Vulnerabilities (CVE)

CWE filter

CWE-416

Filter

973 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-8912 1 Linux 1 Linux Kernel 2019-02-21 7.5
In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr.
CVE-2019-5772 1 Google 1 Chrome 2019-02-20 6.8
Sharing of objects over calls into JavaScript runtime in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
CVE-2019-5764 1 Google 1 Chrome 2019-02-20 6.8
Incorrect pointer management in WebRTC in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-5761 1 Google 1 Chrome 2019-02-20 6.8
Incorrect object lifecycle management in SwiftShader in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-5760 1 Google 1 Chrome 2019-02-20 6.8
Insufficient checks of pointer validity in WebRTC in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-5759 1 Google 1 Chrome 2019-02-20 6.8
Incorrect lifetime handling in HTML select elements in Google Chrome on Android and Mac prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
CVE-2019-5758 1 Google 1 Chrome 2019-02-20 6.8
Incorrect object lifecycle management in Blink in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-5756 1 Google 1 Chrome 2019-02-20 6.8
Inappropriate memory management when caching in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file.
CVE-2018-18356 3 Google, Debian, Redhat 5 Chrome, Debian Linux, Enterprise Linux Desktop and 2 more 2019-02-20 6.8
An integer overflow in path handling lead to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2018-17481 3 Google, Debian, Redhat 5 Chrome, Debian Linux, Linux Desktop and 2 more 2019-02-19 6.8
Incorrect object lifecycle handling in PDFium in Google Chrome prior to 71.0.3578.98 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
CVE-2018-18500 4 Mozilla, Canonical, Debian and 1 more 10 Firefox, Firefox Esr, Thunderbird and 7 more 2019-02-17 7.5
A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements. This results in the stream parser object being freed while still in use, leading to a potentially exploitable crash. This vulnerability...
CVE-2019-8343 1 Nasm 1 Netwide Assembler 2019-02-15 6.8
In Netwide Assembler (NASM) 2.14.02, there is a use-after-free in paste_tokens in asm/preproc.c.
CVE-2018-6268 1 Google 1 Android 2019-02-14 9.3
NVIDIA Tegra library contains a vulnerability in libnvmmlite_video.so, where referencing memory after it has been freed may lead to denial of service or possible escalation of privileges. Android ID: A-80433161.
CVE-2019-7314 1 Live555 1 Streaming Media 2019-02-14 7.5
liblivemedia in Live555 before 2019.02.03 mishandles the termination of an RTSP stream after RTP/RTCP-over-RTSP has been set up, which could lead to a Use-After-Free error that causes the RTSP server to crash (Segmentation fault) or possibly have...
CVE-2018-8843 1 Rockwellautomation 1 Arena 2019-02-13 4.3
Rockwell Automation Arena versions 15.10.00 and prior contains a use after free vulnerability caused by processing specially crafted Arena Simulation Software files that may cause the software application to crash, potentially losing any unsaved data..
CVE-2018-11962 1 Google 1 Android 2019-02-12 7.2
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Use-after-free issue in heap while loading audio effects config in audio effects factory.
CVE-2018-12014 1 Google 1 Android 2019-02-12 7.2
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Null pointer dereference vulnerability may occur due to missing NULL assignment in NAT module of freed pointer.
CVE-2018-13889 1 Google 1 Android 2019-02-12 7.2
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Heap memory was accessed after it was freed
CVE-2017-3145 4 Isc, Netapp, Debian and 1 more 9 Bind, Data Ontap Edge, Debian Linux and 6 more 2019-02-11 5.0
BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0...
CVE-2019-7703 1 Webassembly 1 Binaryen 2019-02-11 4.3
In Binaryen 1.38.22, there is a use-after-free problem in wasm::WasmBinaryBuilder::visitCall in wasm-binary.cpp. Remote attackers could leverage this vulnerability to cause a denial-of-service via a wasm file, as demonstrated by wasm-merge.