Total
1242 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2025-20252 | 1 Cisco | 2 Adaptive Security Appliance Software, Firepower Threat Defense Software | 2025-08-15 | 5.8 Medium |
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a memory leak, resulting in a denial of service (DoS) condition. This vulnerability is due to improper parsing of IKEv2 packets. An attacker could exploit this vulnerability by sending a continuous stream of crafted IKEv2 packets to an affected device. A successful exploit could allow the attacker to partially exhaust system memory, causing system instability like being unable to establish new IKEv2 VPN sessions. A manual reboot of the device is required to recover from this condition. | ||||
CVE-2025-20224 | 1 Cisco | 2 Adaptive Security Appliance Software, Firepower Threat Defense Software | 2025-08-15 | 5.8 Medium |
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a memory leak, resulting in a denial of service (DoS) condition. This vulnerability is due to improper parsing of IKEv2 packets. An attacker could exploit this vulnerability by sending a continuous stream of crafted IKEv2 packets to an affected device. A successful exploit could allow the attacker to partially exhaust system memory, causing system instability like being unable to establish new IKEv2 VPN sessions. A manual reboot of the device is required to recover from this condition. | ||||
CVE-2025-20133 | 1 Cisco | 2 Adaptive Security Appliance Software, Firepower Threat Defense Software | 2025-08-15 | 8.6 High |
A vulnerability in the management and VPN web servers of the Remote Access SSL VPN feature of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to unexpectedly stop responding, resulting in a DoS condition. This vulnerability is due to ineffective validation of user-supplied input during the Remote Access SSL VPN authentication process. An attacker could exploit this vulnerability by sending a crafted request to the VPN service on an affected device. A successful exploit could allow the attacker to cause a DoS condition where the device stops responding to Remote Access SSL VPN authentication requests. | ||||
CVE-2025-20135 | 1 Cisco | 2 Adaptive Security Appliance Software, Firepower Threat Defense Software | 2025-08-15 | 4.3 Medium |
A vulnerability in the DHCP client functionality of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to exhaust available memory. This vulnerability is due to improper validation of incoming DHCP packets. An attacker could exploit this vulnerability by repeatedly sending crafted DHCPv4 packets to an affected device. A successful exploit could allow the attacker to exhaust available memory, which would affect availability of services and prevent new processes from starting, resulting in a Denial of Service (DoS) condition that would require a manual reboot. Note: On Cisco Secure FTD Software, this vulnerability does not affect management interfaces. | ||||
CVE-2025-20225 | 1 Cisco | 4 Adaptive Security Appliance Software, Firepower Threat Defense Software, Ios and 1 more | 2025-08-15 | 5.8 Medium |
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) feature of Cisco IOS Software, IOS XE Software, Secure Firewall Adaptive Security Appliance (ASA) Software, and Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a memory leak, resulting in a denial of service (DoS) condition. This vulnerability is due to a lack of proper processing of IKEv2 packets. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device. In the case of Cisco IOS and IOS XE Software, a successful exploit could allow the attacker to cause the device to reload unexpectedly. In the case of Cisco ASA and FTD Software, a successful exploit could allow the attacker to partially exhaust system memory, causing system instability such as being unable to establish new IKEv2 VPN sessions. A manual reboot of the device is required to recover from this condition. | ||||
CVE-2025-20254 | 1 Cisco | 2 Adaptive Security Appliance Software, Firepower Threat Defense Software | 2025-08-15 | 5.8 Medium |
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a memory leak, resulting in a denial of service (DoS) condition. This vulnerability is due to improper parsing of IKEv2 packets. An attacker could exploit this vulnerability by sending a continuous stream of crafted IKEv2 packets to an affected device. A successful exploit could allow the attacker to partially exhaust system memory, causing system instability like being unable to establish new IKEv2 VPN sessions. A manual reboot of the device is required to recover from this condition. | ||||
CVE-2025-20077 | 1 Intel | 1 Reference Server Platforms | 2025-08-13 | 5.3 Medium |
Missing release of memory after effective lifetime in the UEFI OobRasMmbiHandlerDriver module for some Intel(R) reference server platforms may allow a privileged user to enable denial of service via local access. | ||||
CVE-2024-6875 | 1 Redhat | 1 Jboss Data Grid | 2025-08-13 | 6.5 Medium |
A vulnerability was found in the Infinispan component in Red Hat Data Grid. The REST compare API may have a buffer leak and an out of memory error can occur when sending continual requests with large POST data to the REST API. | ||||
CVE-2024-1300 | 1 Redhat | 20 A Mq Clients, Amq Broker, Amq Streams and 17 more | 2025-08-12 | 5.4 Medium |
A vulnerability in the Eclipse Vert.x toolkit causes a memory leak in TCP servers configured with TLS and SNI support. When processing an unknown SNI server name assigned the default certificate instead of a mapped certificate, the SSL context is erroneously cached in the server name map, leading to memory exhaustion. This flaw allows attackers to send TLS client hello messages with fake server names, triggering a JVM out-of-memory error. | ||||
CVE-2024-1023 | 1 Redhat | 20 A Mq Clients, Amq Broker, Amq Streams and 17 more | 2025-08-12 | 6.5 Medium |
A vulnerability in the Eclipse Vert.x toolkit results in a memory leak due to using Netty FastThreadLocal data structures. Specifically, when the Vert.x HTTP client establishes connections to different hosts, triggering the memory leak. The leak can be accelerated with intimate runtime knowledge, allowing an attacker to exploit this vulnerability. For instance, a server accepting arbitrary internet addresses could serve as an attack vector by connecting to these addresses, thereby accelerating the memory leak. | ||||
CVE-2025-24844 | 2 Openatom, Openharmony | 2 Openharmony, Openharmony | 2025-08-12 | 3.3 Low |
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory. | ||||
CVE-2025-24925 | 2 Openatom, Openharmony | 2 Openharmony, Openharmony | 2025-08-12 | 3.3 Low |
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory. | ||||
CVE-2025-27562 | 2 Openatom, Openharmony | 2 Openharmony, Openharmony | 2025-08-12 | 3.3 Low |
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory. | ||||
CVE-2023-33049 | 1 Qualcomm | 202 315 5g Iot Modem, 315 5g Iot Modem Firmware, Ar8035 and 199 more | 2025-08-11 | 7.5 High |
Transient DOS in Multi-Mode Call Processor due to UE failure because of heap leakage. | ||||
CVE-2023-33086 | 1 Qualcomm | 314 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 311 more | 2025-08-11 | 7.5 High |
Transient DOS while processing multiple IKEV2 Informational Request to device from IPSEC server with different identifiers. | ||||
CVE-2024-5294 | 2 D-link, Dlink | 3 Dir-3040, Dir-3040, Dir-3040 Firmware | 2025-08-06 | 6.5 Medium |
D-Link DIR-3040 prog.cgi websSecurityHandler Memory Leak Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of D-Link DIR-3040 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the prog.cgi program, which handles HNAP requests made to the lighttpd webserver listening on ports 80 and 443. The issue results from the lack of proper memory management when processing HTTP cookie values. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. . Was ZDI-CAN-21668. | ||||
CVE-2025-53537 | 1 Oisf | 1 Libhtp | 2025-08-05 | 7.5 High |
LibHTP is a security-aware parser for the HTTP protocol and its related bits and pieces. In versions 0.5.50 and below, there is a traffic-induced memory leak that can starve the process of memory, leading to loss of visibility. To workaround this issue, set `suricata.yaml app-layer.protocols.http.libhtp.default-config.lzma-enabled` to false. This issue is fixed in version 0.5.51. | ||||
CVE-2023-7192 | 2 Linux, Redhat | 7 Linux Kernel, Enterprise Linux, Rhel Aus and 4 more | 2025-08-03 | 5.5 Medium |
A memory leak problem was found in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c in the Linux Kernel. This issue may allow a local attacker with CAP_NET_ADMIN privileges to cause a denial of service (DoS) attack due to a refcount overflow. | ||||
CVE-2025-1634 | 1 Redhat | 3 Amq Streams, Camel Quarkus, Quarkus | 2025-08-01 | 7.5 High |
A flaw was found in the quarkus-resteasy extension, which causes memory leaks when client requests with low timeouts are made. If a client request times out, a buffer is not released correctly, leading to increased memory usage and eventual application crash due to OutOfMemoryError. | ||||
CVE-2025-8225 | 1 Gnu | 1 Binutils | 2025-08-01 | 3.3 Low |
A vulnerability was found in GNU Binutils 2.44 and classified as problematic. This issue affects the function process_debug_info of the file binutils/dwarf.c of the component DWARF Section Handler. The manipulation leads to memory leak. Attacking locally is a requirement. The identifier of the patch is e51fdff7d2e538c0e5accdd65649ac68e6e0ddd4. It is recommended to apply a patch to fix this issue. |