CWE:
 

Topic
Date
Author
Med.
QNAP Qcenter Virtual Appliance 1.6.x Information Disclosure / Command Injection
13.07.2018
Core Security Technolo...


CVEMAP Search Results

CVE
Details
Description
2019-12-31
Low
CVE-2019-20159

Vendor: GPAC
Software: GPAC
 

 
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a memory leak in dinf_New() in isomedia/box_code_base.c.

 
Low
CVE-2019-20171

Vendor: GPAC
Software: GPAC
 

 
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There are memory leaks in metx_New in isomedia/box_code_base.c and abst_Read in isomedia/box_code_adobe.c.

 
2019-12-30
Medium
CVE-2019-20095

Vendor: Linux
Software: Linux kernel
 

 
mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c in the Linux kernel before 5.1.6 has some error-handling cases that did not free allocated hostcmd memory, aka CID-003b686ace82. This will cause a memory leak and denial of service.

 
2019-12-27
Low
CVE-2019-20052

Vendor: Matio project
Software: Matio
 

 
A memory leak was discovered in Mat_VarCalloc in mat.c in matio 1.5.17 because SafeMulDims does not consider the rank==0 case.

 
Low
CVE-2019-20023

Vendor: Libsixel project
Software: Libsixel
 

 
A memory leak was discovered in image_buffer_resize in fromsixel.c in libsixel 1.8.4.

 
2019-12-24
Medium
CVE-2019-19956

Vendor: Xmlsoft
Software: Libxml2
 

 
xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs.

 
2019-12-23
High
CVE-2019-6681

Vendor: F5
Software: Big-ip local...
 

 
On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, and 12.1.0-12.1.5, a memory leak in Multicast Forwarding Cache (MFC) handling in tmrouted.

 
2019-12-13
Medium
CVE-2019-5248

Updating...
 

 
CloudEngine 12800 has a DoS vulnerability. An attacker of a neighboring device sends a large number of specific packets. As a result, a memory leak occurs after the device uses the specific packet. As a result, the attacker can exploit this vulnerability to cause DoS attacks on the target device.

 
2019-12-12
Medium
CVE-2017-18640

Vendor: Snakeyaml project
Software: Snakeyaml
 

 
The Alias feature in SnakeYAML 1.18 allows entity expansion during a load operation, a related issue to CVE-2003-1564.

 
2019-12-05
Medium
CVE-2019-16770

Vendor: PUMA
Software: PUMA
 

 
In Puma before version 4.3.2, a poorly-behaved client could use keepalive requests to monopolize Puma's reactor and create a denial of service attack. If more keepalive connections to Puma are opened than there are threads available, additional connections will wait permanently if the attacker sends requests frequently enough.

 

 


Copyright 2020, cxsecurity.com

 

Back to Top