In the Linux kernel before 5.3.11, sound/core/timer.c has a use-after-free caused by erroneous code refactoring, aka CID-e7af6307a8a5. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
Use After Free
Linux
Information Disclosure
Memory Corruption
Linux Kernel
+1
NVD
GitHub
CVSS 3.1
7.8
EPSS
0.6%
read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Buffer Overflow
Memory Corruption
Fig2Dev
Fedora
Debian Linux
NVD
CVSS 3.1
5.5
EPSS
1.2%