927 matches found
EUVD-2026-42279
Missing release of memory after effective lifetime vulnerability in Progress MOVEit Transfer Custom Reports modules. This issue affects MOVEit Transfer: from 2025.0.0 before 2025.0.8, from 2025.1.0 before 2025.1.4, from 2026.0.0 before 2026.0.1...
ROS-20260629-73-0009
The vulnerability in ImageMagick 7 is related to the lack of memory release after the effective lifespan of the component. Exploiting this vulnerability can allow an attacker to cause a service failure...
CVE-2026-53300
In the Linux kernel, the following vulnerability has been resolved: net: enetc: fix NTMP DMA use-after-free issue The AI-generated review reported a potential DMA use-after-free issue 1. If netcxmitntmpcmd times out and returns an error, the pending command is not explicitly aborted, while...
PT-2026-52939
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the enetc network driver regarding NTMP DMA Direct Memory Access operations. If the netc xmit ntmp cmd function times out and returns an error, the pendi...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: - media: cx25821: Fixed a resource leak in cx25821devsetup - Added releasememregion if ioremap fails to release the memory region obtained by cx25821getresources...
PT-2026-50866
Name of the Vulnerable Software and Affected Versions GPU DDK affected versions not specified Description Software run by a non-privileged user can perform improper GPU system calls leading to resource mismanagement. This occurs when a shared memory page, managed by a CPU driver thread and access...
ROS-20260617-73-0001
The vulnerability in ImageMagick 7 is related to the lack of memory release after the effective lifespan of the component. Exploiting this vulnerability can allow an attacker to cause a service failure...
Missing Release of Memory after Effective Lifetime
Overview Affected versions of this package are vulnerable to Missing Release of Memory after Effective Lifetime due to improper cleanup of pooled direct-memory buffers in the RedisArrayAggregator function. An attacker can exhaust the JVM-wide direct-memory pool by repeatedly opening and closing...
ROS-20260611-73-0039
The vulnerability of the Linux operating system’s network protocol implementation is related to the repeated release of memory. Exploiting this vulnerability can allow an attacker to increase their privileges and cause service interruptions...
Missing Release of Memory after Effective Lifetime
Overview Affected versions of this package are vulnerable to Missing Release of Memory after Effective Lifetime in the wand option parser when invalid arguments are provided. An attacker can cause increased memory consumption by supplying specially crafted input. Remediation A fix was pushed into...
CVE-2026-46308
A flaw was found in the Linux kernel, specifically within the pmdomain: mediatek component. An issue in the scpsysgetbusprotectionlegacy function's error handling could lead to a use-after-free vulnerability. This occurs when memory is prematurely released before error checks are completed, which...
PT-2026-47368
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL-pointer dereference occurs during driver unbind in the spi: s3c64xx component. This happens because a DMA channel deallocation was incorrectly left in the remove function after th...
mod_http2: Apache HTTP Server: HTTP/2 DoS by Memory Increase
A flaw was found in Apache HTTP Server. This late release of memory after effective lifetime vulnerability allows a remote, unauthenticated attacker to cause a denial of service DoS. The vulnerability can lead to resource exhaustion, making the server unavailable to legitimate users...
mod_http2: Apache HTTP Server: HTTP/2 DoS by Memory Increase
A flaw was found in Apache HTTP Server. This late release of memory after effective lifetime vulnerability allows a remote, unauthenticated attacker to cause a denial of service DoS. The vulnerability can lead to resource exhaustion, making the server unavailable to legitimate users...
CVE-2026-46011
A flaw was found in the Linux kernel's MediaTek JPEG mtk-jpeg driver. This use-after-free vulnerability arises from a race condition where the driver frees memory while it may still be in use by a work queue. This can allow a local attacker to cause system instability, leading to a denial of...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: clk: hisilicon: hi3559a: A mistake in the devmkfree function has been fixed. 'pclk' is an array allocated just before the for loop for all clk elements that need to be registered. It is incremented at each loop iteration. If a...
Astra Linux – Vulnerability in Parsec
The vulnerability of the pdp-ls utility in the PARSEC security subsystem is related to improper memory release after its use. Exploiting this vulnerability allows an attacker to cause a service failure...
Astra Linux – Vulnerability in parsec-cups
The vulnerability of the Parsec Cups protection and marking mechanism is related to the improper release of memory before deleting the last reference. Exploiting this vulnerability allows a hacker to trigger a service failure...
Astra Linux – Vulnerability in Parsec
The vulnerability of the parsecchkislocaladmin function in the PARSEC security subsystem is related to improper memory release after its use. Exploiting this vulnerability allows an attacker to cause a service failure...
Astra Linux – Vulnerability in Parsec
The vulnerability of the psaud utility within the PARSEC security subsystem is related to improper memory release after its use. Exploiting this vulnerability allows an attacker to cause a service failure...