CWE-404 737 個 CVE MITRE 定義 ↗

CWE-404:Improper Resource Shutdown or Release

概覽

CWE-404(Improper Resource Shutdown or Release)描述一種在漏洞資料庫與安全評估中使用的弱點類型;定義、背景與對應 CVE 見下方各節。

安全影響
安全影響:因產品與情境而異;請結合 CVE 紀錄、嚴重度評分與 MITRE 說明進行優先級判斷。

描述

The product does not release or incorrectly releases a resource before it is made available for re-use.

適用平台

類型 名稱 普遍性 OS / CPE
language Not Language-Specific Undetermined

本庫相關 CVE

下列 CVE 在本庫中對應到該弱點,並保留以便追溯與檢索。

CVE 公開時間 摘要
CVE-2026-14801 2026-07-06 A security vulnerability has been detected in GPAC 26.03-DEV-rev342-g80071f700-master. The impacted element is the function txtin_probe_duration of the file src/filters/load_text.c of the component Te…
CVE-2026-14790 2026-07-05 A flaw has been found in GPAC 26.02.0. This affects the function nhmldump_send_frame of the file src/filters/write_nhml.c of the component Media File Handler. Executing a manipulation can lead to null…
CVE-2026-14651 2026-07-04 A vulnerability has been found in connorskees grass up to 0.13.4. The impacted element is the function grass_compiler::selector::extend/grass_compiler::evaluate::visitor. The manipulation leads to den…
CVE-2026-14650 2026-07-04 A flaw has been found in connorskees grass up to 0.13.4. The affected element is the function grass_compiler::raw_to_parse_error of the component UTF-8 Character Handler. Executing a manipulation can …
CVE-2026-14629 2026-07-04 A flaw has been found in RT-Thread up to 5.2.2. Affected is the function read/write/sys_ioctl of the file components/lwp/lwp_syscall.c of the component Parameter Handler. Executing a manipulation can …
CVE-2026-14626 2026-07-04 A weakness has been identified in NousResearch hermes-agent up to 2026.4.30. The impacted element is the function AIAgent.run_conversation of the file run_agent.py of the component HTTP API. This mani…
CVE-2026-14624 2026-07-04 A vulnerability was identified in omec-project amf up to 2.0.2/2.1.1. Impacted is an unknown function of the file /go/src/amf/ngap/handler.go of the component NGSetupRequest Handler. The manipulation …
CVE-2026-14623 2026-07-04 A vulnerability was determined in omec-project amf up to 2.1.1. This issue affects the function RRCInactiveTransitionReport of the component NGAP Message Handler. Executing a manipulation can lead to …
CVE-2026-14618 2026-07-04 A vulnerability was detected in Open5GS up to 2.7.7. Affected by this vulnerability is the function amf_nnrf_handle_nf_discover of the file src/amf/nnrf-handler.c of the component AMF. The manipulatio…
CVE-2026-12575 2026-07-01 DVP80ES3 with  Improper Resource Shutdown or Release vulnerability.
CVE-2026-13523 2026-06-28 A weakness has been identified in GPAC up to 26.02.0. This affects an unknown part of the file src/utils/base_encoding.c of the component ISOBMFF Parser. Executing a manipulation can lead to highly co…
CVE-2026-13491 2026-06-28 A vulnerability was detected in 78 xiaozhi-esp32 up to 2.2.6. This vulnerability affects the function Application::GetInstance of the file main/protocols/mqtt_protocol.cc of the component MQTT Goodbye…
CVE-2026-38641 2026-06-26 An issue in the DSO::mmap_and_copy function of relibc commit 61f42d allows attackers to cause a Denial of Service (DoS) via loading a crafted shared library.
CVE-2026-54280 2026-06-22 AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, payload resources are not closed correctly when a client disconnects in the middle of a write. If a pay…
CVE-2026-11317 2026-06-16 A denial of service security issue exists in the affected product. The security issue stems from a fault occurring when a crafted CIP message is sent. Devices with less memory are more likely to be af…
CVE-2026-45174 2026-06-11 Idira Endpoint Privilege Manager Linux Agent versions prior to 26.5 allow a local attacker to potentially compromise the agent daemon initialization. CyberArk Security Bulletin: CA26-19
CVE-2026-47213 2026-06-10 Boxlite is a sandbox service that allows users to create lightweight virtual machines (Boxes) and launch OCI containers within them to run untrusted code. In versions 0.8.2 and prior, Boxlite allows u…
CVE-2026-11312 2026-06-04 A vulnerability was found in bytedance InfiniStore up to 0.2.33. The impacted element is the function purge_kv_map in the library /src/infinistore.h of the component KV Map Handler. Performing a manip…
CVE-2026-10802 2026-06-04 A vulnerability was detected in keystonejs keystone up to 20260319. This vulnerability affects unknown code in the library packages/core/src/lib/core/queries/output-field.ts of the component GraphQL A…
CVE-2026-10775 2026-06-03 A vulnerability was determined in sgl-project SGLang up to 0.5.11. Affected by this vulnerability is the function data_hash of the component Cache Handler. This manipulation causes denial of service. …

內容提交

名稱
PLOVER
日期
2006-07-19
版本
Draft 3

內容修訂

日期 名稱 版本 重要性 評論
2008-07-01 Eric Dalci 1.0 updated Time_of_Introduction
2008-08-15 1.0 Suggested OWASP Top Ten 2004 mapping
2008-09-08 CWE Content Team 1.0 updated Description, Relationships, Other_Notes, Taxonomy_Mappings
2008-10-14 CWE Content Team 1.0.1 updated Relationships
2008-11-24 CWE Content Team 1.1 updated Relationships, Taxonomy_Mappings
2009-01-12 CWE Content Team 1.2 updated Common_Consequences, Likelihood_of_Exploit, Other_Notes, Potential_Mitigations, Relationship_Notes, Relationships, Weakness_Ordinalities
2009-03-10 CWE Content Team 1.3 updated Potential_Mitigations
2009-05-27 CWE Content Team 1.4 updated Description, Relationships
2009-07-27 CWE Content Team 1.5 updated Demonstrative_Examples, Related_Attack_Patterns
2009-10-29 CWE Content Team 1.6 updated Other_Notes
2010-02-16 CWE Content Team 1.8 updated Potential_Mitigations, Relationships
2010-06-21 CWE Content Team 1.9 updated Detection_Factors, Potential_Mitigations
2010-12-13 CWE Content Team 1.11 updated Demonstrative_Examples
2011-03-29 CWE Content Team 1.12 updated Weakness_Ordinalities
2011-06-01 CWE Content Team 1.13 updated Common_Consequences, Relationships, Taxonomy_Mappings
2011-06-27 CWE Content Team 2.0 updated Common_Consequences
2011-09-13 CWE Content Team 2.1 updated Relationships, Taxonomy_Mappings
2012-05-11 CWE Content Team 2.2 updated Demonstrative_Examples, References, Relationships, Taxonomy_Mappings
2014-02-18 CWE Content Team 2.6 updated Demonstrative_Examples
2014-06-23 CWE Content Team 2.7 updated Related_Attack_Patterns
2014-07-30 CWE Content Team 2.8 updated Relationships, Taxonomy_Mappings
2015-12-07 CWE Content Team 2.9 updated Relationships
2017-01-19 CWE Content Team 2.10 updated Relationships
2017-05-03 CWE Content Team 2.11 updated Related_Attack_Patterns
2017-11-08 CWE Content Team 3.0 updated Applicable_Platforms, Functional_Areas, Likelihood_of_Exploit, Relationships, Taxonomy_Mappings
2019-01-03 CWE Content Team 3.2 updated Relationships, Taxonomy_Mappings, Type
2019-06-20 CWE Content Team 3.3 updated Related_Attack_Patterns, Relationships
2020-02-24 CWE Content Team 4.0 updated Relationships
2020-06-25 CWE Content Team 4.1 updated Relationships
2020-08-20 CWE Content Team 4.2 updated Relationships
2020-12-10 CWE Content Team 4.3 updated Relationships
2021-03-15 CWE Content Team 4.4 updated Demonstrative_Examples
2021-07-20 CWE Content Team 4.5 updated Related_Attack_Patterns
2022-10-13 CWE Content Team 4.9 updated Relationships
2023-01-31 CWE Content Team 4.10 updated Description, Detection_Factors
2023-04-27 CWE Content Team 4.11 updated Detection_Factors, Relationships, Time_of_Introduction
2023-06-29 CWE Content Team 4.12 updated Mapping_Notes
2023-10-26 CWE Content Team 4.13 updated Observed_Examples
cvelogic Threat Intelligence