Vulnerabilities > Use After Free

DATE CVE VULNERABILITY TITLE RISK
2016-12-15 CVE-2016-7880 Use After Free vulnerability in Adobe Flash Player and Flash Player Desktop Runtime
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability when setting the length property of an array object.
network
low complexity
adobe CWE-416
8.8
2016-12-15 CVE-2016-7879 Use After Free vulnerability in Adobe Flash Player and Flash Player Desktop Runtime
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the NetConnection class when handling an attached script object.
network
low complexity
adobe CWE-416
8.8
2016-12-15 CVE-2016-7878 Use After Free vulnerability in Adobe Flash Player and Flash Player Desktop Runtime
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the PSDK's MediaPlayer class.
network
low complexity
adobe CWE-416
8.8
2016-12-15 CVE-2016-7877 Use After Free vulnerability in Adobe Flash Player and Flash Player Desktop Runtime
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the Action Message Format serialization (AFM0).
network
low complexity
adobe CWE-416
8.8
2016-12-15 CVE-2016-7872 Use After Free vulnerability in Adobe Flash Player and Flash Player Desktop Runtime
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class related to objects at multiple presentation levels.
network
low complexity
adobe CWE-416
8.8
2016-12-10 CVE-2016-6833 Use After Free vulnerability in multiple products
Use-after-free vulnerability in the vmxnet3_io_bar0_write function in hw/net/vmxnet3.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (QEMU instance crash) by leveraging failure to check if the device is active.
local
low complexity
qemu debian CWE-416
4.4
2016-12-08 CVE-2016-9120 Use After Free vulnerability in Linux Kernel
Race condition in the ion_ioctl function in drivers/staging/android/ion/ion.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) by calling ION_IOC_FREE on two CPUs at the same time.
local
low complexity
linux CWE-416
7.8
2016-12-08 CVE-2016-8655 Use After Free vulnerability in multiple products
Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging the CAP_NET_RAW capability to change a socket version, related to the packet_set_ring and packet_setsockopt functions.
local
low complexity
linux canonical CWE-416
7.8
2016-12-03 CVE-2016-9798 Use After Free vulnerability in Bluez 5.42
In BlueZ 5.42, a use-after-free was identified in "conf_opt" function in "tools/parser/l2cap.c" source file.
network
low complexity
bluez CWE-416
5.3
2016-11-29 CVE-2016-1251 Use After Free vulnerability in Dbd-Mysql Project Dbd-Mysql
There is a vulnerability of type use-after-free affecting DBD::mysql (aka DBD-mysql or the Database Interface (DBI) MySQL driver for Perl) 3.x and 4.x before 4.041 when used with mysql_server_prepare=1.
network
high complexity
dbd-mysql-project CWE-416
8.1