Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

CVEs (1,736)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2016-6304 3Nodejs NovellOpenssl 3Node.js OpensslSuse Linux Enterprise Module For Web Scripting May 6, 2026 Sep 26, 2016 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 Multiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2 before 1.0.2i, and 1.1.0 before 1.1.0a allow remote attackers to cause a denial of service (memory consumption) via large OCSP Status Request extensions.
CVE-2016-4232 1Adobe 2Flash Player Flash Player Desktop Runtime May 6, 2026 Jul 13, 2016 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to obtain sensitive information from process memory via unspecified vecto...Show more Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to obtain sensitive information from process memory via unspecified vectors.Show less
CVE-2009-5063 1Libpng 1Libpng Apr 29, 2026 Aug 31, 2011 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Memory leak in the embedded_profile_len function in pngwutil.c in libpng before 1.2.39beta5 allows context-dependent attackers to cause a denial of service (memory leak or segmentation fault) via a JPEG image containing...Show more Memory leak in the embedded_profile_len function in pngwutil.c in libpng before 1.2.39beta5 allows context-dependent attackers to cause a denial of service (memory leak or segmentation fault) via a JPEG image containing an iCCP chunk with a negative embedded profile length. NOTE: this is due to an incomplete fix for CVE-2006-7244.Show less
CVE-2010-2942 6Avaya CanonicalLinux+3 more 13Aura Communication Manager Aura Presence ServicesAura Session Manager+10 more Apr 29, 2026 Sep 21, 2010 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which allows local users to o...Show more The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which allows local users to obtain potentially sensitive information from kernel memory via vectors related to (1) the tcf_gact_dump function in net/sched/act_gact.c, (2) the tcf_mirred_dump function in net/sched/act_mirred.c, (3) the tcf_nat_dump function in net/sched/act_nat.c, (4) the tcf_simp_dump function in net/sched/act_simple.c, and (5) the tcf_skbedit_dump function in net/sched/act_skbedit.c.Show less
CVE-2010-2249 8Apple CanonicalDebian+5 more 12Debian Linux FedoraIphone Os+9 more Apr 29, 2026 Jun 30, 2010 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Sca...Show more Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks.Show less
CVE-2009-1378 2Canonical Openssl 2Openssl Ubuntu Linux Apr 23, 2026 May 19, 2009 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS recor...Show more Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or (2) have sequence numbers much greater than current sequence numbers, aka "DTLS fragment handling memory leak."Show less
CVE-2009-0581 4Gimp LittlecmsMozilla+1 more 4Firefox GimpLittle Cms+1 more Apr 23, 2026 Mar 23, 2009 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Memory leak in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allows context-dependent attackers to cause a denial of service (memory consumption and application crash) v...Show more Memory leak in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allows context-dependent attackers to cause a denial of service (memory consumption and application crash) via a crafted image file.Show less
CVE-2008-3913 2Clamav Debian 2Clamav Debian Linux Apr 23, 2026 Sep 11, 2008 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Multiple memory leaks in freshclam/manager.c in ClamAV before 0.94 might allow attackers to cause a denial of service (memory consumption) via unspecified vectors related to "error handling logic".
CVE-2007-2274 1Opera 1Opera Browser Apr 23, 2026 Apr 25, 2007 N/A· v4 N/A· v3 7.8 HIGH· v2 The BitTorrent implementation in Opera 9.2 allows remote attackers to cause a denial of service (CPU consumption and application crash) via a malformed torrent file. NOTE: the original disclosure refers to this as a mem...Show more The BitTorrent implementation in Opera 9.2 allows remote attackers to cause a denial of service (CPU consumption and application crash) via a malformed torrent file. NOTE: the original disclosure refers to this as a memory leak, but it is not certain.Show less
CVE-2005-3181 4Canonical DebianLinux+1 more 4Debian Linux LinuxLinux Kernel+1 more Apr 16, 2026 Oct 12, 2005 N/A· v4 N/A· v3 2.1 LOW· v2 The audit system in Linux kernel 2.6.6, and other versions before 2.6.13.4, when CONFIG_AUDITSYSCALL is enabled, uses an incorrect function to free names_cache memory, which prevents the memory from being tracked by AUDI...Show more The audit system in Linux kernel 2.6.6, and other versions before 2.6.13.4, when CONFIG_AUDITSYSCALL is enabled, uses an incorrect function to free names_cache memory, which prevents the memory from being tracked by AUDITSYSCALL code and leads to a memory leak that allows attackers to cause a denial of service (memory consumption).Show less
CVE-2005-3119 1Linux 1Linux Kernel Apr 16, 2026 Oct 12, 2005 N/A· v4 N/A· v3 2.1 LOW· v2 Memory leak in the request_key_auth_destroy function in request_key_auth in Linux kernel 2.6.10 up to 2.6.13 allows local users to cause a denial of service (memory consumption) via a large number of authorization token...Show more Memory leak in the request_key_auth_destroy function in request_key_auth in Linux kernel 2.6.10 up to 2.6.13 allows local users to cause a denial of service (memory consumption) via a large number of authorization token keys.Show less
CVE-2004-0427 1Linux 1Linux Kernel Apr 16, 2026 Jul 7, 2004 N/A· v4 N/A· v3 2.1 LOW· v2 The do_fork function in Linux 2.4.x before 2.4.26, and 2.6.x before 2.6.6, does not properly decrement the mm_count counter when an error occurs after the mm_struct for a child process has been activated, which triggers...Show more The do_fork function in Linux 2.4.x before 2.4.26, and 2.6.x before 2.6.6, does not properly decrement the mm_count counter when an error occurs after the mm_struct for a child process has been activated, which triggers a memory leak that allows local users to cause a denial of service (memory exhaustion) via the clone (CLONE_VM) system call.Show less
CVE-2004-0222 1Openbsd 1Openbsd Apr 16, 2026 May 4, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Multiple memory leaks in isakmpd in OpenBSD 3.4 and earlier allow remote attackers to cause a denial of service (memory exhaustion) via certain ISAKMP packets, as demonstrated by the Striker ISAKMP Protocol Test Suite.
CVE-2002-0574 1Freebsd 1Freebsd Apr 16, 2026 Jul 3, 2002 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Memory leak in FreeBSD 4.5 and earlier allows remote attackers to cause a denial of service (memory exhaustion) via ICMP echo packets that trigger a bug in ip_output() in which the reference count for a routing table ent...Show more Memory leak in FreeBSD 4.5 and earlier allows remote attackers to cause a denial of service (memory exhaustion) via ICMP echo packets that trigger a bug in ip_output() in which the reference count for a routing table entry is not decremented, which prevents the entry from being removed.Show less
CVE-2001-0543 1Microsoft 3Exchange Server Windows 2000Windows Nt Apr 16, 2026 Sep 20, 2001 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Memory leak in NNTP service in Windows NT 4.0 and Windows 2000 allows remote attackers to cause a denial of service (memory exhaustion) via a large number of malformed posts.
CVE-2001-0136 4Conectiva DebianMandrakesoft+1 more 4Debian Linux LinuxMandrake Linux+1 more Apr 16, 2026 Mar 12, 2001 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Memory leak in ProFTPd 1.2.0rc2 allows remote attackers to cause a denial of service via a series of USER commands, and possibly SIZE commands if the server has been improperly installed.

Previous 1...83 84 85 8687