Vulnerabilities > Use After Free

DATE CVE VULNERABILITY TITLE RISK
2017-02-09 CVE-2017-5843 Use After Free vulnerability in Gstreamer Project Gstreamer
Multiple use-after-free vulnerabilities in the (1) gst_mini_object_unref, (2) gst_tag_list_unref, and (3) gst_mxf_demux_update_essence_tracks functions in GStreamer before 1.10.3 allow remote attackers to cause a denial of service (crash) via vectors involving stream tags, as demonstrated by 02785736.mxf.
network
low complexity
gstreamer-project CWE-416
7.5
2017-02-08 CVE-2017-0428 Use After Free vulnerability in multiple products
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel.
local
low complexity
google linux CWE-416
7.8
2017-02-07 CVE-2014-9914 Use After Free vulnerability in multiple products
Race condition in the ip4_datagram_release_cb function in net/ipv4/datagram.c in the Linux kernel before 3.15.2 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect expectations about locking during multithreaded access to internal data structures for IPv4 UDP sockets.
local
low complexity
linux google CWE-416
7.8
2017-02-06 CVE-2016-10150 Use After Free vulnerability in Linux Kernel
Use-after-free vulnerability in the kvm_ioctl_create_device function in virt/kvm/kvm_main.c in the Linux kernel before 4.8.13 allows host OS users to cause a denial of service (host OS crash) or possibly gain privileges via crafted ioctl calls on the /dev/kvm device.
network
low complexity
linux CWE-416
critical
9.8
2017-02-01 CVE-2016-6082 Use After Free vulnerability in IBM Bigfix Platform
IBM BigFix Platform could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free race condition.
network
low complexity
ibm CWE-416
critical
10.0
2017-01-27 CVE-2016-5824 Use After Free vulnerability in multiple products
libical 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file.
local
low complexity
libical-project canonical redhat CWE-416
5.5
2017-01-27 CVE-2016-5823 Use After Free vulnerability in Libical Project Libical 0.47/1.0
The icalproperty_new_clone function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file.
local
low complexity
libical-project CWE-416
5.5
2017-01-23 CVE-2016-9401 Use After Free vulnerability in multiple products
popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address.
local
low complexity
gnu debian redhat CWE-416
5.5
2017-01-23 CVE-2016-3177 Use After Free vulnerability in Giflib Project Giflib 5.1.2
Multiple use-after-free and double-free vulnerabilities in gifcolor.c in GIFLIB 5.1.2 have unspecified impact and attack vectors.
network
low complexity
giflib-project CWE-416
critical
9.8
2017-01-19 CVE-2016-5219 Use After Free vulnerability in Google Chrome
A heap use after free in V8 in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google CWE-416
6.3