Vulnerabilities > Use After Free
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-15 | CVE-2024-4949 | Use After Free vulnerability in multiple products Use after free in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 6.5 |
| 2024-05-14 | CVE-2024-22267 | Use After Free vulnerability in VMWare Fusion and Workstation VMware Workstation and Fusion contain a use-after-free vulnerability in the vbluetooth device. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. | 8.2 |
| 2024-05-14 | CVE-2024-4671 | Use After Free vulnerability in multiple products Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | 9.6 |
| 2024-05-14 | CVE-2024-27395 | Use After Free vulnerability in multiple products In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fix Use-After-Free in ovs_ct_exit Since kfree_rcu, which is called in the hlist_for_each_entry_rcu traversal of ovs_ct_limit_exit, is not part of the RCU read critical section, it is possible that the RCU grace period will pass during the traversal and the key will be free. To prevent this, it should be changed to hlist_for_each_entry_safe. | 7.8 |
| 2024-05-14 | CVE-2024-27396 | Use After Free vulnerability in multiple products In the Linux kernel, the following vulnerability has been resolved: net: gtp: Fix Use-After-Free in gtp_dellink Since call_rcu, which is called in the hlist_for_each_entry_rcu traversal of gtp_dellink, is not part of the RCU read critical section, it is possible that the RCU grace period will pass during the traversal and the key will be free. To prevent this, it should be changed to hlist_for_each_entry_safe. | 7.8 |
| 2024-05-07 | CVE-2024-4558 | Use After Free vulnerability in multiple products Use after free in ANGLE in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 9.6 |
| 2024-05-07 | CVE-2024-27217 | Use After Free vulnerability in Openatom Openharmony in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. | 7.8 |
| 2024-05-07 | CVE-2024-3759 | Use After Free vulnerability in Openatom Openharmony in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through use after free. | 7.8 |
| 2024-05-07 | CVE-2024-20861 | Use After Free vulnerability in Samsung Android 12.0/13.0 Use after free vulnerability in SveService prior to SMR May-2024 Release 1 allows local privileged attackers to cause memory corruption. | 6.7 |
| 2024-05-06 | CVE-2023-43521 | Use After Free vulnerability in Qualcomm products Memory corruption when multiple listeners are being registered with the same file descriptor. | 7.8 |