Vulnerabilities > Use After Free

DATE CVE VULNERABILITY TITLE RISK
2018-07-06 CVE-2018-3564 Use After Free vulnerability in Google Android
In the FastRPC driver in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, a Use After Free condition can occur when mapping on the remote processor fails.
local
low complexity
google CWE-416
7.8
2018-07-06 CVE-2018-11258 Use After Free vulnerability in Qualcomm products
In ADSP RPC in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, a Use After Free condition can occur in versions MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDX20.
local
low complexity
qualcomm CWE-416
7.8
2018-06-28 CVE-2018-12929 Use After Free vulnerability in multiple products
ntfs_read_locked_inode in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a use-after-free read and possibly cause a denial of service (kernel oops or panic) via a crafted ntfs filesystem.
local
low complexity
linux canonical CWE-416
5.5
2018-06-26 CVE-2018-12882 Use After Free vulnerability in multiple products
exif_read_from_impl in ext/exif/exif.c in PHP 7.2.x through 7.2.7 allows attackers to trigger a use-after-free (in exif_read_from_file) because it closes a stream that it is not responsible for closing.
network
low complexity
php canonical netapp CWE-416
critical
9.8
2018-06-19 CVE-2018-12294 Use After Free vulnerability in Webkit Webkitgtk+
WebCore/platform/graphics/texmap/TextureMapperLayer.cpp in WebKit, as used in WebKitGTK+ prior to version 2.20.2, is vulnerable to a use after free for a WebCore::TextureMapperLayer object.
network
low complexity
webkit CWE-416
8.8
2018-06-15 CVE-2018-5857 Use After Free vulnerability in Google Android
In the WCD CPE codec, a Use After Free condition can occur in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel.
local
low complexity
google CWE-416
7.8
2018-06-13 CVE-2018-12320 Use After Free vulnerability in Radare Radare2 2.6.0
There is a use after free in radare2 2.6.0 in r_anal_bb_free() in libr/anal/bb.c via a crafted Java binary file.
local
low complexity
radare CWE-416
7.8
2018-06-13 CVE-2018-12292 Use After Free vulnerability in Palemoon Pale Moon
A use-after-free vulnerability exists in DOMProxyHandler::EnsureExpandoObject in Pale Moon before 27.9.3.
network
low complexity
palemoon CWE-416
critical
9.8
2018-06-12 CVE-2018-5849 Use After Free vulnerability in Google Android
Due to a race condition in the QTEECOM driver in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel, when more than one HLOS client loads the same TA, a Use After Free condition can occur.
local
high complexity
google CWE-416
7.0
2018-06-12 CVE-2018-5847 Use After Free vulnerability in Google Android
Early or late retirement of rotation requests can result in a Use After Free condition in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
local
low complexity
google CWE-416
7.8