CWE-401 · Missing Release of Memory after Effective Lifetime
1795 CVEs classified under CWE-401 (Missing Release of Memory after Effective Lifetime). Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-0742 | Critical | 9.1 | 2022-03-18 | Memory leak in icmp6 implementation in Linux Kernel 5.13+ allows a remote attacker to DoS a host by making it go out-of-memory via icmp6 packets of type 130 or… |
CVE-2024-25450 | High | 8.8 | 2024-02-09 | imlib2 v1.9.1 was discovered to mishandle memory allocation in the function init_imlib_fonts(). |
CVE-2023-33718 | High | 8.8 | 2023-05-31 | mp4v2 v2.1.3 was discovered to contain a memory leak via MP4File::ReadString() at mp4file_io.cpp |
CVE-2021-40633 | High | 8.8 | 2022-06-14 | A memory leak (out-of-memory) in gif2rgb in util/gif2rgb.c in giflib 5.1.4 allows remote attackers trigger an out of memory exception or denial of service via… |
CVE-2021-3492 | High | 8.8 | 2021-04-17 | Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copy_from_user() correctly. Thes… |
CVE-2019-17340 | High | 8.8 | 2019-10-08 | An issue was discovered in Xen through 4.11.x allowing x86 guest OS users to cause a denial of service or gain privileges because grant-table transfer requests… |
CVE-2019-6128 | High | 8.8 | 2019-01-11 | The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb. |
CVE-2026-20012 | High | 8.6 | 2026-03-25 | A vulnerability in the Internet Key Exchange version 2 (IKEv2) feature of Cisco IOS Software, Cisco IOS XE Software, Cisco Secure Firewall Adaptive Security Ap… |
CVE-2025-20239 | High | 8.6 | 2025-08-14 | A vulnerability in the Internet Key Exchange Version 2 (IKEv2) feature of Cisco IOS Software, IOS XE Software, Secure Firewall Adaptive Security Appliance (ASA… |
CVE-2025-20133 | High | 8.6 | 2025-08-14 | A vulnerability in the management and VPN web servers of the Remote Access SSL VPN feature of Cisco Secure Firewall ASA Software and Secure FTD Software could… |
CVE-2024-20304 | High | 8.6 | 2024-09-11 | A vulnerability in the multicast traceroute version 2 (Mtrace2) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust the… |
CVE-2021-34792 | High | 8.6 | 2021-10-27 | A vulnerability in the memory management of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthe… |
CVE-2021-41145 | High | 8.6 | 2021-10-25 | FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on… |
CVE-2021-34698 | High | 8.6 | 2021-10-06 | A vulnerability in the proxy service of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to exhaust system… |
CVE-2021-1387 | High | 8.6 | 2021-02-24 | A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an… |
CVE-2021-1313 | High | 8.6 | 2021-02-04 | Multiple vulnerabilities in the ingress packet processing function of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial o… |
CVE-2020-3572 | High | 8.6 | 2020-10-21 | A vulnerability in the SSL/TLS session handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allo… |
CVE-2020-3373 | High | 8.6 | 2020-10-21 | A vulnerability in the IP fragment-handling implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Softwar… |
CVE-2020-3203 | High | 8.6 | 2020-06-03 | A vulnerability in the locally significant certificate (LSC) provisioning feature of Cisco Catalyst 9800 Series Wireless Controllers that are running Cisco IOS… |
CVE-2020-3189 | High | 8.6 | 2020-05-06 | A vulnerability in the VPN System Logging functionality for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to ca… |