9 matches found
Missing Release of Resource after Effective Lifetime
Overview org.hibernate.reactive:hibernate-reactive-core is a The core module of Hibernate Reactive Affected versions of this package are vulnerable to Missing Release of Resource after Effective Lifetime by leaving transactions open in the connection pool. An attacker can cause resource exhaustio...
Missing Release of Resource after Effective Lifetime
Overview nicegui is a Create web-based user interfaces with Python. The nice way. Affected versions of this package are vulnerable to Missing Release of Resource after Effective Lifetime in the handledisconnect function, when using the Redis backend for tab storage. An attacker can cause service...
EUVD-2022-52806
Malicious code in bioql PyPI...
CVE-2024-45802
CVE-2024-45802 affects Squid; Debian security update DLA-4083-1 notes the fix disables ESI to mitigate a Denial of Service due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resource after Effective Lifetime bugs. Other advisories (CloudLinux, ...
CVE-2024-45802 Squid Denial of Service
Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resource after Effective Lifetime bugs, Squid is vulnerable to Denial of Service attacks by a trusted...
Apache Answer: The link to reset the user's password will remain valid after sending a new link
Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. User sends multiple password reset emails, each containing a valid link. Within the link's validity period, this could potentially lead to the link being misused o...
CVE-2023-41094 Touchlink authentication bypass due to packets processed after timeout or out of range in Ember ZNet
TouchLink packets processed after timeout or out of range due to Operation on a Resource after Expiration and Missing Release of Resource after Effective Lifetime may allow a device to be added outside of valid TouchLink range or pairing duration This issue affects Ember ZNet 7.1.x from 7.1.3...
CVE-2022-31222
Summary: CVE-2022-31222 concerns Dell BIOS on motherboard firmware, described as a Missing Release of Resource after Effective Lifetime vulnerability. The root cause is a failure to release resources after their intended lifecycle, enabling a local, authenticated administrator to exhaust memory a...
CVE-2021-34581 WAGO: Denial of Service vulnerability inside the OpenSSL implementation
Missing Release of Resource after Effective Lifetime vulnerability in OpenSSL implementation of WAGO 750-831/xxx-xxx, 750-880/xxx-xxx, 750-881, 750-889 in versions FW4 up to FW15 allows an unauthenticated attacker to cause DoS on the device...