Vulnerabilities > Incomplete Cleanup
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-12 | CVE-2024-21617 | Incomplete Cleanup vulnerability in Juniper Junos An Incomplete Cleanup vulnerability in Nonstop active routing (NSR) component of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause memory leak leading to Denial of Service (DoS). On all Junos OS platforms, when NSR is enabled, a BGP flap will cause memory leak. | 6.5 |
| 2023-12-05 | CVE-2023-41835 | Incomplete Cleanup vulnerability in Apache Struts When a Multipart request is performed but some of the fields exceed the maxStringLength limit, the upload files will remain in struts.multipart.saveDir even if the request has been denied. Users are recommended to upgrade to versions Struts 2.5.32 or 6.1.2.2 or Struts 6.3.0.1 or greater, which fixe this issue. | 7.5 |
| 2023-11-14 | CVE-2021-46766 | Incomplete Cleanup vulnerability in AMD products Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality. | 5.5 |
| 2023-11-14 | CVE-2022-43477 | Incomplete Cleanup vulnerability in Intel Unison Software 20.14.2.3053/20.14.4244 Incomplete cleanup for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access. | 5.5 |
| 2023-11-14 | CVE-2022-46298 | Incomplete Cleanup vulnerability in Intel Unison Software 20.14.2.3053/20.14.4244 Incomplete cleanup for some Intel Unison software may allow a privileged user to potentially enable denial of service via local access. | 4.4 |
| 2023-07-13 | CVE-2023-35945 | Incomplete Cleanup vulnerability in multiple products Envoy is a cloud-native high-performance edge/middle/service proxy. | 7.5 |
| 2023-06-29 | CVE-2023-36468 | Incomplete Cleanup vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 8.8 |
| 2023-06-20 | CVE-2023-2400 | Incomplete Cleanup vulnerability in Devolutions Server Improper deletion of resource in the user management feature in Devolutions Server 2023.1.8 and earlier allows an administrator to view users vaults of deleted users via database access. | 2.7 |
| 2023-05-10 | CVE-2022-40974 | Incomplete Cleanup vulnerability in Intel Integrated Performance Primitives Cryptography Incomplete cleanup in the Intel(R) IPP Cryptography software before version 2021.6 may allow a privileged user to potentially enable information disclosure via local access. | 5.5 |
| 2023-04-19 | CVE-2023-20862 | Incomplete Cleanup vulnerability in multiple products In Spring Security, versions 5.7.x prior to 5.7.8, versions 5.8.x prior to 5.8.3, and versions 6.0.x prior to 6.0.3, the logout support does not properly clean the security context if using serialized versions. | 6.3 |