Vulnerabilities > Use After Free

DATE CVE VULNERABILITY TITLE RISK
2018-05-02 CVE-2018-10685 Use After Free vulnerability in Long Range ZIP Project Long Range ZIP 0.631
In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the lzma_decompress_buf function of stream.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
network
low complexity
long-range-zip-project CWE-416
critical
9.8
2018-05-02 CVE-2018-10675 Use After Free vulnerability in multiple products
The do_get_mempolicy function in mm/mempolicy.c in the Linux kernel before 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls.
local
low complexity
linux redhat canonical CWE-416
7.8
2018-04-26 CVE-2018-3844 Use After Free vulnerability in Hyland Perceptive Document Filters 11.4.0.2647
In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, a crafted DOCX document can lead to a use-after-free resulting in direct code execution.
network
low complexity
hyland CWE-416
8.8
2018-04-23 CVE-2018-10303 Use After Free vulnerability in Foxitsoftware Phantompdf
A use-after-free in Foxit Reader before 9.1 and PhantomPDF before 9.1 allows remote attackers to execute arbitrary code, aka iDefense ID V-y0nqfutlf3.
network
low complexity
foxitsoftware CWE-416
8.8
2018-04-23 CVE-2018-10302 Use After Free vulnerability in Foxitsoftware Phantompdf
A use-after-free in Foxit Reader before 9.1 and PhantomPDF before 9.1 allows remote attackers to execute arbitrary code, aka iDefense ID V-jyb51g3mv9.
local
low complexity
foxitsoftware CWE-416
7.8
2018-04-23 CVE-2018-3850 Use After Free vulnerability in Foxit PDF Reader 9.0.1.1049
An exploitable use-after-free vulnerability exists in the JavaScript engine Foxit Software Foxit PDF Reader version 9.0.1.1049.
network
low complexity
foxit CWE-416
8.8
2018-04-23 CVE-2017-14458 Use After Free vulnerability in Foxit PDF Reader 8.3.2.25013
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 8.3.2.25013.
network
low complexity
foxit CWE-416
8.8
2018-04-18 CVE-2018-10199 Use After Free vulnerability in Mruby
In versions of mruby up to and including 1.4.0, a use-after-free vulnerability exists in src/io.c::File#initilialize_copy().
network
low complexity
mruby CWE-416
critical
9.8
2018-04-18 CVE-2014-10046 Use After Free vulnerability in Qualcomm products
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 808, and SD 810, use after free vulnerability when the PDN throttle info block is freed without clearing the corresponding active timer.
network
low complexity
qualcomm CWE-416
critical
9.8
2018-04-16 CVE-2018-10119 Use After Free vulnerability in multiple products
sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service (use-after-free with write access) or possibly have unspecified other impact via a crafted document that uses the structured storage ole2 wrapper file format.
local
low complexity
libreoffice debian redhat canonical CWE-416
7.8