Lucene search
K

31 matches found

ICS
ICS
added 2023/12/14 7:0 a.m.30 views

Johnson Controls Kantech Gen1 ioSmart

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable from adjacent network Vendor : Sensormatic Electronics, LLC, an affiliate of Johnson Controls Inc. Equipment : Kantech Gen1 ioSmart card reader Vulnerability : Missing Release of Memory after Effective Lifetime 2. RISK EVALUATION...

7.5CVSS6.3AI score0.003EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2023/10/04 8:1 p.m.22 views

CVE-2023-41094 Touchlink authentication bypass due to packets processed after timeout or out of range in Ember ZNet

TouchLink packets processed after timeout or out of range due to Operation on a Resource after Expiration and Missing Release of Resource after Effective Lifetime may allow a device to be added outside of valid TouchLink range or pairing duration This issue affects Ember ZNet 7.1.x from 7.1.3...

10CVSS9.5AI score0.00575EPSS
Exploits0References1
Prion
Prion
added 2023/01/13 12:15 a.m.31 views

Design/Logic Flaw

A Missing Release of Memory after Effective Lifetime vulnerability in the Flow Processing Daemon flowd of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service DoS. In an IPsec VPN environment, a memory leak will be seen if a DH or ECDH group is...

5CVSS7.4AI score0.00644EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/01/12 12:0 a.m.49 views

Juniper Junos OS Vulnerability (JSA70213)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA70213 advisory. - A Missing Release of Memory after Effective Lifetime vulnerability in the Flow Processing Daemon flowd of Juniper Networks Junos OS allows a network-based, unauthenticated...

7.5CVSS7.4AI score0.00644EPSS
Exploits0References2
OSV
OSV
added 2022/11/14 7:7 p.m.8 views

GSD-2022-1007121 jbd2: add miss release buffer head in fc_do_one_pass()

jbd2: add miss release buffer head in fcdoonepass This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.75 by commit...

7.4AI score
Exploits0
Prion
Prion
added 2022/11/11 4:15 p.m.21 views

Design/Logic Flaw

Missing release of memory after effective lifetime in firmware for IntelR SPS before versions SPSE306.00.03.035.0 may allow a privileged user to potentially enable denial of service via local access...

1.7CVSS5.2AI score0.00169EPSS
Exploits0References1Affected Software1
Veracode
Veracode
added 2022/11/09 3:6 a.m.24 views

Denial Of Service (DoS)

libgpac.so is vulnerable to Denial Of Service. The vulnerability exists in the loadxmtdone function of loaderxmt.c because of the missing release of allocated memory after an effective lifetime in detect-character-encoding which allows to the attacker to crash the application...

5.5CVSS5.5AI score0.00284EPSS
Exploits1References4Affected Software2
CVE
CVE
added 2022/09/12 6:35 p.m.76 views

CVE-2022-31222

Summary: CVE-2022-31222 concerns Dell BIOS on motherboard firmware, described as a Missing Release of Resource after Effective Lifetime vulnerability. The root cause is a failure to release resources after their intended lifecycle, enabling a local, authenticated administrator to exhaust memory a...

4.4CVSS4.5AI score0.00176EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/08/03 12:0 a.m.38 views

Juniper Junos OS Vulnerability (JSA69719)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA69719 advisory. - A Missing Release of File Descriptor or Handle after Effective Lifetime vulnerability in plugable authentication module PAM of Juniper Networks Junos OS and Junos OS Evolv...

6.5CVSS5.8AI score0.00543EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2022/05/13 1:50 a.m.29 views

Missing Release of Resource after Effective Lifetime in Jenkins

A denial of service vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in BasicAuthenticationFilter.java, BasicHeaderApiTokenAuthenticator.java that allows attackers to create ephemeral in-memory user records by attempting to log in using invalid credentials...

7.5CVSS4.4AI score0.01673EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2021/08/31 10:33 a.m.24 views

CVE-2021-34581 WAGO: Denial of Service vulnerability inside the OpenSSL implementation

Missing Release of Resource after Effective Lifetime vulnerability in OpenSSL implementation of WAGO 750-831/xxx-xxx, 750-880/xxx-xxx, 750-881, 750-889 in versions FW4 up to FW15 allows an unauthenticated attacker to cause DoS on the device...

7.5CVSS7.6AI score0.01022EPSS
Exploits0References1
Rows per page
Query Builder