Vulnerabilities > Use After Free
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-06 | CVE-2018-5845 | Use After Free vulnerability in Google Android A race condition in drm_atomic_nonblocking_commit() in the display driver can potentially lead to a Use After Free scenario in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 7.0 |
| 2018-06-04 | CVE-2018-3853 | Use After Free vulnerability in Foxitsoftware Foxit Reader 9.0.1.1049 An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software Foxit PDF Reader version 9.0.1.1049. | 8.8 |
| 2018-05-31 | CVE-2018-11624 | Use After Free vulnerability in Imagemagick 7.0.736 In ImageMagick 7.0.7-36 Q16, the ReadMATImage function in coders/mat.c allows attackers to cause a use after free via a crafted file. | 8.8 |
| 2018-05-28 | CVE-2018-11516 | Use After Free vulnerability in Videolan VLC Media Player 3.0.0/3.0.1 The vlc_demux_chained_Delete function in input/demux_chained.c in VideoLAN VLC media player 3.0.1 allows remote attackers to cause a denial of service (heap corruption and application crash) or possibly have unspecified other impact via a crafted .swf file. | 8.8 |
| 2018-05-26 | CVE-2018-11499 | Use After Free vulnerability in Sass-Lang Libsass A use-after-free vulnerability exists in handle_error() in sass_context.cpp in LibSass 3.4.x and 3.5.x through 3.5.4 that could be leveraged to cause a denial of service (application crash) or possibly unspecified other impact. | 9.8 |
| 2018-05-26 | CVE-2018-11496 | Use After Free vulnerability in multiple products In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in read_stream in stream.c, because decompress_file in lrzip.c lacks certain size validation. | 6.5 |
| 2018-05-24 | CVE-2018-11412 | Use After Free vulnerability in multiple products In the Linux kernel 4.13 through 4.16.11, ext4_read_inline_data() in fs/ext4/inline.c performs a memcpy with an untrusted length value in certain circumstances involving a crafted filesystem that stores the system.data extended attribute value in a dedicated inode. | 5.9 |
| 2018-05-24 | CVE-2018-1000039 | Use After Free vulnerability in Artifex Mupdf In Artifex MuPDF 1.12.0 and earlier, multiple heap use after free bugs in the PDF parser could allow an attacker to execute arbitrary code, read memory, or cause a denial of service via a crafted file. | 7.8 |
| 2018-05-24 | CVE-2018-11410 | Use After Free vulnerability in multiple products An issue was discovered in Liblouis 3.5.0. | 9.8 |
| 2018-05-22 | CVE-2018-11358 | Use After Free vulnerability in multiple products In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 dissector could crash. | 7.5 |