Vulnerabilities > Improper Resource Shutdown or Release
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-19 | CVE-2017-1000369 | Improper Resource Shutdown or Release vulnerability in multiple products Exim supports the use of multiple "-p" command line arguments which are malloc()'ed and never free()'ed, used in conjunction with other issues allows attackers to cause arbitrary code execution. | 4.0 |
| 2017-06-16 | CVE-2016-10363 | Improper Resource Shutdown or Release vulnerability in Elastic Logstash Logstash versions prior to 2.3.3, when using the Netflow Codec plugin, a remote attacker crafting malicious Netflow v5, Netflow v9 or IPFIX packets could perform a denial of service attack on the Logstash instance. | 7.5 |
| 2017-05-18 | CVE-2017-9059 | Improper Resource Shutdown or Release vulnerability in Linux Kernel The NFSv4 implementation in the Linux kernel through 4.11.1 allows local users to cause a denial of service (resource consumption) by leveraging improper channel callback shutdown when unmounting an NFSv4 filesystem, aka a "module reference and kernel daemon" leak. | 5.5 |
| 2017-05-12 | CVE-2017-8925 | Improper Resource Shutdown or Release vulnerability in multiple products The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel before 4.10.4 allows local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling. | 5.5 |
| 2017-05-11 | CVE-2017-7472 | Improper Resource Shutdown or Release vulnerability in Linux Kernel The KEYS subsystem in the Linux kernel before 4.10.13 allows local users to cause a denial of service (memory consumption) via a series of KEY_REQKEY_DEFL_THREAD_KEYRING keyctl_set_reqkey_keyring calls. | 5.5 |
| 2017-04-23 | CVE-2017-8071 | Improper Resource Shutdown or Release vulnerability in Linux Kernel drivers/hid/hid-cp2112.c in the Linux kernel 4.9.x before 4.9.9 uses a spinlock without considering that sleeping is possible in a USB HID request callback, which allows local users to cause a denial of service (deadlock) via unspecified vectors. | 5.5 |
| 2017-04-17 | CVE-2017-5650 | Improper Resource Shutdown or Release vulnerability in Apache Tomcat In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the handling of an HTTP/2 GOAWAY frame for a connection did not close streams associated with that connection that were currently waiting for a WINDOW_UPDATE before allowing the application to write more data. | 7.5 |
| 2017-03-20 | CVE-2017-1145 | Improper Resource Shutdown or Release vulnerability in IBM Websphere MQ 8.0.0.6 IBM WebSphere MQ 8.0.0.6 does not properly terminate channel agents when they are no longer needed, which could allow a user to cause a denial of service through resource exhaustion. | 8.6 |
| 2017-02-03 | CVE-2016-8212 | Improper Resource Shutdown or Release vulnerability in Dell Bsafe Crypto-J An issue was discovered in EMC RSA BSAFE Crypto-J versions prior to 6.2.2. | 7.5 |
| 2010-10-21 | CVE-2010-4038 | Improper Resource Shutdown or Release vulnerability in Google Chrome The Web Sockets implementation in Google Chrome before 7.0.517.41 does not properly handle a shutdown action, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors. | 7.5 |