Vulnerabilities (CVE)

Filtered by CWE-416
Total 6480 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-11075 1 Google 1 Android 2024-11-21 4.6 MEDIUM 7.8 HIGH
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, if cmd_pkt and reg_pkt are called from different userspace threads, a use after free condition can potentially occur in wdsp_glink_write().
CVE-2017-11011 1 Qualcomm 22 Mdm9206, Mdm9206 Firmware, Mdm9607 and 19 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 820, SD 835, a Use After Free condition can occur in a communication API.
CVE-2017-1000421 2 Debian, Lcdf 2 Debian Linux, Gifsicle 2024-11-21 7.5 HIGH 9.8 CRITICAL
Gifsicle gifview 1.89 and older is vulnerable to a use-after-free in the read_gif function resulting potential code execution
CVE-2017-0869 1 Google 1 Android 2024-11-21 7.2 HIGH 7.8 HIGH
NVIDIA driver contains an integer overflow vulnerability which could cause a use after free and possibly lead to an elevation of privilege enabling code execution as a privileged process. This issue is rated as high. Version: N/A. Android ID: A-37776156. References: N-CVE-2017-0869.
CVE-2016-9896 1 Mozilla 1 Firefox 2024-11-21 6.8 MEDIUM 8.1 HIGH
Use-after-free while manipulating the "navigator" object within WebVR. Note: WebVR is not currently enabled by default. This vulnerability affects Firefox < 50.1.
CVE-2016-9591 3 Debian, Jasper Project, Redhat 6 Debian Linux, Jasper, Enterprise Linux Desktop and 3 more 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
JasPer before version 2.0.12 is vulnerable to a use-after-free in the way it decodes certain JPEG 2000 image files resulting in a crash on the application using JasPer.
CVE-2016-9069 1 Mozilla 1 Firefox 2024-11-21 6.8 MEDIUM 7.8 HIGH
A use-after-free in nsINode::ReplaceOrInsertBefore during DOM operations resulting in potentially exploitable crashes. This vulnerability affects Firefox < 50.
CVE-2016-9068 1 Mozilla 1 Firefox 2024-11-21 5.0 MEDIUM 7.5 HIGH
A use-after-free during web animations when working with timelines resulting in a potentially exploitable crash. This vulnerability affects Firefox < 50.
CVE-2016-9067 1 Mozilla 1 Firefox 2024-11-21 5.0 MEDIUM 6.5 MEDIUM
Two use-after-free errors during DOM operations resulting in potentially exploitable crashes. This vulnerability affects Firefox < 50.
CVE-2016-8623 1 Haxx 1 Curl 2024-11-21 5.0 MEDIUM 3.3 LOW
A flaw was found in curl before version 7.51.0. The way curl handles cookies permits other threads to trigger a use-after-free leading to information disclosure.
CVE-2016-8619 1 Haxx 1 Curl 2024-11-21 7.5 HIGH 5.3 MEDIUM
The function `read_data()` in security.c in curl before version 7.51.0 is vulnerable to memory double free.
CVE-2016-8618 1 Haxx 1 Curl 2024-11-21 7.5 HIGH 5.3 MEDIUM
The libcurl API function called `curl_maprintf()` before version 7.51.0 can be tricked into doing a double-free due to an unsafe `size_t` multiplication, on systems using 32 bit `size_t` variables.
CVE-2016-6168 1 Foxitsoftware 2 Foxit Reader, Phantompdf 2024-11-21 6.8 MEDIUM 7.8 HIGH
Use-after-free vulnerability in Foxit Reader and PhantomPDF 7.3.4.311 and earlier on Windows allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via a crafted PDF file.
CVE-2016-5287 1 Mozilla 1 Firefox 2024-11-21 7.5 HIGH 9.8 CRITICAL
A potentially exploitable use-after-free crash during actor destruction with service workers. This issue does not affect releases earlier than Firefox 49. This vulnerability affects Firefox < 49.0.2.
CVE-2016-4761 2 Canonical, Webkitgtk 2 Ubuntu Linux, Webkitgtk\+ 2024-11-21 6.8 MEDIUM 8.8 HIGH
WebKitGTK+ before 2.14.0: A use-after-free vulnerability can allow remote attackers to cause a DoS
CVE-2016-1573 1 Ubports 1 Unity8 2024-11-21 4.6 MEDIUM 7.8 HIGH
Versions of Unity8 before 8.11+16.04.20160122-0ubuntu1 file plugins/Dash/CardCreator.js will execute any code found in place of a fallback image supplied by a scope.
CVE-2016-10906 1 Linux 1 Linux Kernel 2024-11-21 4.4 MEDIUM 7.0 HIGH
An issue was discovered in drivers/net/ethernet/arc/emac_main.c in the Linux kernel before 4.5. A use-after-free is caused by a race condition between the functions arc_emac_tx and arc_emac_tx_clean.
CVE-2016-10905 1 Linux 1 Linux Kernel 2024-11-21 6.1 MEDIUM 7.8 HIGH
An issue was discovered in fs/gfs2/rgrp.c in the Linux kernel before 4.8. A use-after-free is caused by the functions gfs2_clear_rgrpd and read_rindex_entry.
CVE-2016-1000006 1 Facebook 1 Hhvm 2024-11-21 7.5 HIGH 9.8 CRITICAL
hhvm before 3.12.11 has a use-after-free in the serialize_memoize_param() and ResourceBundle::__construct() functions.
CVE-2015-1606 2 Debian, Gnupg 2 Debian Linux, Gnupg 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
The keyring DB in GnuPG before 2.1.2 does not properly handle invalid packets, which allows remote attackers to cause a denial of service (invalid read and use-after-free) via a crafted keyring file.