Vulnerabilities > Use After Free

DATE CVE VULNERABILITY TITLE RISK
2020-01-14 CVE-2020-7053 Use After Free vulnerability in Linux Kernel
In the Linux kernel 4.14 longterm through 4.14.165 and 4.19 longterm through 4.19.96 (and 5.x before 5.2), there is a use-after-free (write) in the i915_ppgtt_close function in drivers/gpu/drm/i915/i915_gem_gtt.c, aka CID-7dc40713618c.
local
low complexity
linux CWE-416
7.8
2020-01-11 CVE-2020-6840 Use After Free vulnerability in Mruby 2.1.0
In mruby 2.1.0, there is a use-after-free in hash_slice in mrbgems/mruby-hash-ext/src/hash-ext.c.
network
low complexity
mruby CWE-416
7.5
2020-01-11 CVE-2020-6838 Use After Free vulnerability in Mruby 2.1.0
In mruby 2.1.0, there is a use-after-free in hash_values_at in mrbgems/mruby-hash-ext/src/hash-ext.c.
network
low complexity
mruby CWE-416
7.5
2020-01-10 CVE-2020-6377 Use After Free vulnerability in multiple products
Use after free in audio in Google Chrome prior to 79.0.3945.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
8.8
2020-01-10 CVE-2019-13767 Use After Free vulnerability in multiple products
Use after free in media picker in Google Chrome prior to 79.0.3945.88 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject opensuse CWE-416
8.8
2020-01-08 CVE-2019-17008 Use After Free vulnerability in Mozilla Firefox and Firefox ESR
When using nested workers, a use-after-free could occur during worker destruction.
6.8
2020-01-08 CVE-2019-11757 Use After Free vulnerability in multiple products
When following the value's prototype chain, it was possible to retain a reference to a locale, delete it, and subsequently reference it.
network
low complexity
mozilla canonical CWE-416
8.8
2020-01-08 CVE-2019-11756 Use After Free vulnerability in Mozilla Firefox
Improper refcounting of soft token session objects could cause a use-after-free and crash (likely limited to a denial of service).
network
mozilla CWE-416
6.8
2020-01-08 CVE-2020-0002 Use After Free vulnerability in Google Android
In ih264d_init_decoder of ih264d_api.c, there is a possible out of bounds write due to a use after free.
network
google CWE-416
critical
9.3
2020-01-03 CVE-2019-13766 Use After Free vulnerability in Google Chrome
Use-after-free in accessibility in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google CWE-416
6.5