Vulnerabilities > Missing Release of Resource after Effective Lifetime

DATE CVE VULNERABILITY TITLE RISK
2017-04-11 CVE-2015-8568 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
Memory leak in QEMU, when built with a VMWARE VMXNET3 paravirtual NIC emulator support, allows local guest users to cause a denial of service (host memory consumption) by trying to activate the vmxnet3 device repeatedly.
local
low complexity
qemu debian CWE-772
6.5
2017-04-10 CVE-2017-7624 Missing Release of Resource after Effective Lifetime vulnerability in Entropymine Imageworsener 1.3.0
The iw_read_bmp_file function in imagew-bmp.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to consume an amount of available memory via a crafted file.
local
low complexity
entropymine CWE-772
5.5
2017-04-10 CVE-2017-7377 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
The (1) v9fs_create and (2) v9fs_lcreate functions in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allow local guest OS privileged users to cause a denial of service (file descriptor or memory consumption) via vectors related to an already in-use fid.
local
low complexity
qemu debian CWE-772
6.0
2017-04-09 CVE-2017-7594 Missing Release of Resource after Effective Lifetime vulnerability in Libtiff 4.0.7
The OJPEGReadHeaderInfoSecTablesDcTable function in tif_ojpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (memory leak) via a crafted image.
local
low complexity
libtiff CWE-772
5.5
2017-04-07 CVE-2017-6599 Missing Release of Resource after Effective Lifetime vulnerability in Cisco IOS XR 6.1.1/6.2.1
A vulnerability in Google-defined remote procedure call (gRPC) handling in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the Event Management Service daemon (emsd) to crash due to a system memory leak, resulting in a denial of service (DoS) condition.
network
low complexity
cisco CWE-772
5.3
2017-04-01 CVE-2017-7396 Missing Release of Resource after Effective Lifetime vulnerability in Tigervnc 1.7.1
In TigerVNC 1.7.1 (CConnection.cxx CConnection::CConnection), an unauthenticated client can cause a small memory leak in the server.
network
low complexity
tigervnc CWE-772
7.5
2017-04-01 CVE-2017-7392 Missing Release of Resource after Effective Lifetime vulnerability in Tigervnc 1.7.1
In TigerVNC 1.7.1 (SSecurityVeNCrypt.cxx SSecurityVeNCrypt::SSecurityVeNCrypt), an unauthenticated client can cause a small memory leak in the server.
network
low complexity
tigervnc CWE-772
7.5
2017-03-24 CVE-2017-5507 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a denial of service (memory consumption) via vectors involving a pixel cache.
network
low complexity
imagemagick debian CWE-772
7.5
2017-03-15 CVE-2017-6414 Missing Release of Resource after Effective Lifetime vulnerability in Libcacard Project Libcacard 2.5.0/2.5.1/2.5.2
Memory leak in the vcard_apdu_new function in card_7816.c in libcacard before 2.5.3 allows local guest OS users to cause a denial of service (host memory consumption) via vectors related to allocating a new APDU object.
local
low complexity
libcacard-project CWE-772
6.5
2017-03-15 CVE-2017-6386 Missing Release of Resource after Effective Lifetime vulnerability in Virglrenderer Project Virglrenderer
Memory leak in the vrend_create_vertex_elements_state function in vrend_renderer.c in virglrenderer allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRGL_OBJECT_VERTEX_ELEMENTS commands.
local
low complexity
virglrenderer-project CWE-772
6.5