Search
Total
3203 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-15410 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2018-10-30 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in PDFium in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | |||||
| CVE-2017-15411 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2018-10-30 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in PDFium in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | |||||
| CVE-2014-1563 | 3 Mozilla, Opensuse, Oracle | 6 Firefox, Firefox Esr, Thunderbird and 3 more | 2018-10-30 | 10.0 HIGH | N/A |
| Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff function in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG animation with DOM interaction that triggers incorrect cycle collection. | |||||
| CVE-2016-5156 | 2 Google, Opensuse | 2 Chrome, Leap | 2018-10-30 | 6.8 MEDIUM | 8.8 HIGH |
| extensions/renderer/event_bindings.cc in the event bindings in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux attempts to process filtered events after failure to add an event matcher, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2016-5280 | 1 Mozilla | 2 Firefox, Firefox Esr | 2018-10-30 | 7.5 HIGH | 9.8 CRITICAL |
| Use-after-free vulnerability in the mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code via bidirectional text. | |||||
| CVE-2016-5281 | 1 Mozilla | 2 Firefox, Firefox Esr | 2018-10-30 | 7.5 HIGH | 9.8 CRITICAL |
| Use-after-free vulnerability in the DOMSVGLength class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between JavaScript code and an SVG document. | |||||
| CVE-2016-7644 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2018-10-30 | 9.3 HIGH | 7.8 HIGH |
| An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app. | |||||
| CVE-2016-5151 | 2 Google, Opensuse | 2 Chrome, Leap | 2018-10-30 | 6.8 MEDIUM | 8.8 HIGH |
| PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux mishandles timers, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted PDF document, related to fpdfsdk/javascript/JS_Object.cpp and fpdfsdk/javascript/app.cpp. | |||||
| CVE-2016-5150 | 2 Google, Opensuse | 2 Chrome, Leap | 2018-10-30 | 6.8 MEDIUM | 8.8 HIGH |
| WebKit/Source/bindings/modules/v8/V8BindingForModules.cpp in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, has an Indexed Database (aka IndexedDB) API implementation that does not properly restrict key-path evaluation, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted JavaScript code that leverages certain side effects. | |||||
| CVE-2012-5133 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2018-10-30 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in Google Chrome before 23.0.1271.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG filters. | |||||
| CVE-2016-7621 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2018-10-30 | 7.2 HIGH | 7.8 HIGH |
| An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component. It allows local users to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via unspecified vectors. | |||||
| CVE-2016-7591 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2018-10-30 | 9.3 HIGH | 6.5 MEDIUM |
| An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "IOHIDFamily" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app. | |||||
| CVE-2012-5145 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2018-10-30 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG layout. | |||||
| CVE-2012-5137 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2018-10-30 | 10.0 HIGH | N/A |
| Use-after-free vulnerability in Google Chrome before 23.0.1271.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the Media Source API. | |||||
| CVE-2016-6265 | 2 Artifex, Opensuse | 3 Mupdf, Leap, Opensuse | 2018-10-30 | 4.3 MEDIUM | 5.5 MEDIUM |
| Use-after-free vulnerability in the pdf_load_xref function in pdf/pdf-xref.c in MuPDF allows remote attackers to cause a denial of service (crash) via a crafted PDF file. | |||||
| CVE-2012-5139 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2018-10-30 | 10.0 HIGH | N/A |
| Use-after-free vulnerability in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to visibility events. | |||||
| CVE-2012-5140 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2018-10-30 | 10.0 HIGH | N/A |
| Use-after-free vulnerability in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the URL loader. | |||||
| CVE-2016-5177 | 5 Debian, Fedoraproject, Google and 2 more | 7 Debian Linux, Fedora, Chrome and 4 more | 2018-10-30 | 6.8 MEDIUM | 8.8 HIGH |
| Use-after-free vulnerability in V8 in Google Chrome before 53.0.2785.143 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2017-15412 | 4 Debian, Google, Redhat and 1 more | 6 Debian Linux, Chrome, Enterprise Linux Desktop and 3 more | 2018-10-25 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2017-14746 | 4 Canonical, Debian, Redhat and 1 more | 6 Ubuntu Linux, Debian Linux, Enterprise Linux Desktop and 3 more | 2018-10-21 | 7.5 HIGH | 9.8 CRITICAL |
| Use-after-free vulnerability in Samba 4.x before 4.7.3 allows remote attackers to execute arbitrary code via a crafted SMB1 request. | |||||
| CVE-2017-6420 | 1 Clamav | 1 Clamav | 2018-10-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The wwunpack function in libclamav/wwunpack.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (use-after-free) via a crafted PE file with WWPack compression. | |||||
| CVE-2018-12294 | 1 Webkit | 1 Webkitgtk\+ | 2018-10-21 | 6.8 MEDIUM | 8.8 HIGH |
| WebCore/platform/graphics/texmap/TextureMapperLayer.cpp in WebKit, as used in WebKitGTK+ prior to version 2.20.2, is vulnerable to a use after free for a WebCore::TextureMapperLayer object. | |||||
| CVE-2018-14424 | 1 Gnome | 1 Gnome Display Manager | 2018-10-18 | 4.6 MEDIUM | 7.8 HIGH |
| The daemon in GDM through 3.29.1 does not properly unexport display objects from its D-Bus interface when they are destroyed, which allows a local attacker to trigger a use-after-free via a specially crafted sequence of D-Bus method calls, resulting in a denial of service or potential code execution. | |||||
| CVE-2017-11403 | 1 Graphicsmagick | 1 Graphicsmagick | 2018-10-18 | 6.8 MEDIUM | 8.8 HIGH |
| The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 has an out-of-order CloseBlob call, resulting in a use-after-free via a crafted file. | |||||
| CVE-2017-18220 | 1 Graphicsmagick | 1 Graphicsmagick | 2018-10-18 | 6.8 MEDIUM | 8.8 HIGH |
| The ReadOneJNGImage and ReadJNGImage functions in coders/png.c in GraphicsMagick 1.3.26 allow remote attackers to cause a denial of service (magick/blob.c CloseBlob use-after-free) or possibly have unspecified other impact via a crafted file, a related issue to CVE-2017-11403. | |||||
| CVE-2017-7805 | 2 Debian, Mozilla | 4 Debian Linux, Firefox, Firefox Esr and 1 more | 2018-10-17 | 5.0 MEDIUM | 7.5 HIGH |
| During TLS 1.2 exchanges, handshake hashes are generated which point to a message buffer. This saved data is used for later messages but in some cases, the handshake transcript can exceed the space available in the current buffer, causing the allocation of a new buffer. This leaves a pointer pointing to the old, freed buffer, resulting in a use-after-free when handshake hashes are then calculated afterwards. This can result in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4. | |||||
| CVE-2016-7892 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player For Linux, Mac Os X and 5 more | 2018-10-12 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the TextField class. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2016-7880 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player For Linux, Mac Os X and 5 more | 2018-10-12 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability when setting the length property of an array object. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2016-7881 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player For Linux, Mac Os X and 5 more | 2018-10-12 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class when handling conversion to an object. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2016-7877 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player For Linux, Mac Os X and 5 more | 2018-10-12 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the Action Message Format serialization (AFM0). Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2016-7872 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player For Linux, Mac Os X and 5 more | 2018-10-12 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class related to objects at multiple presentation levels. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2016-7879 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player For Linux, Mac Os X and 5 more | 2018-10-12 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the NetConnection class when handling an attached script object. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2016-7878 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player For Linux, Mac Os X and 5 more | 2018-10-12 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the PSDK's MediaPlayer class. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2014-1776 | 1 Microsoft | 1 Internet Explorer | 2018-10-12 | 10.0 HIGH | N/A |
| Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the CMarkup::IsConnectedToPrimaryMarkup function, as exploited in the wild in April 2014. NOTE: this issue originally emphasized VGX.DLL, but Microsoft clarified that "VGX.DLL does not contain the vulnerable code leveraged in this exploit. Disabling VGX.DLL is an exploit-specific workaround that provides an immediate, effective workaround to help block known attacks." | |||||
| CVE-2014-0307 | 1 Microsoft | 1 Internet Explorer | 2018-10-12 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a certain sequence of manipulations of a TextRange element, aka "Internet Explorer Memory Corruption Vulnerability." | |||||
| CVE-2014-0322 | 1 Microsoft | 1 Internet Explorer | 2018-10-12 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via vectors involving crafted JavaScript code, CMarkup, and the onpropertychange attribute of a script element, as exploited in the wild in January and February 2014. | |||||
| CVE-2013-1309 | 1 Microsoft | 1 Internet Explorer | 2018-10-12 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1308 and CVE-2013-2551. | |||||
| CVE-2013-1306 | 1 Microsoft | 1 Internet Explorer | 2018-10-12 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1313. | |||||
| CVE-2013-1307 | 1 Microsoft | 1 Internet Explorer | 2018-10-12 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-0811. | |||||
| CVE-2013-1308 | 1 Microsoft | 1 Internet Explorer | 2018-10-12 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1309 and CVE-2013-2551. | |||||
| CVE-2013-1310 | 1 Microsoft | 1 Internet Explorer | 2018-10-12 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability." | |||||
| CVE-2013-1311 | 1 Microsoft | 1 Internet Explorer | 2018-10-12 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability." | |||||
| CVE-2013-1312 | 1 Microsoft | 1 Internet Explorer | 2018-10-12 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability." | |||||
| CVE-2013-2551 | 1 Microsoft | 1 Internet Explorer | 2018-10-12 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1308 and CVE-2013-1309. | |||||
| CVE-2013-0811 | 1 Microsoft | 1 Internet Explorer | 2018-10-12 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1307. | |||||
| CVE-2017-15271 | 1 Psftp | 1 Psftpd | 2018-10-09 | 4.3 MEDIUM | 5.9 MEDIUM |
| A use-after-free issue could be triggered remotely in the SFTP component of PSFTPd 10.0.4 Build 729. This issue could be triggered prior to authentication. The PSFTPd server did not automatically restart, which enabled attackers to perform a very effective DoS attack against this service. By sending a crafted SSH identification / version string to the server, a NULL pointer dereference could be caused, apparently because of a race condition in the window message handling, performing the cleanup for invalid connections. This incorrect cleanup code has a use-after-free. | |||||
| CVE-2017-7185 | 1 Cesanta | 2 Mongoose Embedded Web Server Library, Mongoose Os | 2018-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| Use-after-free vulnerability in the mg_http_multipart_wait_for_boundary function in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.7 and earlier and Mongoose OS 1.2 and earlier allows remote attackers to cause a denial of service (crash) via a multipart/form-data POST request without a MIME boundary string. | |||||
| CVE-2018-3924 | 2 Foxitsoftware, Microsoft | 3 Foxit Reader, Phantompdf, Windows | 2018-10-05 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability. | |||||
| CVE-2018-3939 | 2 Foxitsoftware, Microsoft | 3 Foxit Reader, Phantompdf, Windows | 2018-10-05 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability. | |||||
| CVE-2018-7993 | 1 Huawei | 2 Mate 10, Mate 10 Firmware | 2018-10-04 | 9.3 HIGH | 7.8 HIGH |
| HUAWEI Mate 10 smartphones with versions earlier than ALP-AL00 8.1.0.311 have a use after free vulnerability on mediaserver component. An attacker tricks the user install a malicious application, which make the software to reference memory after it has been freed. Successful exploit could cause execution of arbitrary code. | |||||