Vulnerabilities > Use After Free

DATE CVE VULNERABILITY TITLE RISK
2017-03-17 CVE-2017-6966 Use After Free vulnerability in GNU Binutils 2.28
readelf in GNU Binutils 2.28 has a use-after-free (specifically read-after-free) error while processing multiple, relocated sections in an MSP430 binary.
local
low complexity
gnu CWE-416
5.5
2017-03-17 CVE-2017-0070 Use After Free vulnerability in Microsoft Edge
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers.
network
high complexity
microsoft CWE-416
7.5
2017-03-14 CVE-2017-3003 Use After Free vulnerability in Adobe Flash Player
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to an interaction between the privacy user interface and the ActionScript 2 Camera object.
network
low complexity
adobe CWE-416
8.8
2017-03-14 CVE-2017-3002 Use After Free vulnerability in Adobe Flash Player
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability in the ActionScript2 TextField object related to the variable property.
network
low complexity
adobe CWE-416
8.8
2017-03-14 CVE-2017-3001 Use After Free vulnerability in Adobe Flash Player
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to garbage collection in the ActionScript 2 VM.
network
low complexity
adobe CWE-416
8.8
2017-03-14 CVE-2016-10188 Use After Free vulnerability in Bitlbee
Use-after-free vulnerability in bitlbee-libpurple before 3.5 allows remote servers to cause a denial of service (crash) or possibly execute arbitrary code by causing a file transfer connection to expire.
network
low complexity
bitlbee CWE-416
critical
9.8
2017-03-14 CVE-2017-6874 Use After Free vulnerability in Linux Kernel
Race condition in kernel/ucount.c in the Linux kernel through 4.10.2 allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via crafted system calls that leverage certain decrement behavior that causes incorrect interaction between put_ucounts and get_ucounts.
local
high complexity
linux CWE-416
7.0
2017-03-07 CVE-2016-10200 Use After Free vulnerability in multiple products
Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c.
local
high complexity
linux google CWE-416
7.0
2017-03-03 CVE-2017-5194 Use After Free vulnerability in multiple products
Use-after-free vulnerability in Irssi before 0.8.21 allows remote attackers to cause a denial of service (crash) via an invalid nick message.
network
low complexity
irssi debian CWE-416
7.5
2017-03-01 CVE-2017-6346 Use After Free vulnerability in Linux Kernel
Race condition in net/packet/af_packet.c in the Linux kernel before 4.9.13 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a multithreaded application that makes PACKET_FANOUT setsockopt system calls.
local
high complexity
linux CWE-416
7.0