Vulnerabilities > Improper Release of Memory Before Removing Last Reference ('Memory Leak')

DATE CVE VULNERABILITY TITLE RISK
2023-10-30 CVE-2023-5349 Memory Leak vulnerability in multiple products
A memory leak flaw was found in ruby-magick, an interface between Ruby and ImageMagick.
local
low complexity
rmagick fedoraproject CWE-401
3.3
2023-10-13 CVE-2023-44183 Memory Leak vulnerability in Juniper Junos
An Improper Input Validation vulnerability in the VxLAN packet forwarding engine (PFE) of Juniper Networks Junos OS on QFX5000 Series, EX4600 Series devices allows an unauthenticated, adjacent attacker, sending two or more genuine packets in the same VxLAN topology to possibly cause a DMA memory leak to occur under various specific operational conditions.
high complexity
juniper CWE-401
5.3
2023-10-13 CVE-2023-44192 Memory Leak vulnerability in Juniper Junos
An Improper Input Validation vulnerability in the Packet Forwarding Engine of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause memory leak, leading to Denial of Service (DoS). On all Junos OS QFX5000 Series platforms, when pseudo-VTEP (Virtual Tunnel End Point) is configured under EVPN-VXLAN scenario, and specific DHCP packets are transmitted, DMA memory leak is observed.
network
low complexity
juniper CWE-401
7.5
2023-10-13 CVE-2023-44193 Memory Leak vulnerability in Juniper Junos
An Improper Release of Memory Before Removing Last Reference vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows a local, low privileged attacker to cause an FPC crash, leading to Denial of Service (DoS). On all Junos MX Series with MPC1 - MPC9, LC480, LC2101, MX10003, and MX80, when Connectivity-Fault-Management (CFM) is enabled in a VPLS scenario, and a specific LDP related command is run, an FPC will crash and reboot.
local
low complexity
juniper CWE-401
5.5
2023-10-12 CVE-2023-22392 Memory Leak vulnerability in Juniper Junos
A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS). PTX3000, PTX5000, QFX10000, PTX1000, PTX10002, and PTX10004, PTX10008 and PTX10016 with LC110x FPCs do not support certain flow-routes.
low complexity
juniper CWE-401
6.5
2023-10-12 CVE-2023-45511 Memory Leak vulnerability in Justdan96 Tsmuxer Nightly20231005015556
A memory leak in tsMuxer version git-2539d07 allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.
local
low complexity
justdan96 CWE-401
5.5
2023-10-10 CVE-2023-40534 Memory Leak vulnerability in F5 products
When a client-side HTTP/2 profile and the HTTP MRF Router option are enabled for a virtual server, and an iRule using the HTTP_REQUEST event or Local Traffic Policy are associated with the virtual server, undisclosed requests can cause TMM to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
network
low complexity
f5 CWE-401
7.5
2023-10-09 CVE-2023-44821 Memory Leak vulnerability in Lcdf Gifsicle
Gifsicle through 1.94, if deployed in a way that allows untrusted input to affect Gif_Realloc calls, might allow a denial of service (memory consumption).
local
low complexity
lcdf CWE-401
5.5
2023-10-04 CVE-2023-3576 Memory Leak vulnerability in multiple products
A memory leak flaw was found in Libtiff's tiffcrop utility.
local
low complexity
libtiff fedoraproject redhat CWE-401
5.5
2023-10-04 CVE-2022-4132 Memory Leak vulnerability in multiple products
A flaw was found in JSS.
network
high complexity
dogtagpki redhat CWE-401
5.9