Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via network access.
CWE-772
CVE-2018-21028
Boa through 0.94.14rc21 allows remote attackers to trigger a memory leak because of missing calls to the free function.
CVE-2018-20657
The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, has a memory leak via a crafted string, leading to a denial of service (memory consumption), as demonstrated by cxxfilt, a related issue to CVE-2018-12698.
CVE-2018-20622
JasPer 2.0.14 has a memory leak in base/jas_malloc.c in libjasper.a when “–output-format jp2” is used.
CVE-2018-20540
There is memory leak at liblas::Open (liblas/liblas.hpp) in libLAS 1.8.1.
CVE-2018-20407
An issue was discovered in Bento4 1.5.1-627. There is a memory leak in AP4_DescriptorFactory::CreateDescriptorFromStream in Core/Ap4DescriptorFactory.cpp, as demonstrated by mp42hls.