.6.2 - Use-After-Free in Chunk Insertion
CVSS 7.5
CVE-2020-25794 HIGH
sized-chunks < 0.6.2 - Use-After-Free in Chunk Clone Operation
CVSS 7.5
CVE-2020-3505 MEDIUM
Cisco Video Surveillance 8000 Series IP Cameras - Denial of Service via Cisco Discovery Protocol Memory Leak
CVSS 6.5
CVE-2020-5924 MEDIUM
BIG-IP APM <12.1.5.1-11.6.5.2 - Memory Corruption
CVSS 5.3
CVE-2020-9104 MEDIUM
HUAWEI P30 Firmware < 10.1.0.123(C431E22R2P5) - Denial of Service via Memory Leak
CVSS 4.3
CVE-2020-9697 MEDIUM
Adobe Acrobat and Reader DC < 2020.009.20074 - Memory Leak via Sensitive Data Disclosure
CVSS 5.5
CVE-2020-8229 MEDIUM
Nextcloud Desktop Client 2.6.4 - Memory Corruption
CVSS 5.5
CVE-2020-11937 MEDIUM
whoopsie - Denial of Service via Memory Leak in parse_report
CVSS 5.5
CVE-2020-9249 MEDIUM
HUAWEI P30 Firmware < 10.1.0.160(C00E160R2P11) - Denial of Service via Memory Leak
CVSS 6.5
CVE-2020-4375 HIGH
IBM MQ Appliance 8.0-8.0.0.14, 9.1.0.0-9.1.0.5, 9.1.0.0-9.1.9.9 - Denial of Service via Dynamic Queue Creation
CVSS 7.5
CVE-2020-15806 HIGH
CODESYS Control Runtime System < 3.5.16.10 - Uncontrolled Memory Allocation
CVSS 7.5
Details
Vulnerabilities 1,759
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits