Vulnerabilities > Use After Free
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-11 | CVE-2018-18336 | Use After Free vulnerability in multiple products Incorrect object lifecycle in PDFium in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | 8.8 |
| 2018-12-11 | CVE-2018-17481 | Use After Free vulnerability in multiple products Incorrect object lifecycle handling in PDFium in Google Chrome prior to 71.0.3578.98 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | 8.8 |
| 2018-12-10 | CVE-2018-20005 | Use After Free vulnerability in multiple products An issue has been found in Mini-XML (aka mxml) 2.12. | 5.5 |
| 2018-12-07 | CVE-2018-9517 | Use After Free vulnerability in Google Android In pppol2tp_connect, there is possible memory corruption due to a use after free. | 6.7 |
| 2018-12-05 | CVE-2018-19876 | Use After Free vulnerability in Cairographics Cairo 1.16.0 cairo 1.16.0, in cairo_ft_apply_variations() in cairo-ft-font.c, would free memory using a free function incompatible with WebKit's fastMalloc, leading to an application crash with a "free(): invalid pointer" error. | 6.5 |
| 2018-12-04 | CVE-2018-18989 | Use After Free vulnerability in Omron Cx-One, Cx-Programmer and Cx-Server In CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior), when processing project files, the application fails to check if it is referencing freed memory. | 7.8 |
| 2018-12-04 | CVE-2018-6087 | Use After Free vulnerability in multiple products A use-after-free in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | 8.8 |
| 2018-12-04 | CVE-2018-6086 | Use After Free vulnerability in multiple products A double-eviction in the Incognito mode cache that lead to a user-after-free in Networking Disk Cache in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page. | 8.8 |
| 2018-12-04 | CVE-2018-6085 | Use After Free vulnerability in multiple products Re-entry of a destructor in Networking Disk Cache in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page. | 8.8 |
| 2018-12-03 | CVE-2018-19827 | Use After Free vulnerability in Sass-Lang Libsass 3.5.5 In LibSass 3.5.5, a use-after-free vulnerability exists in the SharedPtr class in SharedPtr.cpp (or SharedPtr.hpp) that may cause a denial of service (application crash) or possibly have unspecified other impact. | 8.8 |