917 matches found
Missing Release of Memory after Effective Lifetime
Overview Affected versions of this package are vulnerable to Missing Release of Memory after Effective Lifetime due to improper cleanup of pooled direct-memory buffers in the RedisArrayAggregator function. An attacker can exhaust the JVM-wide direct-memory pool by repeatedly opening and closing...
ROS-20260611-73-0039
The vulnerability of the Linux operating system’s network protocol implementation is related to the repeated release of memory. Exploiting this vulnerability can allow an attacker to increase their privileges and cause service interruptions...
Missing Release of Memory after Effective Lifetime
Overview Affected versions of this package are vulnerable to Missing Release of Memory after Effective Lifetime in the wand option parser when invalid arguments are provided. An attacker can cause increased memory consumption by supplying specially crafted input. Remediation A fix was pushed into...
CVE-2026-46308
A flaw was found in the Linux kernel, specifically within the pmdomain: mediatek component. An issue in the scpsysgetbusprotectionlegacy function's error handling could lead to a use-after-free vulnerability. This occurs when memory is prematurely released before error checks are completed, which...
PT-2026-47368
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL-pointer dereference occurs during driver unbind in the spi: s3c64xx component. This happens because a DMA channel deallocation was incorrectly left in the remove function after th...
mod_http2: Apache HTTP Server: HTTP/2 DoS by Memory Increase
A flaw was found in Apache HTTP Server. This late release of memory after effective lifetime vulnerability allows a remote, unauthenticated attacker to cause a denial of service DoS. The vulnerability can lead to resource exhaustion, making the server unavailable to legitimate users...
mod_http2: Apache HTTP Server: HTTP/2 DoS by Memory Increase
A flaw was found in Apache HTTP Server. This late release of memory after effective lifetime vulnerability allows a remote, unauthenticated attacker to cause a denial of service DoS. The vulnerability can lead to resource exhaustion, making the server unavailable to legitimate users...
CVE-2026-46011
A flaw was found in the Linux kernel's MediaTek JPEG mtk-jpeg driver. This use-after-free vulnerability arises from a race condition where the driver frees memory while it may still be in use by a work queue. This can allow a local attacker to cause system instability, leading to a denial of...
Astra Linux - уязвимость в parsec
The vulnerability of the pdpl-file utility in the PARSEC security subsystem is related to improper memory release after its use. Exploiting this vulnerability allows an attacker to cause a service failure...
Astra Linux - уязвимость в parsec
The vulnerability of the pdp-ls utility in the PARSEC security subsystem is related to improper memory release after its use. Exploiting this vulnerability allows an attacker to cause a service failure...
Astra Linux - уязвимость в parsec
The vulnerability of the freetree function in the PARSEC security subsystem is related to improper memory release after its use. Exploiting this vulnerability allows an attacker to cause a service failure...
Astra Linux - уязвимость в parsec
The vulnerability of the pdpl-user utility in the PARSEC security subsystem is related to improper memory release after its use. Exploiting this vulnerability allows an attacker to cause a service failure...
SUSE CVE-2026-43295
In the Linux kernel, the following vulnerability has been resolved: rapidio: replace riofreenet with kfree in rioscanallocnet When idtab allocation fails, net is not registered with rioaddnet yet, so kfreenet is sufficient to release the memory. Set mport-net to NULL to avoid dangling pointer...
EUVD-2026-29632
Missing release of memory after effective lifetime in Windows Internet Key Exchange IKE Protocol allows an unauthorized attacker to deny service over a network...
CVE-2026-35424
Missing release of memory after effective lifetime in Windows Internet Key Exchange IKE Protocol allows an unauthorized attacker to deny service over a network...
Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability
Missing release of memory after effective lifetime in Windows Internet Key Exchange IKE Protocol allows an unauthorized attacker to deny service over a network...
ROS-20260512-73-0011
Vulnerability in hdf5 related to memory usage after memory release. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
PT-2026-40185
Missing release of memory after effective lifetime in Windows Internet Key Exchange IKE Protocol allows an unauthorized attacker to deny service over a network...
EUVD-2026-28565
In the Linux kernel, the following vulnerability has been resolved: rapidio: replace riofreenet with kfree in rioscanallocnet When idtab allocation fails, net is not registered with rioaddnet yet, so kfreenet is sufficient to release the memory. Set mport-net to NULL to avoid dangling pointer...
CVE-2026-43473
CVE-2026-43473 affects the Linux kernel's mpi3mr SCSI driver. The vulnerability occurs when the driver cleans up resources and the reply/request queues are NULL due to memory being freed after a failed queue creation. The cleanup code may then dereference or mem-set freed memory, causing a system...