29 matches found
CVE-2025-65947
thread-amount is a tool that gets the amount of threads in the current process. Prior to version 0.2.2, there are resource leaks when querying thread counts on Windows and Apple platforms. In Windows platforms, the threadamount function calls CreateToolhelp32Snapshot but fails to close the return...
CVE-2025-65947
thread-amount is a tool that gets the amount of threads in the current process. Prior to version 0.2.2, there are resource leaks when querying thread counts on Windows and Apple platforms. In Windows platforms, the threadamount function calls CreateToolhelp32Snapshot but fails to close the return...
CVE-2025-65947 thread-amount is Vulnerable to Resource Exhaustion (Memory and Handle Leaks) on Windows and macOS
thread-amount is a tool that gets the amount of threads in the current process. Prior to version 0.2.2, there are resource leaks when querying thread counts on Windows and Apple platforms. In Windows platforms, the threadamount function calls CreateToolhelp32Snapshot but fails to close the return...
CVE-2025-65947 thread-amount is Vulnerable to Resource Exhaustion (Memory and Handle Leaks) on Windows and macOS
thread-amount is a tool that gets the amount of threads in the current process. Prior to version 0.2.2, there are resource leaks when querying thread counts on Windows and Apple platforms. In Windows platforms, the threadamount function calls CreateToolhelp32Snapshot but fails to close the return...
CVE-2025-65947
CVE-2025-65947 affects the thread_amount crate. Before v0.2.2, Windows builds leak handles (CreateToolhelp32Snapshot handles not closed) and macOS builds leak memory (allocated thread lists not deallocated via vm_deallocate). Repeated queries can exhaust handles or memory, risking instability or ...
CVE-2025-65947 thread-amount is Vulnerable to Resource Exhaustion (Memory and Handle Leaks) on Windows and macOS
thread-amount is a tool that gets the amount of threads in the current process. Prior to version 0.2.2, there are resource leaks when querying thread counts on Windows and Apple platforms. In Windows platforms, the threadamount function calls CreateToolhelp32Snapshot but fails to close the return...
GHSA-JF9P-2FV9-2JP2 thread-amount Vulnerable to Resource Exhaustion (Memory and Handle Leaks) on Windows and macOS
Affected versions of this crate contain resource leaks when querying thread counts on Windows and Apple platforms. Windows The threadamount function calls CreateToolhelp32Snapshot but fails to close the returned HANDLE using CloseHandle. Repeated calls to this function will cause the handle count...
thread-amount Vulnerable to Resource Exhaustion (Memory and Handle Leaks) on Windows and macOS
Affected versions of this crate contain resource leaks when querying thread counts on Windows and Apple platforms. Windows The threadamount function calls CreateToolhelp32Snapshot but fails to close the returned HANDLE using CloseHandle. Repeated calls to this function will cause the handle count...
EUVD-2024-25616
Malicious code in bioql PyPI...
CVE-2023-53290 samples/bpf: Fix fout leak in hbm's run_bpf_prog
In the Linux kernel, the following vulnerability has been resolved: samples/bpf: Fix fout leak in hbm's runbpfprog Fix fout being fopen'ed but then not subsequently fclose'd. In the affected branch, fout is otherwise going out of scope...
CVE-2025-6759: Citrix Virtual Apps and Desktops - Local Privilege Escalation (FIXED)
Overview During a Virtual Desktop Infrastructure VDI breakout assessment, Rapid7 identified a Local Privilege Escalation LPE vulnerability affecting Citrix Virtual Apps and Desktops. This issue was assigned CVE-2025-6759 and has a CVSS score of 7.3 High. Rapid7 observed a SYSTEM process handle wi...
CVE-2024-28519
A kernel handle leak issue in ProcObsrvesx.sys 4.0.0.49 in MicroWorld Technologies Inc eScan Antivirus could allow privilege escalation for low-privileged users...
Microsoft go-crypto-winnative 安全漏洞
Microsoft go-crypto-winnative is a library from Microsoft Corporation USA. A security vulnerability exists in go-crypto-winnative, which stems from a call to cng.TLS1PRF that does not release the key handle, creating a small memory leak each time...
eScan Antivirus 安全漏洞
eScan Antivirus is a network anti-virus security software from eScan. A security vulnerability exists in eScan Antivirus version 4.0.0.49, which stems from a leaky kernel handle issue that could allow privilege escalation by a low-privileged user...
CVE-2024-28519
A kernel handle leak issue in ProcObsrvesx.sys 4.0.0.49 in MicroWorld Technologies Inc eScan Antivirus could allow privilege escalation for low-privileged users...
PT-2024-22450 · Microworld Technologies · Escan Antivirus
Name of the Vulnerable Software and Affected Versions: MicroWorld Technologies Inc eScan Antivirus version 4.0.0.49 Description: A kernel handle leak issue in ProcObsrvesx.sys could allow privilege escalation for low-privileged users. Recommendations: For version 4.0.0.49, consider updating to a...
CVE-2024-28519
A kernel handle leak issue in ProcObsrvesx.sys 4.0.0.49 in MicroWorld Technologies Inc eScan Antivirus could allow privilege escalation for low-privileged users...
undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol
A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and...
kernel: iscsi: unrestricted access to sessions and handles
A flaw was found in the way access to sessions and handles was handled in the iSCSI driver in the Linux kernel. A local user could use this flaw to leak iSCSI transport handle kernel address or end arbitrary iSCSI connections on the system...
kernel: iscsi: unrestricted access to sessions and handles
A flaw was found in the way access to sessions and handles was handled in the iSCSI driver in the Linux kernel. A local user could use this flaw to leak iSCSI transport handle kernel address or end arbitrary iSCSI connections on the system...