Total
4955 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-9926 | 1 Google | 1 Android | 2017-06-09 | 9.3 HIGH | 7.8 HIGH |
| In GNSS in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist. | |||||
| CVE-2014-9930 | 1 Google | 1 Android | 2017-06-09 | 9.3 HIGH | 7.8 HIGH |
| In WCDMA in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist. | |||||
| CVE-2017-7295 | 1 Contiki-os | 1 Contiki | 2017-06-06 | 7.8 HIGH | 7.5 HIGH |
| An issue was discovered in Contiki Operating System 3.0. A use-after-free vulnerability exists in httpd-simple.c in cc26xx-web-demo httpd, where upon a connection close event, the http_state structure was not deallocated properly, resulting in a NULL pointer dereference in the output processing function. This resulted in a board crash, which can be used to perform denial of service. | |||||
| CVE-2017-9190 | 1 Autotrace Project | 1 Autotrace | 2017-05-28 | 5.0 MEDIUM | 7.5 HIGH |
| libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid free), related to the free_bitmap function in bitmap.c:24:5. | |||||
| CVE-2017-7698 | 1 Swftools | 1 Swftools | 2017-05-25 | 6.8 MEDIUM | 7.8 HIGH |
| A Use After Free in the pdf2swf part of swftools 0.9.2 and earlier allows remote attackers to execute arbitrary code via a malformed PDF document, possibly a consequence of an error in Gfx.cc in Xpdf 3.02. | |||||
| CVE-2017-8929 | 1 Virustotal | 1 Yara | 2017-05-23 | 5.0 MEDIUM | 7.5 HIGH |
| The sized_string_cmp function in libyara/sizedstr.c in YARA 3.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted rule. | |||||
| CVE-2017-5924 | 1 Virustotal | 1 Yara | 2017-05-02 | 5.0 MEDIUM | 7.5 HIGH |
| libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted rule that is mishandled in the yr_compiler_destroy function. | |||||
| CVE-2016-10211 | 1 Virustotal | 1 Yara | 2017-05-02 | 5.0 MEDIUM | 7.5 HIGH |
| libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted rule that is mishandled in the yr_parser_lookup_loop_variable function. | |||||
| CVE-2016-9279 | 1 Samsung | 1 Exynos Fimg2d Driver | 2017-04-25 | 5.0 MEDIUM | 7.5 HIGH |
| Use-after-free vulnerability in the Samsung Exynos fimg2d driver for Android with Exynos 5433, 54xx, or 7420 chipsets allows attackers to obtain sensitive information via unspecified vectors. The Samsung ID is SVE-2016-6853. | |||||
| CVE-2017-7946 | 1 Radare | 1 Radare2 | 2017-04-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The get_relocs_64 function in libr/bin/format/mach0/mach0.c in radare2 1.3.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted Mach0 file. | |||||
| CVE-2013-6647 | 1 Google | 1 Chrome | 2017-04-17 | 7.5 HIGH | 9.8 CRITICAL |
| A use-after-free in AnimationController::endAnimationUpdate in Google Chrome. | |||||
| CVE-2016-7154 | 1 Xen | 1 Xen | 2017-04-10 | 7.2 HIGH | 6.7 MEDIUM |
| Use-after-free vulnerability in the FIFO event channel code in Xen 4.4.x allows local guest OS administrators to cause a denial of service (host crash) and possibly execute arbitrary code or obtain sensitive information via an invalid guest frame number. | |||||
| CVE-2017-7191 | 1 Irssi | 1 Irssi | 2017-03-31 | 7.5 HIGH | 9.8 CRITICAL |
| The netjoin processing in Irssi 1.x before 1.0.2 allows attackers to cause a denial of service (use-after-free) and possibly execute arbitrary code via unspecified vectors. | |||||
| CVE-2017-5666 | 1 Mp3splt Project | 1 Mp3splt | 2017-03-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| The free_options function in options_manager.c in mp3splt 2.6.2 allows remote attackers to cause a denial of service (invalid free and crash) via a crafted file. | |||||
| CVE-2016-6082 | 1 Ibm | 1 Bigfix Platform | 2017-02-08 | 10.0 HIGH | 10.0 CRITICAL |
| IBM BigFix Platform could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free race condition. An attacker could exploit this vulnerability to execute arbitrary code on the system. | |||||
| CVE-2016-3177 | 1 Giflib Project | 1 Giflib | 2017-01-24 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple use-after-free and double-free vulnerabilities in gifcolor.c in GIFLIB 5.1.2 have unspecified impact and attack vectors. | |||||
| CVE-2016-9678 | 1 Citrix | 1 Provisioning Services | 2017-01-23 | 7.5 HIGH | 9.8 CRITICAL |
| Use-after-free vulnerability in Citrix Provisioning Services before 7.12 allows attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2016-9584 | 1 Libical Project | 1 Libical | 2017-01-20 | 6.4 MEDIUM | 9.1 CRITICAL |
| libical allows remote attackers to cause a denial of service (use-after-free) and possibly read heap memory via a crafted ics file. | |||||
| CVE-2017-2951 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader Dc and 3 more | 2017-01-18 | 9.3 HIGH | 7.8 HIGH |
| Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the XFA engine, related to sub-form functionality. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-2955 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader Dc and 3 more | 2017-01-18 | 9.3 HIGH | 7.8 HIGH |
| Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the JavaScript engine. Successful exploitation could lead to arbitrary code execution. | |||||