Total
5513 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-5287 | 1 Mozilla | 1 Firefox | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A potentially exploitable use-after-free crash during actor destruction with service workers. This issue does not affect releases earlier than Firefox 49. This vulnerability affects Firefox < 49.0.2. | |||||
| CVE-2016-4761 | 2 Canonical, Webkitgtk | 2 Ubuntu Linux, Webkitgtk\+ | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| WebKitGTK+ before 2.14.0: A use-after-free vulnerability can allow remote attackers to cause a DoS | |||||
| CVE-2016-1573 | 1 Ubports | 1 Unity8 | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Versions of Unity8 before 8.11+16.04.20160122-0ubuntu1 file plugins/Dash/CardCreator.js will execute any code found in place of a fallback image supplied by a scope. | |||||
| CVE-2016-10906 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.4 MEDIUM | 7.0 HIGH |
| An issue was discovered in drivers/net/ethernet/arc/emac_main.c in the Linux kernel before 4.5. A use-after-free is caused by a race condition between the functions arc_emac_tx and arc_emac_tx_clean. | |||||
| CVE-2016-10905 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 6.1 MEDIUM | 7.8 HIGH |
| An issue was discovered in fs/gfs2/rgrp.c in the Linux kernel before 4.8. A use-after-free is caused by the functions gfs2_clear_rgrpd and read_rindex_entry. | |||||
| CVE-2016-1000006 | 1 Facebook | 1 Hhvm | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| hhvm before 3.12.11 has a use-after-free in the serialize_memoize_param() and ResourceBundle::__construct() functions. | |||||
| CVE-2015-1606 | 2 Debian, Gnupg | 2 Debian Linux, Gnupg | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The keyring DB in GnuPG before 2.1.2 does not properly handle invalid packets, which allows remote attackers to cause a denial of service (invalid read and use-after-free) via a crafted keyring file. | |||||
| CVE-2014-9482 | 1 Libdwarf Project | 1 Libdwarf | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Use-after-free vulnerability in dwarfdump in libdwarf 20130126 through 20140805 might allow remote attackers to cause a denial of service (program crash) via a crafted ELF file. | |||||
| CVE-2014-3622 | 1 Php | 1 Php | 2024-11-21 | 6.8 MEDIUM | 9.8 CRITICAL |
| Use-after-free vulnerability in the add_post_var function in the Posthandler component in PHP 5.6.x before 5.6.1 might allow remote attackers to execute arbitrary code by leveraging a third-party filter extension that accesses a certain ksep value. | |||||
| CVE-2014-3471 | 1 Qemu | 1 Qemu | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Use-after-free vulnerability in hw/pci/pcie.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (QEMU instance crash) via hotplug and hotunplug operations of Virtio block devices. | |||||
| CVE-2014-10046 | 1 Qualcomm | 30 Mdm9615, Mdm9615 Firmware, Mdm9625 and 27 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 808, and SD 810, use after free vulnerability when the PDN throttle info block is freed without clearing the corresponding active timer. | |||||
| CVE-2013-2830 | 1 Sumatrapdfreader | 1 Sumatrapdf | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Use-after-free vulnerability in SumatraPDF Reader 2.x before 2.2.1 allows remote attackers to execute arbitrary code via a crafted PDF file. | |||||
| CVE-2011-2353 | 1 Google | 1 Blink | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Use after free vulnerability in documentloader in WebKit in Google Chrome before Blink M13 in DocumentWriter::replaceDocument function. | |||||
| CVE-2011-2334 | 1 Google | 1 Blink | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Use after free vulnerability exists in WebKit in Google Chrome before Blink M12 in RenderLayerwhen removing elements with reflections. | |||||
| CVE-2024-33023 | 1 Qualcomm | 314 Ar8035, Ar8035 Firmware, Csra6620 and 311 more | 2024-11-20 | N/A | 7.8 HIGH |
| Memory corruption while creating a fence to wait on timeline events, and simultaneously signal timeline events. | |||||
| CVE-2024-33028 | 1 Qualcomm | 276 Ar8035, Ar8035 Firmware, Csra6620 and 273 more | 2024-11-20 | N/A | 7.8 HIGH |
| Memory corruption as fence object may still be accessed in timeline destruct after isync fence is released. | |||||
| CVE-2024-33034 | 1 Qualcomm | 210 Fastconnect 6200, Fastconnect 6200 Firmware, Fastconnect 6700 and 207 more | 2024-11-20 | N/A | 7.8 HIGH |
| Memory corruption can occur if VBOs hold outdated or invalid GPU SMMU mappings, especially when the binding and reclaiming of memory buffers are performed at the same time. | |||||
| CVE-2024-43459 | 1 Microsoft | 3 Sql Server 2016, Sql Server 2017, Sql Server 2019 | 2024-11-19 | N/A | 8.8 HIGH |
| SQL Server Native Client Remote Code Execution Vulnerability | |||||
| CVE-2023-4679 | 1 Gpac | 1 Gpac | 2024-11-19 | N/A | 5.5 MEDIUM |
| A use after free vulnerability exists in GPAC version 2.3-DEV-revrelease, specifically in the gf_filterpacket_del function in filter_core/filter.c at line 38. This vulnerability can lead to a double-free condition, which may cause the application to crash. | |||||
| CVE-2024-43642 | 1 Microsoft | 6 Windows 11 22h2, Windows 11 23h2, Windows 11 24h2 and 3 more | 2024-11-18 | N/A | 7.5 HIGH |
| Windows SMB Denial of Service Vulnerability | |||||