Vulnerabilities > Use After Free
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-26 | CVE-2018-11496 | Use After Free vulnerability in multiple products In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in read_stream in stream.c, because decompress_file in lrzip.c lacks certain size validation. | 6.5 |
| 2018-05-24 | CVE-2018-11412 | Use After Free vulnerability in multiple products In the Linux kernel 4.13 through 4.16.11, ext4_read_inline_data() in fs/ext4/inline.c performs a memcpy with an untrusted length value in certain circumstances involving a crafted filesystem that stores the system.data extended attribute value in a dedicated inode. | 5.9 |
| 2018-05-24 | CVE-2018-1000039 | Use After Free vulnerability in Artifex Mupdf In Artifex MuPDF 1.12.0 and earlier, multiple heap use after free bugs in the PDF parser could allow an attacker to execute arbitrary code, read memory, or cause a denial of service via a crafted file. | 7.8 |
| 2018-05-24 | CVE-2018-11410 | Use After Free vulnerability in multiple products An issue was discovered in Liblouis 3.5.0. | 9.8 |
| 2018-05-22 | CVE-2018-11358 | Use After Free vulnerability in multiple products In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 dissector could crash. | 7.5 |
| 2018-05-19 | CVE-2018-4932 | Use After Free vulnerability in Adobe Flash Player Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable Use-After-Free vulnerability. | 8.8 |
| 2018-05-19 | CVE-2018-4919 | Use After Free vulnerability in Adobe Flash Player and Flash Player Desktop Runtime Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable use after free vulnerability. | 8.8 |
| 2018-05-18 | CVE-2017-18272 | Use After Free vulnerability in Imagemagick In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-25, there is a use-after-free in ReadOneMNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted MNG image file that is mishandled in an MngInfoDiscardObject call. | 6.5 |
| 2018-05-17 | CVE-2018-11130 | Use After Free vulnerability in Vcftools Project Vcftools 0.1.15 The header::add_FORMAT_descriptor function in header.cpp in VCFtools 0.1.15 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted vcf file. | 7.8 |
| 2018-05-17 | CVE-2018-11129 | Use After Free vulnerability in Vcftools Project Vcftools 0.1.15 The header::add_INFO_descriptor function in header.cpp in VCFtools 0.1.15 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted vcf file. | 7.8 |