Vulnerabilities > Missing Release of Resource after Effective Lifetime

DATE CVE VULNERABILITY TITLE RISK
2017-02-15 CVE-2017-5997 Missing Release of Resource after Effective Lifetime vulnerability in SAP Kernel 7.21/7.22/7.42
The SAP Message Server HTTP daemon in SAP KERNEL 7.21-7.49 allows remote attackers to cause a denial of service (memory consumption and process crash) via multiple msgserver/group?group= requests with a crafted size of the group parameter, aka SAP Security Note 2358972.
network
low complexity
sap CWE-772
5.0
2017-02-06 CVE-2017-2596 Missing Release of Resource after Effective Lifetime vulnerability in Linux Kernel
The nested_vmx_check_vmptr function in arch/x86/kvm/vmx.c in the Linux kernel through 4.9.8 improperly emulates the VMXON instruction, which allows KVM L1 guest OS users to cause a denial of service (host OS memory consumption) by leveraging the mishandling of page references.
local
low complexity
linux CWE-772
6.5
2017-02-03 CVE-2017-3812 Missing Release of Resource after Effective Lifetime vulnerability in Cisco Industrial Ethernet 2000 Series Firmware
A vulnerability in the implementation of Common Industrial Protocol (CIP) functionality in Cisco Industrial Ethernet 2000 Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to a system memory leak.
network
cisco CWE-772
7.1
2017-01-26 CVE-2017-3803 Missing Release of Resource after Effective Lifetime vulnerability in Cisco IOS 15.2(2)E3/15.2(4)E1
A vulnerability in the Cisco IOS Software forwarding queue of Cisco 2960X and 3750X switches could allow an unauthenticated, adjacent attacker to cause a memory leak in the software forwarding queue that would eventually lead to a partial denial of service (DoS) condition.
low complexity
cisco CWE-772
3.3
2016-12-23 CVE-2016-9912 Missing Release of Resource after Effective Lifetime vulnerability in Qemu
Quick Emulator (Qemu) built with the Virtio GPU Device emulator support is vulnerable to a memory leakage issue.
local
low complexity
qemu CWE-772
4.9
2016-12-23 CVE-2016-9911 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
Quick Emulator (Qemu) built with the USB EHCI Emulation support is vulnerable to a memory leakage issue.
local
low complexity
qemu debian redhat CWE-772
6.5
2016-12-23 CVE-2016-9907 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
Quick Emulator (Qemu) built with the USB redirector usb-guest support is vulnerable to a memory leakage flaw.
local
low complexity
qemu debian redhat CWE-772
6.5
2016-12-10 CVE-2016-7995 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
Memory leak in the ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via a large number of crafted buffer page select (PG) indexes.
local
low complexity
qemu opensuse CWE-772
6.0
2016-12-10 CVE-2016-7994 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
Memory leak in the virtio_gpu_resource_create_2d function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_CREATE_2D commands.
local
low complexity
qemu opensuse CWE-772
2.1
2016-12-10 CVE-2016-7466 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
Memory leak in the usb_xhci_exit function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator), when the xhci uses msix, allows local guest OS administrators to cause a denial of service (memory consumption and possibly QEMU process crash) by repeatedly unplugging a USB device.
local
low complexity
qemu opensuse redhat CWE-772
6.0