Vulnerabilities (CVE)

Filtered by CWE-416
Total 3970 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-8807 1 Libming 1 Libming 2023-12-10 4.3 MEDIUM 6.5 MEDIUM
In libming 0.4.8, these is a use-after-free in the function decompileCALLFUNCTION of decompile.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file.
CVE-2018-11496 2 Debian, Long Range Zip Project 2 Debian Linux, Long Range Zip 2023-12-10 4.3 MEDIUM 6.5 MEDIUM
In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in read_stream in stream.c, because decompress_file in lrzip.c lacks certain size validation.
CVE-2018-8963 1 Libming 1 Libming 2023-12-10 4.3 MEDIUM 6.5 MEDIUM
In libming 0.4.8, the decompileGETVARIABLE function of decompile.c has a use-after-free. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file.
CVE-2018-9957 1 Foxitsoftware 2 Foxit Reader, Phantompdf 2023-12-10 6.8 MEDIUM 8.8 HIGH
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA Button elements. When parsing arguments passed to the resetData method, the process does not properly validate the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5618.
CVE-2018-1000039 1 Artifex 1 Mupdf 2023-12-10 6.8 MEDIUM 7.8 HIGH
In MuPDF 1.12.0 and earlier, multiple heap use after free bugs in the PDF parser could allow an attacker to execute arbitrary code, read memory, or cause a denial of service via a crafted file.
CVE-2018-9959 1 Foxitsoftware 2 Foxit Reader, Phantompdf 2023-12-10 6.8 MEDIUM 8.8 HIGH
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of the pageNum document attribute. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5432.
CVE-2018-3571 1 Google 1 Android 2023-12-10 4.6 MEDIUM 7.8 HIGH
In the KGSL driver in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel, a Use After Free condition can occur when printing information about sparse memory allocations
CVE-2017-5126 2 Debian, Google 2 Debian Linux, Chrome 2023-12-10 6.8 MEDIUM 8.8 HIGH
A use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
CVE-2017-7751 3 Debian, Mozilla, Redhat 10 Debian Linux, Firefox, Firefox Esr and 7 more 2023-12-10 7.5 HIGH 9.8 CRITICAL
A use-after-free vulnerability with content viewer listeners that results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
CVE-2018-5859 1 Google 1 Android 2023-12-10 4.4 MEDIUM 7.0 HIGH
Due to a race condition in the MDSS MDP driver in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, a Use After Free condition can occur.
CVE-2016-9067 1 Mozilla 1 Firefox 2023-12-10 5.0 MEDIUM 6.5 MEDIUM
Two use-after-free errors during DOM operations resulting in potentially exploitable crashes. This vulnerability affects Firefox < 50.
CVE-2018-10119 4 Canonical, Debian, Libreoffice and 1 more 6 Ubuntu Linux, Debian Linux, Libreoffice and 3 more 2023-12-10 6.8 MEDIUM 7.8 HIGH
sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service (use-after-free with write access) or possibly have unspecified other impact via a crafted document that uses the structured storage ole2 wrapper file format.
CVE-2018-1000030 2 Canonical, Python 2 Ubuntu Linux, Python 2023-12-10 3.3 LOW 3.6 LOW
Python 2.7.14 is vulnerable to a Heap-Buffer-Overflow as well as a Heap-Use-After-Free. Python versions prior to 2.7.14 may also be vulnerable and it appears that Python 2.7.17 and prior may also be vulnerable however this has not been confirmed. The vulnerability lies when multiply threads are handling large amounts of data. In both cases there is essentially a race condition that occurs. For the Heap-Buffer-Overflow, Thread 2 is creating the size for a buffer, but Thread1 is already writing to the buffer without knowing how much to write. So when a large amount of data is being processed, it is very easy to cause memory corruption using a Heap-Buffer-Overflow. As for the Use-After-Free, Thread3->Malloc->Thread1->Free's->Thread2-Re-uses-Free'd Memory. The PSRT has stated that this is not a security vulnerability due to the fact that the attacker must be able to run code, however in some situations, such as function as a service, this vulnerability can potentially be used by an attacker to violate a trust boundary, as such the DWF feels this issue deserves a CVE.
CVE-2017-18218 1 Linux 1 Linux Kernel 2023-12-10 7.2 HIGH 7.8 HIGH
In drivers/net/ethernet/hisilicon/hns/hns_enet.c in the Linux kernel before 4.13, local users can cause a denial of service (use-after-free and BUG) or possibly have unspecified other impact by leveraging differences in skb handling between hns_nic_net_xmit_hw and hns_nic_net_xmit.
CVE-2016-5287 1 Mozilla 1 Firefox 2023-12-10 7.5 HIGH 9.8 CRITICAL
A potentially exploitable use-after-free crash during actor destruction with service workers. This issue does not affect releases earlier than Firefox 49. This vulnerability affects Firefox < 49.0.2.
CVE-2018-4980 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more 2023-12-10 6.8 MEDIUM 8.8 HIGH
Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
CVE-2017-13257 1 Google 1 Android 2023-12-10 4.3 MEDIUM 6.5 MEDIUM
In bta_pan_data_buf_ind_cback of bta_pan_act.cc there is a use after free that can result in an out of bounds read of memory allocated via malloc. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-67110692.
CVE-2018-10302 1 Foxitsoftware 2 Foxit Reader, Phantompdf 2023-12-10 6.8 MEDIUM 7.8 HIGH
A use-after-free in Foxit Reader before 9.1 and PhantomPDF before 9.1 allows remote attackers to execute arbitrary code, aka iDefense ID V-jyb51g3mv9.
CVE-2018-0946 1 Microsoft 2 Chakracore, Edge 2023-12-10 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139.
CVE-2017-5402 3 Debian, Mozilla, Redhat 10 Debian Linux, Firefox, Firefox Esr and 7 more 2023-12-10 7.5 HIGH 9.8 CRITICAL
A use-after-free can occur when events are fired for a "FontFace" object after the object has been already been destroyed while working with fonts. This results in a potentially exploitable crash. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8.