Vulnerabilities > Improper Resource Shutdown or Release

DATE CVE VULNERABILITY TITLE RISK
2021-02-18 CVE-2021-26906 Improper Resource Shutdown OR Release vulnerability in Digium Asterisk
An issue was discovered in res_pjsip_session.c in Digium Asterisk through 13.38.1; 14.x, 15.x, and 16.x through 16.16.0; 17.x through 17.9.1; and 18.x through 18.2.0, and Certified Asterisk through 16.8-cert5.
network
digium CWE-404
4.3
2021-01-06 CVE-2020-27283 Improper Resource Shutdown OR Release vulnerability in Redlion Crimson 3.1
An attacker could send a specially crafted message to Crimson 3.1 (Build versions prior to 3119.001) that could leak arbitrary memory locations.
network
low complexity
redlion CWE-404
5.0
2020-12-28 CVE-2020-24360 Improper Resource Shutdown OR Release vulnerability in Arista EOS
An issue with ARP packets in Arista’s EOS affecting the 7800R3, 7500R3, and 7280R3 series of products may result in issues that cause a kernel crash, followed by a device reload.
low complexity
arista CWE-404
6.1
2020-12-11 CVE-2020-26411 Improper Resource Shutdown OR Release vulnerability in Gitlab
A potential DOS vulnerability was discovered in all versions of Gitlab starting from 13.4.x (>=13.4 to <13.4.7, >=13.5 to <13.5.5, and >=13.6 to <13.6.2).
network
low complexity
gitlab CWE-404
4.0
2020-11-12 CVE-2020-26070 Improper Resource Shutdown OR Release vulnerability in Cisco IOS XR
A vulnerability in the ingress packet processing function of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
network
low complexity
cisco CWE-404
7.8
2020-11-06 CVE-2020-28327 Improper Resource Shutdown OR Release vulnerability in multiple products
A res_pjsip_session crash was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x before 17.8.1, and 18.x before 18.0.1.
network
high complexity
asterisk digium CWE-404
2.1
2020-10-21 CVE-2020-3555 Improper Resource Shutdown OR Release vulnerability in Cisco products
A vulnerability in the SIP inspection process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a crash and reload of an affected device, resulting in a denial of service (DoS) condition.
network
low complexity
cisco CWE-404
7.8
2020-10-20 CVE-2020-4756 Improper Resource Shutdown OR Release vulnerability in IBM Elastic Storage Server and Spectrum Scale
IBM Spectrum Scale V4.2.0.0 through V4.2.3.23 and V5.0.0.0 through V5.0.5.2 as well as IBM Elastic Storage System 6.0.0 through 6.0.1.0 could allow a local attacker to invoke a subset of ioctls on the device with invalid arguments that could crash the keneral and cause a denial of service.
local
low complexity
ibm CWE-404
4.9
2020-09-16 CVE-2020-16233 Improper Resource Shutdown OR Release vulnerability in Wibu Codemeter
An attacker could send a specially crafted packet that could have CodeMeter (All versions prior to 7.10) send back packets containing data from the heap.
network
low complexity
wibu CWE-404
5.0
2020-09-15 CVE-2020-16100 Improper Resource Shutdown OR Release vulnerability in Gallagher Command Centre
It is possible for an unauthenticated remote DCOM websocket connection to crash the Command Centre service's DCOM websocket thread due to improper shutdown of closed websocket connections, preventing it from accepting future DCOM websocket (Configuration Client) connections.
network
low complexity
gallagher CWE-404
5.0