CWE-401

Medium likelihood

Missing Release of Memory after Effective Lifetime

Parent: CWE-772 - Missing Release of Resource after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

1,759 vulnerabilities with CWE-401
CVE-2020-1651 MEDIUM
Juniper Junos OS 17.2-18.1 - Denial of Service via Layer 2 Frame Memory Leak
CVSS 6.5
CVE-2020-13934 HIGH
Apache Tomcat 8.5.1-8.5.56, 9.0.0.M5-9.0.36, 10.0.0-M1-10.0.0-M6 - Denial of Service via h2c Direct Connection
CVSS 7.5
CVE-2020-8916 MEDIUM
Openthread wpantund < 2020-05-28 - Denial of Service via Memory Leak
CVSS 5.0
CVE-2020-12604 HIGH
Envoy <1.14.2-1.13.2-1.12.4 - Memory Corruption
CVSS 7.5
CVE-2020-15393 MEDIUM
Linux kernel <5.7.6 - Memory Corruption
CVSS 5.5
CVE-2020-15025 MEDIUM
ntp 4.2.8-4.2.8p14 and 4.3.x < 4.3.101 - Denial of Service via CMAC Key Memory Leak
CVSS 4.4
CVE-2020-12887 HIGH
Arm Mbed OS 5.15.3 - Memory Corruption
CVSS 7.5
CVE-2020-1883 MEDIUM
Huawei Products - Memory Corruption
CVSS 4.9
CVE-2020-3203 HIGH
Cisco IOS XE - Unauthenticated Denial of Service via PKI Packet Processing
CVSS 8.6
CVE-2020-3959 LOW
VMware Fusion 11.0.0-11.1.0 and Workstation 15.0.0-15.1.0 - Denial of Service via VMCI Module Memory Leak
CVSS 3.3
CVE-2020-13152 MEDIUM
Amarok 2.8.0 - Denial of Service via Crafted M3U Playlist File
CVSS 5.5
CVE-2020-12768 MEDIUM
Linux Kernel < 5.6 - Memory Leak in KVM SVM CPU Uninitialization
CVSS 5.5
CVE-2020-3195 HIGH
Cisco ASA & FTD OSPF Packet Processing Unauthenticated DoS
CVSS 7.5
CVE-2020-3189 HIGH
Cisco Firepower Threat Defense - Memory Leak
CVSS 8.6
CVE-2020-12656 MEDIUM
Linux Kernel < 5.6.10 - Memory Leak in rpcsec_gss_krb5 gss_mech_free
CVSS 5.5
CVE-2020-5883 HIGH
BIG-IP 13.1.0-13.1.3.1, 14.0.0-14.0.1, 14.1.0-14.1.2.3, 15.0.0-15.0.1 Memory Leak via HTTP Explicit Proxy
CVSS 7.5
CVE-2020-12430 MEDIUM
libvirt 4.10.0-6.x < 6.1.0 - Memory Leak in virDomainListGetStats API
CVSS 6.5
CVE-2020-4267 MEDIUM
IBM MQ 8.0.0.0-8.0.0.13, 9.1.0.0-9.1.0.3 & MQ Appliance 9.1.0-9.1.4 - Authenticated DoS via Memory Leak
CVSS 6.5
CVE-2020-1625 MEDIUM
Juniper Junos OS - Denial of Service via IRB Interface Flap Memory Leak
CVSS 6.5
CVE-2020-3914 MEDIUM
iPadOS < 13.4 - Unauthorized Memory Read via Memory Initialization Issue
CVSS 5.5
CVE-2020-6080 HIGH
libmicrodns 0.1.0 - Denial of Service via mDNS Message Parsing
CVSS 7.5
CVE-2020-6079 HIGH
libmicrodns 0.1.0 - Denial of Service via mDNS Message Parsing
CVSS 7.5
CVE-2020-10840 HIGH
Samsung mobile devices P(9.0)-Q(10.0) - Info Disclosure
CVSS 7.1
CVE-2020-10593 HIGH
Tor <0.3.5.10, 0.4.x <0.4.1.9, 0.4.2.x <0.4.2.7 - DoS
CVSS 7.5
CVE-2020-9431 HIGH
Wireshark 2.6.0-2.6.14, 3.0.0-3.0.8, 3.2.0-3.2.1 - Use-After-Free in LTE RRC Dissector
CVSS 7.5
Details
Vulnerabilities 1,759
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits