Skip to main content

Use After Free

6128 CVEs technique

Monthly

CVE-2024-26875 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix uaf in pvr2_context_set_notify [Syzbot reported] BUG: KASAN: slab-use-after-free in. Rated medium severity (CVSS 6.4). This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Information Disclosure Use After Free Google Linux +1
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2024-26872 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Do not register event handler until srpt device is fully setup Upon rare occasions, KASAN reports a use-after-free Write. Rated high severity (CVSS 7.0). This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Information Disclosure Linux Linux Kernel +1
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2024-26866 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: spi: lpspi: Avoid potential use-after-free in probe() fsl_lpspi_probe() is allocating/disposing memory manually with. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Linux Denial Of Service Memory Corruption Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26865 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: rds: tcp: Fix use-after-free of net in reqsk_timer_handler(). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Linux Information Disclosure Memory Corruption Linux Kernel
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-26856 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: net: sparx5: Fix use after free inside sparx5_del_mact_entry Based on the static analyzis of the code it looks like when an entry. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Use After Free Linux Denial Of Service Memory Corruption Linux Kernel
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-26852 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: net/ipv6: avoid possible UAF in ip6_route_mpath_notify() syzbot found another use-after-free in ip6_route_mpath_notify() [1] Commit. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Use After Free Google Denial Of Service Linux +2
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-26838 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix KASAN issue with tasklet KASAN testing revealed the following issue assocated with freeing an IRQ. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Linux Information Disclosure Memory Corruption Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-3834 HIGH This Week

Use after free in Downloads in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Google Denial Of Service Memory Corruption Chrome
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2024-30378 MEDIUM This Month

A Use After Free vulnerability in command processing of Juniper Networks Junos OS on MX Series allows a local, authenticated attacker to cause the broadband edge service manager daemon (bbe-smgd) to. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Juniper Denial Of Service Memory Corruption Junos
NVD
CVSS 4.0
6.9
EPSS
0.2%
CVE-2024-3861 MEDIUM This Month

If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Information Disclosure Mozilla Memory Corruption Firefox +2
NVD
CVSS 3.1
4.0
EPSS
0.2%
CVE-2024-3857 HIGH This Week

The JIT created incorrect code for arguments in certain cases. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Mozilla Denial Of Service Memory Corruption Firefox +2
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-3856 HIGH This Week

A use-after-free could occur during WASM execution if garbage collection ran during the creation of an array. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Information Disclosure Mozilla Memory Corruption Firefox
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2024-3853 HIGH This Week

A use-after-free could result if a JavaScript realm was in the process of being initialized when a garbage collection started. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. No vendor patch available.

Use After Free Information Disclosure Mozilla Memory Corruption Firefox
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-30386 HIGH This Week

A Use-After-Free vulnerability in the Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause l2ald to crash. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Juniper Denial Of Service Memory Corruption Junos +1
NVD
CVSS 4.0
7.1
EPSS
0.3%
CVE-2024-3515 MEDIUM POC This Month

Use after free in Dawn in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Google Denial Of Service Memory Corruption Chrome +1
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2024-29043 HIGH This Week

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Microsoft RCE Memory Corruption Odbc Driver For Sql Server +2
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2024-26241 HIGH This Week

Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption Windows 10 1507 Windows 10 1607 +9
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2024-26237 HIGH This Week

Windows Defender Credential Guard Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Microsoft Memory Corruption Windows 10 1809 +8
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2024-26233 MEDIUM This Month

Windows DNS Server Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Use After Free Microsoft RCE Memory Corruption Windows Server 2016 +3
NVD
CVSS 3.1
6.6
EPSS
1.6%
CVE-2024-26231 MEDIUM This Month

Windows DNS Server Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Use After Free Microsoft RCE Memory Corruption Windows Server 2016 +3
NVD
CVSS 3.1
6.6
EPSS
1.5%
CVE-2024-26230 HIGH This Week

Windows Telephony Server Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Microsoft Memory Corruption Windows 10 1507 +13
NVD
CVSS 3.1
7.8
EPSS
24.3%
CVE-2024-26227 MEDIUM This Month

Windows DNS Server Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Use After Free Microsoft RCE Memory Corruption Windows Server 2016 +3
NVD
CVSS 3.1
6.6
EPSS
1.5%
CVE-2024-26224 MEDIUM This Month

Windows DNS Server Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Use After Free Microsoft RCE Memory Corruption Windows Server 2016 +3
NVD
CVSS 3.1
6.6
EPSS
1.6%
CVE-2024-26223 MEDIUM This Month

Windows DNS Server Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Use After Free Microsoft RCE Memory Corruption Windows Server 2016 +3
NVD
CVSS 3.1
6.6
EPSS
1.6%
CVE-2024-26222 MEDIUM This Month

Windows DNS Server Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Use After Free Microsoft RCE Memory Corruption Windows Server 2016 +3
NVD
CVSS 3.1
6.6
EPSS
1.8%
CVE-2024-26221 MEDIUM This Month

Windows DNS Server Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Use After Free Microsoft RCE Memory Corruption Windows Server 2016 +3
NVD
CVSS 3.1
6.6
EPSS
1.8%
CVE-2024-23658 MEDIUM This Month

In camera driver, there is a possible use after free due to a logic error. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Denial Of Service Memory Corruption Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2024-30416 HIGH This Week

Use After Free (UAF) vulnerability in the underlying driver module. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Denial Of Service Memory Corruption Emui Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-3158 HIGH This Week

Use after free in Bookmarks in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Google Denial Of Service Memory Corruption Chrome
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2024-2312 MEDIUM POC This Month

GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu's peimage GRUB2 module leaving UEFI system table hooks after exit. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Memory Corruption Authentication Bypass Debian Ubuntu +2
NVD
CVSS 3.1
6.7
EPSS
0.4%
CVE-2024-3299 HIGH This Week

Out-Of-Bounds Write, Use of Uninitialized Resource and Use-After-Free vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Buffer Overflow Memory Corruption
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-26804 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net: ip_tunnel: prevent perpetual headroom growth syzkaller triggered following kasan splat: BUG: KASAN: use-after-free in. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Linux Information Disclosure Memory Corruption Linux Kernel +1
NVD
CVSS 3.1
5.3
EPSS
1.0%
CVE-2024-26801 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Avoid potential use-after-free in hci_error_reset While handling the HCI_EV_HARDWARE_ERROR event, if the underlying BT. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Intel Denial Of Service Linux +1
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2024-26800 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: tls: fix use-after-free on failed backlog decryption When the decrypt request goes to the backlog and crypto_aead_decrypt returns. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Linux Information Disclosure Memory Corruption Linux Kernel
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-26793 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: gtp: fix use-after-free and null-ptr-deref in gtp_newlink() The gtp_link_ops operations structure for the subsystem must be. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Canonical Use After Free Memory Corruption Information Disclosure Linux +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-30366 HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30334 HIGH This Week

Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.9%
CVE-2024-30333 HIGH This Week

Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.9%
CVE-2024-30332 HIGH This Week

Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.9%
CVE-2024-30331 HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.9%
CVE-2024-30330 HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2024-30329 LOW Monitor

Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Information Disclosure RCE Memory Corruption Pdf Editor +1
NVD
CVSS 3.0
3.3
EPSS
0.7%
CVE-2024-30328 HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.9%
CVE-2024-30327 HIGH This Week

Foxit PDF Reader template Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.9%
CVE-2024-30326 HIGH This Week

Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.9%
CVE-2024-30325 HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.9%
CVE-2024-30324 HIGH This Week

Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.9%
CVE-2024-30322 HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.9%
CVE-2024-26754 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: gtp: fix use-after-free and null-ptr-deref in gtp_genl_dump_pdp() The gtp_net_ops pernet operations structure for the subsystem. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Canonical Use After Free Memory Corruption Information Disclosure Linux +2
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-26749 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fixed memory use after free at cdns3_gadget_ep_disable() ... Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Use After Free Linux Denial Of Service Memory Corruption Linux Kernel
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-26739 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: net/sched: act_mirred: don't override retval if we already lost the skb If we're redirecting the skb, and haven't called. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Linux Information Disclosure Memory Corruption Debian Linux +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-26737 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel The following race is possible between. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Linux Information Disclosure Memory Corruption Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26735 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix possible use-after-free and null-ptr-deref The pernet operations structure for the subsystem must be registered. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Linux Information Disclosure Memory Corruption Linux Kernel +9
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2024-26724 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: DPLL, Fix possible use after free after delayed work timer triggers I managed to hit following use after free warning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Use After Free Linux Denial Of Service Memory Corruption Linux Kernel
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-26689 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: ceph: prevent use-after-free in encode_cap_msg() In fs/ceph/caps.c, in encode_cap_msg(), "use after free" error was caught by KASAN. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Use After Free Linux Denial Of Service Memory Corruption Linux Kernel +1
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-30371 HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30367 HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30365 HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30362 HIGH This Week

Foxit PDF Reader PDF File Parsing Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30361 HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30360 HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30358 HIGH This Week

Foxit PDF Reader AcroForm User-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30354 HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30352 HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30351 HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30346 HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30345 HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30344 HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30343 HIGH This Week

Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30342 HIGH This Week

Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30339 HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30338 HIGH This Week

Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30337 HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30336 HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2024-30809 HIGH POC This Week

An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Denial Of Service Memory Corruption Bento4
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2024-30808 LOW POC Monitor

An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Denial Of Service Memory Corruption Bento4
NVD GitHub
CVSS 3.1
2.7
EPSS
0.6%
CVE-2024-30807 HIGH POC This Week

An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Denial Of Service Memory Corruption Bento4
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2024-28951 HIGH This Week

in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free RCE Denial Of Service Memory Corruption Openharmony
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-26680 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net: atlantic: Fix DMA mapping for PTP hwts ring Function aq_ring_hwts_rx_alloc() maps extra AQ_CFG_RXDS_DEF bytes for PTP HWTS. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Linux Information Disclosure Memory Corruption Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26656 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix use-after-free bug The bug can be triggered by sending a single amdgpu_gem_userptr_ioctl to the AMDGPU DRM driver. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Linux Buffer Overflow Memory Corruption Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-22180 MEDIUM This Month

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause DOS through use after free. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Denial Of Service Memory Corruption Openharmony
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-22098 HIGH This Week

in OpenHarmony v3.2.4 and prior versions allow a local attacker arbitrary code execution in any apps through use after free. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free RCE Denial Of Service Memory Corruption Openharmony
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2024-21472 HIGH PATCH This Week

Memory corruption in Kernel while handling GPU operations. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption Fastconnect 6900 Firmware Fastconnect 7800 Firmware +37
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-21468 HIGH PATCH This Week

Memory corruption when there is failed unmap operation in GPU. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption 315 5g Iot Modem Firmware 9206 Lte Modem Firmware +223
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-26654 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs The dreamcastcard->timer could schedule the spu_dma_work and the. Rated high severity (CVSS 7.0). This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Linux Information Disclosure Memory Corruption Linux Kernel +1
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2024-2886 HIGH POC This Week

Use after free in WebCodecs in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Use After Free Google Denial Of Service Memory Corruption Chrome +1
NVD
CVSS 3.1
7.5
EPSS
2.1%
CVE-2024-2885 HIGH POC This Week

Use after free in Dawn in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Google Denial Of Service Memory Corruption Chrome +1
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2024-2883 HIGH POC This Week

Use after free in ANGLE in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Google Denial Of Service Memory Corruption Chrome +1
NVD
CVSS 3.1
8.8
EPSS
3.3%
CVE-2024-21918 HIGH This Week

A memory buffer vulnerability in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code to the software by corrupting the memory and. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Use After Free Rockwell Memory Corruption Arena
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-30161 MEDIUM PATCH This Month

In Qt 6.5.4, 6.5.5, and 6.6.2, QNetworkReply header data might be accessed via a dangling pointer in Qt for WebAssembly (wasm). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption Qt
NVD
CVSS 3.1
6.5
EPSS
0.5%
EPSS 0% CVSS 6.4
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix uaf in pvr2_context_set_notify [Syzbot reported] BUG: KASAN: slab-use-after-free in. Rated medium severity (CVSS 6.4). This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Information Disclosure Use After Free +3
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Do not register event handler until srpt device is fully setup Upon rare occasions, KASAN reports a use-after-free Write. Rated high severity (CVSS 7.0). This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Information Disclosure +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: spi: lpspi: Avoid potential use-after-free in probe() fsl_lpspi_probe() is allocating/disposing memory manually with. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Linux Denial Of Service +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: rds: tcp: Fix use-after-free of net in reqsk_timer_handler(). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Linux Information Disclosure +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: net: sparx5: Fix use after free inside sparx5_del_mact_entry Based on the static analyzis of the code it looks like when an entry. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Use After Free Linux Denial Of Service +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: net/ipv6: avoid possible UAF in ip6_route_mpath_notify() syzbot found another use-after-free in ip6_route_mpath_notify() [1] Commit. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Use After Free Google +4
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix KASAN issue with tasklet KASAN testing revealed the following issue assocated with freeing an IRQ. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Linux Information Disclosure +2
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Use after free in Downloads in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Google Denial Of Service +2
NVD
EPSS 0% CVSS 6.9
MEDIUM This Month

A Use After Free vulnerability in command processing of Juniper Networks Junos OS on MX Series allows a local, authenticated attacker to cause the broadband edge service manager daemon (bbe-smgd) to. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Juniper Denial Of Service +2
NVD
EPSS 0% CVSS 4.0
MEDIUM This Month

If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Information Disclosure Mozilla +4
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The JIT created incorrect code for arguments in certain cases. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Mozilla Denial Of Service +4
NVD
EPSS 1% CVSS 8.8
HIGH This Week

A use-after-free could occur during WASM execution if garbage collection ran during the creation of an array. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Information Disclosure Mozilla +2
NVD
EPSS 0% CVSS 7.5
HIGH This Week

A use-after-free could result if a JavaScript realm was in the process of being initialized when a garbage collection started. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. No vendor patch available.

Use After Free Information Disclosure Mozilla +2
NVD
EPSS 0% CVSS 7.1
HIGH This Week

A Use-After-Free vulnerability in the Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause l2ald to crash. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Juniper Denial Of Service +3
NVD
EPSS 1% CVSS 6.5
MEDIUM POC This Month

Use after free in Dawn in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Google Denial Of Service +3
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Microsoft RCE +4
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption +11
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Windows Defender Credential Guard Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Microsoft +10
NVD
EPSS 2% CVSS 6.6
MEDIUM This Month

Windows DNS Server Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Use After Free Microsoft RCE +5
NVD
EPSS 2% CVSS 6.6
MEDIUM This Month

Windows DNS Server Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Use After Free Microsoft RCE +5
NVD
EPSS 24% CVSS 7.8
HIGH This Week

Windows Telephony Server Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Microsoft +15
NVD
EPSS 2% CVSS 6.6
MEDIUM This Month

Windows DNS Server Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Use After Free Microsoft RCE +5
NVD
EPSS 2% CVSS 6.6
MEDIUM This Month

Windows DNS Server Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Use After Free Microsoft RCE +5
NVD
EPSS 2% CVSS 6.6
MEDIUM This Month

Windows DNS Server Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Use After Free Microsoft RCE +5
NVD
EPSS 2% CVSS 6.6
MEDIUM This Month

Windows DNS Server Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Use After Free Microsoft RCE +5
NVD
EPSS 2% CVSS 6.6
MEDIUM This Month

Windows DNS Server Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Use After Free Microsoft RCE +5
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

In camera driver, there is a possible use after free due to a logic error. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Denial Of Service Memory Corruption +1
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Use After Free (UAF) vulnerability in the underlying driver module. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Denial Of Service Memory Corruption +2
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Use after free in Bookmarks in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Google Denial Of Service +2
NVD
EPSS 0% CVSS 6.7
MEDIUM POC This Month

GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu's peimage GRUB2 module leaving UEFI system table hooks after exit. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Memory Corruption Authentication Bypass +4
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Out-Of-Bounds Write, Use of Uninitialized Resource and Use-After-Free vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Buffer Overflow +1
NVD
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net: ip_tunnel: prevent perpetual headroom growth syzkaller triggered following kasan splat: BUG: KASAN: use-after-free in. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Linux Information Disclosure +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Avoid potential use-after-free in hci_error_reset While handling the HCI_EV_HARDWARE_ERROR event, if the underlying BT. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Intel +3
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: tls: fix use-after-free on failed backlog decryption When the decrypt request goes to the backlog and crypto_aead_decrypt returns. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Linux Information Disclosure +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: gtp: fix use-after-free and null-ptr-deref in gtp_newlink() The gtp_link_ops operations structure for the subsystem must be. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Canonical Use After Free Memory Corruption +3
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption +2
NVD
EPSS 1% CVSS 3.3
LOW Monitor

Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Information Disclosure RCE +3
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Foxit PDF Reader template Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: gtp: fix use-after-free and null-ptr-deref in gtp_genl_dump_pdp() The gtp_net_ops pernet operations structure for the subsystem. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Canonical Use After Free Memory Corruption +4
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fixed memory use after free at cdns3_gadget_ep_disable() ... Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Use After Free Linux Denial Of Service +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: net/sched: act_mirred: don't override retval if we already lost the skb If we're redirecting the skb, and haven't called. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Linux Information Disclosure +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel The following race is possible between. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Linux Information Disclosure +2
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix possible use-after-free and null-ptr-deref The pernet operations structure for the subsystem must be registered. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Linux Information Disclosure +11
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: DPLL, Fix possible use after free after delayed work timer triggers I managed to hit following use after free warning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Use After Free Linux Denial Of Service +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: ceph: prevent use-after-free in encode_cap_msg() In fs/ceph/caps.c, in encode_cap_msg(), "use after free" error was caught by KASAN. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Use After Free Linux Denial Of Service +3
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Foxit PDF Reader PDF File Parsing Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Foxit PDF Reader AcroForm User-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption +2
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Denial Of Service Memory Corruption +1
NVD GitHub
EPSS 1% CVSS 2.7
LOW POC Monitor

An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Denial Of Service Memory Corruption +1
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Denial Of Service Memory Corruption +1
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Week

in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free RCE Denial Of Service +2
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net: atlantic: Fix DMA mapping for PTP hwts ring Function aq_ring_hwts_rx_alloc() maps extra AQ_CFG_RXDS_DEF bytes for PTP HWTS. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Linux Information Disclosure +2
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix use-after-free bug The bug can be triggered by sending a single amdgpu_gem_userptr_ioctl to the AMDGPU DRM driver. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Linux Buffer Overflow +2
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause DOS through use after free. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Denial Of Service Memory Corruption +1
NVD
EPSS 0% CVSS 8.8
HIGH This Week

in OpenHarmony v3.2.4 and prior versions allow a local attacker arbitrary code execution in any apps through use after free. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free RCE Denial Of Service +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in Kernel while handling GPU operations. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption +39
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption when there is failed unmap operation in GPU. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption +225
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs The dreamcastcard->timer could schedule the spu_dma_work and the. Rated high severity (CVSS 7.0). This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Linux Information Disclosure +3
NVD
EPSS 2% CVSS 7.5
HIGH POC This Week

Use after free in WebCodecs in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Use After Free Google Denial Of Service +3
NVD
EPSS 1% CVSS 8.8
HIGH POC This Week

Use after free in Dawn in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Google Denial Of Service +3
NVD
EPSS 3% CVSS 8.8
HIGH POC This Week

Use after free in ANGLE in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Google Denial Of Service +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A memory buffer vulnerability in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code to the software by corrupting the memory and. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Use After Free Rockwell +2
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

In Qt 6.5.4, 6.5.5, and 6.6.2, QNetworkReply header data might be accessed via a dangling pointer in Qt for WebAssembly (wasm). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption +1
NVD
Prev Page 33 of 69 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy