CVE-2017-14138 — CVSS 9.8 (critical): ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in coders/webp.c because memory is not freed in certain error cases…
CVE-2017-11641 — CVSS 9.8 (critical): GraphicsMagick 1.3.26 has a Memory Leak in the PersistCache function in magick/pixel_cache.c during writing of Magick Persistent Cache…
CVE-2020-14339 — CVSS 8.8 (high): A flaw was found in libvirt, where it leaked a file descriptor for `/dev/mapper/control` into the QEMU process. This file descriptor allows…
CVE-2017-13146 — CVSS 8.8 (high): In ImageMagick before 6.9.8-5 and 7.x before 7.0.5-6, there is a memory leak in the ReadMATImage function in coders/mat.c.
CVE-2017-11310 — CVSS 8.8 (high): The read_user_chunk_callback function in coders\png.c in ImageMagick 7.0.6-1 Q16 2017-06-21 (beta) has memory leak vulnerabilities via…
CVE-2017-11170 — CVSS 8.8 (high): The ReadTGAImage function in coders\tga.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via…
CVE-2026-20082 — CVSS 8.6 (high): A vulnerability in the handling of the embryonic connection limits in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software…
CVE-2025-30256 — CVSS 8.6 (high): A denial of service vulnerability exists in the HTTP Header Parsing functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted…
CVE-2024-2398 — CVSS 8.6 (high): When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the…
CVE-2023-20095 — CVSS 8.6 (high): A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense…
CVE-2022-20697 — CVSS 8.6 (high): A vulnerability in the web services interface of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker…
CVE-2021-1523 — CVSS 8.6 (high): A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated…
CVE-2018-0421 — CVSS 8.6 (high): A vulnerability in TCP connection management in Cisco Prime Access Registrar could allow an unauthenticated, remote attacker to cause a…
CVE-2017-12245 — CVSS 8.6 (high): A vulnerability in SSL traffic decryption for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker…
CVE-2026-35227: An unauthenticated remote attacker may exhaust all available TCP connections in the CODESYS Modbus TCP Server stack if a race condition in…
CVE-2019-18198 — CVSS 7.8 (high): In the Linux kernel before 5.3.4, a reference count usage error in the fib6_rule_suppress() function in the fib6 suppression feature of…
CVE-2017-1000408 — CVSS 7.8 (high): A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached and amplified through the LD_HWCAP_MASK environment variable. Please…
CVE-2017-0719 — CVSS 7.8 (high): A remote code execution vulnerability in the Android media framework (mpeg2 decoder). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1…
CVE-2010-4683 — CVSS 7.8 (high): Memory leak in Cisco IOS before 15.0(1)XA5 might allow remote attackers to cause a denial of service (memory consumption) by sending a…
CVE-2008-3799 — CVSS 7.8 (high): Memory leak in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote…
CVE-2021-1620 — CVSS 7.7 (high): A vulnerability in the Internet Key Exchange Version 2 (IKEv2) support for the AutoReconnect feature of Cisco IOS Software and Cisco IOS XE…
CVE-2020-15114 — CVSS 7.7 (high): In etcd before versions 3.3.23 and 3.4.10, the etcd gateway is a simple TCP proxy to allow for basic service discovery and access. However…
CVE-2019-18214 — CVSS 7.7 (high): The Video_Converter app 0.1.0 for Nextcloud allows denial of service (CPU and memory consumption) via multiple concurrent conversions…
CVE-2019-1965 — CVSS 7.7 (high): A vulnerability in the Virtual Shell (VSH) session management for Cisco NX-OS Software could allow an authenticated, remote attacker to…
CVE-2026-13351 — CVSS 7.5 (high): Zephyr's IPv6 network stack can be prevented from receiving or processing future incoming packets by sending a small number of maliciously…
CVE-2026-42577 — CVSS 7.5 (high): Netty is an asynchronous, event-driven network application framework. From 4.2.0.Final to 4.2.13.Final , Netty's epoll transport fails to…
CVE-2026-39455 — CVSS 7.5 (high): When the BIG-IP Configuration utility is configured to use Lightweight Directory Access Protocol (LDAP) authentication, undisclosed traffic…
CVE-2026-2261 — CVSS 7.5 (high): Due to a programming error, blocklistd leaks a socket descriptor for each adverse event report it receives. Once a certain number of leaked…
CVE-2026-2359 — CVSS 7.5 (high): Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability in Multer prior to version 2.1.0 allows an attacker to…
CVE-2025-36128 — CVSS 7.5 (high): IBM MQ 9.1, 9.2, 9.3, 9.4 LTS and 9.3, 9.4 CD is vulnerable to a denial of service, caused by improper enforcement of the timeout on…
CVE-2025-22891 — CVSS 7.5 (high): When BIG-IP PEM Control Plane listener Virtual Server is configured with Diameter Endpoint profile, undisclosed traffic can cause the…
CVE-2025-24120 — CVSS 7.5 (high): This issue was addressed by improved management of object lifetimes. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS…
CVE-2024-52303 — CVSS 7.5 (high): aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In versions starting with 3.10.6 and prior to 3.10.11, a…
CVE-2024-49769 — CVSS 7.5 (high): Waitress is a Web Server Gateway Interface server for Python 2 and 3. When a remote client closes the connection before waitress has had…
CVE-2024-39562 — CVSS 7.5 (high): A Missing Release of Resource after Effective Lifetime vulnerability the xinetd process, responsible for spawning SSH daemon (sshd)…
CVE-2024-21789 — CVSS 7.5 (high): When a BIG-IP ASM/Advanced WAF security policy is configured on a virtual server, undisclosed requests can cause an increase in memory…