CVE-2026-49975 Apache HTTP Server: mod_http2 denial of service

Memory Allocation with Excessive Size Value vulnerability in Apache HTTP Server's modhttp leads to denial of service via malicious HTTP requests. This issue affects Apache HTTP Server: from 2.4.17 through 2.4.67...

EUVD-2026-30411

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, a wrong NULL check after an allocation call in sixeldecoderaw and sixeldecode causes a NULL pointer dereference whenever the allocation fails. The check tests the address of the output parameter alway...

MiracleLinux 8 : java-17-openjdk-17.0.1.0.12-2.el8 (AXSA:2021-2878:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2878:03 advisory. OpenJDK: Incorrect principal selection when using Kerberos Constrained Delegation Libraries, 8266689 CVE-2021-35567 OpenJDK: Excessive memory...

SUSE CVE-2025-38727

In the Linux kernel, the following vulnerability has been resolved: netlink: avoid infinite retry looping in netlinkunicast netlinkattachskb checks for the socket's read memory allocation constraints. Firstly, it has: rmem skrcvbuf to check if the just increased rmem value fits into the socket's...

kernel: nfsd: don't ignore the return code of svc_proc_register()

In the Linux kernel, the following vulnerability has been resolved: nfsd: don't ignore the return code of svcprocregister Currently, nfsdprocstatinit ignores the return value of svcprocregister. If the procfile creation fails, then the kernel will WARN when it tries to remove the entry later. Fix...

CVE-2023-52670

In the Linux kernel, the following vulnerability has been resolved: rpmsg: virtio: Free driveroverride when rpmsgremove Free driveroverride when rpmsgremove, otherwise the following memory leak will occur: unreferenced object 0xffff0000d55d7080 size 128: comm "kworker/u8:2", pid 56, jiffies...

CVE-2024-2494 Libvirt: negative g_new0 length can lead to unbounded memory allocation

A flaw was found in the RPC library APIs of libvirt. The RPC server deserialization code allocates memory for arrays before the non-negative length check is performed by the C API entry points. Passing a negative length to the gnew0 function results in a crash due to the negative length being...

kernel: scsi: mpi3mr: Use number of bits to manage bitmap sizes

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Use number of bits to manage bitmap sizes To allocate bitmaps, the mpi3mr driver calculates sizes of bitmaps using byte as unit. However, bitmap helper functions assume that bitmaps are allocated using unsigned long...

ARM Mali GPU Kernel Driver < r41p0 Use After Free (CVE-2022-42716)

The version of the Mali GPU Kernel Driver installed on the remote system is prior to r41p0 running on Valhall architecture. It is, therefore affected by a use-after-free error. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. Note that Ness...

SUSE SLES15 / openSUSE 15 Security Update : distribution (SUSE-SU-2023:2154-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:2154-1 advisory. - A flaw was found in the /v2/catalog endpoint in distribution/distribution, which accepts a parameter to control the maximum...

GSD-2022-1007844 netfilter: ipset: enforce documented limit to prevent allocating huge memory

netfilter: ipset: enforce documented limit to prevent allocating huge memory This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.8 by commit...

CVE-2022-35009

PNGDec commit 8abf6be was discovered to contain a memory allocation problem via asanmalloclinux.cpp...

CVE-2022-30775

xpdf 4.04 allocates excessive memory when presented with crafted input. This can be triggered by for example sending a crafted PDF document to the pdftoppm binary. It is most easily reproduced with the DCMAKECXXCOMPILER=afl-clang-fast++ option...

Code injection

grant table v2 status pages may remain accessible after de-allocation take two Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated whe...

Code injection

An issue has been found in libIEC61850 v1.3.1. Memorymalloc and Memorycalloc in hal/memory/libmemory.c have memory leaks when called from mms/isomms/common/mmsvalue.c, server/mmsmapping/mmsmapping.c, and server/mmsmapping/mmssv.c via common/stringutilities.c, as demonstrated by...

CVE-2018-17942

The converttodecimal function in vasnprintf.c in Gnulib before 2018-09-23 has a heap-based buffer overflow because memory is not allocated for a trailing '\0' character during %f processing...

CVE-2017-15124

VNC server implementation in Quick Emulator QEMU 2.11.0 and older was found to be vulnerable to an unbounded memory allocation issue, as it did not throttle the framebuffer updates sent to its client. If the client did not consume these updates, VNC server allocates growing memory to hold onto th...

CVE-2017-9469

In Irssi before 1.0.3, when receiving certain incorrectly quoted DCC files, it tries to find the terminating quote one byte before the allocated memory. Thus, remote attackers might be able to cause a crash...

CVE-2007-5939

The gssuserok function in appl/ftp/ftpd/gssuserok.c in Heimdal 0.7.2 does not allocate memory for the ticketfile pointer before calling free, which allows remote attackers to have an unknown impact via an invalid username. NOTE: the vulnerability was originally reported for ftpd.c, but this is...