Total
4060 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-18066 | 1 Google | 1 Android | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper controls in MSM CORE leads to use memory after it is freed in msm_core_ioctl(). | |||||
CVE-2018-8964 | 1 Libming | 1 Libming | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
In libming 0.4.8, the decompileDELETE function of decompile.c has a use-after-free. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file. | |||||
CVE-2018-11258 | 1 Qualcomm | 42 Mdm9206, Mdm9206 Firmware, Mdm9607 and 39 more | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
In ADSP RPC in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, a Use After Free condition can occur in versions MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDX20. | |||||
CVE-2017-18144 | 1 Qualcomm | 28 Msm8909w, Msm8909w Firmware, Sd 205 and 25 more | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, while processing the retransmission of WPA supplicant command send failures, there is a make after break of the connection to WPA supplicant where the local pointer is not properly updated. If the WPA supplicant command transmission fails, a Use After Free condition will occur. | |||||
CVE-2018-6641 | 1 Wiris | 1 Mathtype | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
An Arbitrary Free (Remote Code Execution) issue was discovered in Design Science MathType 6.9c. Crafted input can overwrite a structure, leading to a function call with an invalid parameter, and a subsequent free of important data such as a function pointer or list pointer. This is fixed in 6.9d. | |||||
CVE-2017-5129 | 2 Debian, Google | 2 Debian Linux, Chrome | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
A use after free in WebAudio in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | |||||
CVE-2018-9956 | 1 Foxitsoftware | 2 Foxit Reader, Phantompdf | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA Button elements. When setting the title attribute, the process does not properly validate the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5617. | |||||
CVE-2018-12292 | 1 Palemoon | 1 Pale Moon | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
A use-after-free vulnerability exists in DOMProxyHandler::EnsureExpandoObject in Pale Moon before 27.9.3. | |||||
CVE-2018-3564 | 1 Google | 1 Android | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
In the FastRPC driver in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, a Use After Free condition can occur when mapping on the remote processor fails. | |||||
CVE-2017-18234 | 3 Canonical, Debian, Exempi Project | 3 Ubuntu Linux, Debian Linux, Exempi | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
An issue was discovered in Exempi before 2.4.3. It allows remote attackers to cause a denial of service (invalid memcpy with resultant use-after-free) or possibly have unspecified other impact via a .pdf file containing JPEG data, related to XMPFiles/source/FormatSupport/ReconcileTIFF.cpp, XMPFiles/source/FormatSupport/TIFF_MemoryReader.cpp, and XMPFiles/source/FormatSupport/TIFF_Support.hpp. | |||||
CVE-2018-5100 | 2 Canonical, Mozilla | 2 Ubuntu Linux, Firefox | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
A use-after-free vulnerability can occur when arguments passed to the "IsPotentiallyScrollable" function are freed while still in use by scripts. This results in a potentially exploitable crash. This vulnerability affects Firefox < 58. | |||||
CVE-2018-0491 | 1 Torproject | 1 Tor | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
A use-after-free issue was discovered in Tor 0.3.2.x before 0.3.2.10. It allows remote attackers to cause a denial of service (relay crash) because the KIST implementation allows a channel to be added more than once in the pending list. | |||||
CVE-2018-9945 | 1 Foxitsoftware | 2 Foxit Reader, Phantompdf | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the getField method. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5382. | |||||
CVE-2018-5160 | 2 Canonical, Mozilla | 2 Ubuntu Linux, Firefox | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
WebRTC can use a "WrappedI420Buffer" pixel buffer but the owning image object can be freed while it is still in use. This can result in the WebRTC encoder using uninitialized memory, leading to a potentially exploitable crash. This vulnerability affects Firefox < 60. | |||||
CVE-2017-7806 | 1 Mozilla | 1 Firefox | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
A use-after-free vulnerability can occur when the layer manager is freed too early when rendering specific SVG content, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 55. | |||||
CVE-2018-1000051 | 2 Artifex, Debian | 2 Mupdf, Debian Linux | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
Artifex Mupdf version 1.12.0 contains a Use After Free vulnerability in fz_keep_key_storable that can result in DOS / Possible code execution. This attack appear to be exploitable via Victim opens a specially crafted PDF. | |||||
CVE-2018-5098 | 4 Canonical, Debian, Mozilla and 1 more | 10 Ubuntu Linux, Debian Linux, Firefox and 7 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
A use-after-free vulnerability can occur when form input elements, focus, and selections are manipulated by script content. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58. | |||||
CVE-2018-4911 | 1 Adobe | 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the JavaScript API related to bookmark functionality. The vulnerability is triggered by crafted JavaScript code embedded within a PDF file. A successful attack can lead to code corruption, control-flow hijack, or a code re-use attack. | |||||
CVE-2018-8806 | 1 Libming | 1 Libming | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
In libming 0.4.8, there is a use-after-free in the decompileArithmeticOp function of decompile.c. Remote attackers could use this vulnerability to cause a denial-of-service via a crafted swf file. | |||||
CVE-2017-7800 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Firefox Esr and 7 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
A use-after-free vulnerability can occur in WebSockets when the object holding the connection is freed before the disconnection operation is finished. This results in an exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55. |