Vulnerabilities (CVE)

CWE filter

CWE-416

Filter

18 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-9268 1 Google 1 Android 2019-10-04 2.1
In libstagefright, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the media server with no additional execution privileges needed. User interaction is not needed for exploitation....
CVE-2019-9427 1 Google 1 Android 2019-10-01 2.1
In Bluetooth, there is a possible information disclosure due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product:...
CVE-2019-9347 1 Google 1 Android 2019-10-01 2.1
In the m4v_h263 codec, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product:...
CVE-2019-7317 3 Libpng, Canonical, Debian 3 Libpng, Ubuntu Linux, Debian Linux 2019-08-01 2.6
png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
CVE-2018-6171 1 Google 1 Chrome 2019-07-01 2.9
Use after free in Bluetooth in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension.
CVE-2019-12819 1 Linux 1 Linux Kernel 2019-06-18 2.1
An issue was discovered in the Linux kernel before 5.0. The function __mdiobus_register() in drivers/net/phy/mdio_bus.c calls put_device(), which will trigger a fixed_mdio_bus_init use-after-free. This will cause a denial of service.
CVE-2018-19364 5 Qemu, Canonical, Debian and 2 more 5 Qemu, Ubuntu Linux, Debian Linux and 2 more 2019-05-31 2.1
hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome.
CVE-2019-8339 2 Falco, Sysdig 2 Falco, Sysdig 2019-05-28 2.1
An issue was discovered in Falco through 0.14.0. A missing indicator for insufficient resources allows local users to bypass the detection engine.
CVE-2014-0131 3 Linux, Opensuse, Suse 3 Linux Kernel, Evergreen, Linux Enterprise Server 2019-05-13 2.9
Use-after-free vulnerability in the skb_segment function in net/core/skbuff.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation.
CVE-2014-2568 2 Linux, Canonical 2 Linux Kernel, Ubuntu Linux 2019-05-10 2.9
Use-after-free vulnerability in the nfqnl_zcopy function in net/netfilter/nfnetlink_queue_core.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain...
CVE-2016-9401 1 Gnu 1 Bash 2019-03-25 2.1
popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address.
CVE-2019-9706 2019-03-21 2.1
Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service (use-after-free and daemon crash) because of a force_rescan_user error.
CVE-2018-18091 1 Intel 1 Graphics Driver 2019-03-15 2.1
Use after free in Kernel Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 may...
CVE-2016-6833 1 Qemu 1 Qemu 2018-09-07 2.1
Use-after-free vulnerability in the vmxnet3_io_bar0_write function in hw/net/vmxnet3.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (QEMU instance crash) by leveraging failure to check if the...
CVE-2017-2584 1 Linux 1 Linux Kernel 2018-08-24 3.6
arch/x86/kvm/emulate.c in the Linux kernel through 4.9.3 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) via a crafted application that leverages instruction emulation for...
CVE-2014-3471 1 Qemu 1 Qemu 2018-01-31 2.1
Use-after-free vulnerability in hw/pci/pcie.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (QEMU instance crash) via hotplug and hotunplug operations of Virtio block devices.
CVE-2017-9676 1 Google 1 Android 2017-09-26 2.6
In all Qualcomm products with Android releases from CAF using the Linux kernel, potential use after free scenarios and race conditions can occur when accessing global static variables without using a lock.
CVE-2016-9923 1 Qemu 1 Qemu 2017-07-01 2.1
Quick Emulator (Qemu) built with the 'chardev' backend support is vulnerable to a use after free issue. It could occur while hotplug and unplugging the device in the guest. A guest user/process could use this flaw to crash a Qemu process on the...