Total
3445 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-9926 | 1 Google | 1 Android | 2017-06-09 | 9.3 HIGH | 7.8 HIGH |
| In GNSS in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist. | |||||
| CVE-2014-9930 | 1 Google | 1 Android | 2017-06-09 | 9.3 HIGH | 7.8 HIGH |
| In WCDMA in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist. | |||||
| CVE-2017-7295 | 1 Contiki-os | 1 Contiki | 2017-06-06 | 7.8 HIGH | 7.5 HIGH |
| An issue was discovered in Contiki Operating System 3.0. A use-after-free vulnerability exists in httpd-simple.c in cc26xx-web-demo httpd, where upon a connection close event, the http_state structure was not deallocated properly, resulting in a NULL pointer dereference in the output processing function. This resulted in a board crash, which can be used to perform denial of service. | |||||
| CVE-2017-9190 | 1 Autotrace Project | 1 Autotrace | 2017-05-28 | 5.0 MEDIUM | 7.5 HIGH |
| libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid free), related to the free_bitmap function in bitmap.c:24:5. | |||||
| CVE-2017-7698 | 1 Swftools | 1 Swftools | 2017-05-24 | 6.8 MEDIUM | 7.8 HIGH |
| A Use After Free in the pdf2swf part of swftools 0.9.2 and earlier allows remote attackers to execute arbitrary code via a malformed PDF document, possibly a consequence of an error in Gfx.cc in Xpdf 3.02. | |||||
| CVE-2017-8929 | 1 Virustotal | 1 Yara | 2017-05-23 | 5.0 MEDIUM | 7.5 HIGH |
| The sized_string_cmp function in libyara/sizedstr.c in YARA 3.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted rule. | |||||
| CVE-2017-5924 | 1 Virustotal | 1 Yara | 2017-05-01 | 5.0 MEDIUM | 7.5 HIGH |
| libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted rule that is mishandled in the yr_compiler_destroy function. | |||||
| CVE-2016-10211 | 1 Virustotal | 1 Yara | 2017-05-01 | 5.0 MEDIUM | 7.5 HIGH |
| libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted rule that is mishandled in the yr_parser_lookup_loop_variable function. | |||||
| CVE-2016-9279 | 1 Samsung | 1 Exynos Fimg2d Driver | 2017-04-24 | 5.0 MEDIUM | 7.5 HIGH |
| Use-after-free vulnerability in the Samsung Exynos fimg2d driver for Android with Exynos 5433, 54xx, or 7420 chipsets allows attackers to obtain sensitive information via unspecified vectors. The Samsung ID is SVE-2016-6853. | |||||
| CVE-2017-7946 | 1 Radare | 1 Radare2 | 2017-04-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The get_relocs_64 function in libr/bin/format/mach0/mach0.c in radare2 1.3.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted Mach0 file. | |||||
| CVE-2013-6647 | 1 Google | 1 Chrome | 2017-04-17 | 7.5 HIGH | 9.8 CRITICAL |
| A use-after-free in AnimationController::endAnimationUpdate in Google Chrome. | |||||
| CVE-2016-10217 | 1 Artifex | 1 Ghostscript | 2017-04-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| The pdf14_open function in base/gdevp14.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted file that is mishandled in the color management module. | |||||
| CVE-2016-7154 | 1 Xen | 1 Xen | 2017-04-09 | 7.2 HIGH | 6.7 MEDIUM |
| Use-after-free vulnerability in the FIFO event channel code in Xen 4.4.x allows local guest OS administrators to cause a denial of service (host crash) and possibly execute arbitrary code or obtain sensitive information via an invalid guest frame number. | |||||
| CVE-2017-7191 | 1 Irssi | 1 Irssi | 2017-03-31 | 7.5 HIGH | 9.8 CRITICAL |
| The netjoin processing in Irssi 1.x before 1.0.2 allows attackers to cause a denial of service (use-after-free) and possibly execute arbitrary code via unspecified vectors. | |||||
| CVE-2017-7264 | 1 Artifex | 1 Mupdf | 2017-03-28 | 6.8 MEDIUM | 7.8 HIGH |
| Use-after-free vulnerability in the fz_subsample_pixmap function in fitz/pixmap.c in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted document. | |||||
| CVE-2017-6874 | 1 Linux | 1 Linux Kernel | 2017-03-15 | 6.9 MEDIUM | 7.0 HIGH |
| Race condition in kernel/ucount.c in the Linux kernel through 4.10.2 allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via crafted system calls that leverage certain decrement behavior that causes incorrect interaction between put_ucounts and get_ucounts. | |||||
| CVE-2017-5666 | 1 Mp3splt Project | 1 Mp3splt | 2017-03-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| The free_options function in options_manager.c in mp3splt 2.6.2 allows remote attackers to cause a denial of service (invalid free and crash) via a crafted file. | |||||
| CVE-2017-5357 | 2 Fedoraproject, Gnu | 2 Fedora, Ed | 2017-02-17 | 5.0 MEDIUM | 7.5 HIGH |
| regex.c in GNU ed before 1.14.1 allows attackers to cause a denial of service (crash) via a malformed command, which triggers an invalid free. | |||||
| CVE-2016-6082 | 1 Ibm | 1 Bigfix Platform | 2017-02-08 | 10.0 HIGH | 10.0 CRITICAL |
| IBM BigFix Platform could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free race condition. An attacker could exploit this vulnerability to execute arbitrary code on the system. | |||||
| CVE-2016-3177 | 1 Giflib Project | 1 Giflib | 2017-01-24 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple use-after-free and double-free vulnerabilities in gifcolor.c in GIFLIB 5.1.2 have unspecified impact and attack vectors. | |||||