Total
6576 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-5805 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
Use-after-free in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
|
|||||
| CVE-2019-5789 | 2 Google, Opensuse | 3 Chrome, Backports, Leap | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
|
An integer overflow that leads to a use-after-free in WebMIDI in Google Chrome on Windows prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.
|
|||||
| CVE-2019-5788 | 2 Google, Opensuse | 3 Chrome, Backports, Leap | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
|
An integer overflow that leads to a use-after-free in Blink Storage in Google Chrome on Linux prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.
|
|||||
| CVE-2019-5787 | 2 Google, Opensuse | 3 Chrome, Backports, Leap | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
|
Use-after-garbage-collection in Blink in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2019-5772 | 4 Debian, Fedoraproject, Google and 1 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Sharing of objects over calls into JavaScript runtime in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
|
|||||
| CVE-2019-5764 | 4 Debian, Fedoraproject, Google and 1 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Incorrect pointer management in WebRTC in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2019-5760 | 4 Debian, Fedoraproject, Google and 1 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Insufficient checks of pointer validity in WebRTC in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2019-5759 | 5 Apple, Debian, Fedoraproject and 2 more | 8 Macos, Debian Linux, Fedora and 5 more | 2024-11-21 | 6.8 MEDIUM | 9.6 CRITICAL |
|
Incorrect lifetime handling in HTML select elements in Google Chrome on Android and Mac prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
|
|||||
| CVE-2019-5756 | 4 Debian, Fedoraproject, Google and 1 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Inappropriate memory management when caching in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file.
|
|||||
| CVE-2019-5721 | 1 Wireshark | 1 Wireshark | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
In Wireshark 2.4.0 to 2.4.11, the ENIP dissector could crash. This was addressed in epan/dissectors/packet-enip.c by changing the memory-management approach so that a use-after-free is avoided.
|
|||||
| CVE-2019-5606 | 1 Freebsd | 1 Freebsd | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
In FreeBSD 12.0-STABLE before r349805, 12.0-RELEASE before 12.0-RELEASE-p8, 11.3-STABLE before r349806, 11.3-RELEASE before 11.3-RELEASE-p1, and 11.2-RELEASE before 11.2-RELEASE-p12, code which handles close of a descriptor created by posix_openpt fails to undo a signal configuration. This causes an incorrect signal to be raised leading to a write after free of kernel memory allowing a malicious user to gain root privileges or escape a jail.
|
|||||
| CVE-2019-5527 | 2 Apple, Vmware | 6 Mac Os X, Esxi, Fusion and 3 more | 2024-11-21 | 7.2 HIGH | 8.8 HIGH |
|
ESXi, Workstation, Fusion, VMRC and Horizon Client contain a use-after-free vulnerability in the virtual sound device. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.5.
|
|||||
| CVE-2019-5525 | 2 Linux, Vmware | 2 Linux Kernel, Workstation | 2024-11-21 | 7.2 HIGH | 8.8 HIGH |
|
VMware Workstation (15.x before 15.1.0) contains a use-after-free vulnerability in the Advanced Linux Sound Architecture (ALSA) backend. A malicious user with normal user privileges on the guest machine may exploit this issue in conjunction with other issues to execute code on the Linux host where Workstation is installed.
|
|||||
| CVE-2019-5214 | 1 Huawei | 2 Mate 10, Mate 10 Firmware | 2024-11-21 | 7.1 HIGH | 5.5 MEDIUM |
|
There is a use after free vulnerability on certain driver component in Huawei Mate10 smartphones versions earlier than ALP-AL00B 9.0.0.167(C00E85R2P20T8). An attacker tricks the user into installing a malicious application, which make the software to reference memory after it has been freed. Successful exploit could cause a denial of service condition.
|
|||||
| CVE-2019-5145 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit PDF Reader, version 9.7.0.29435. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
|
|||||
| CVE-2019-5131 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader, version 9.7.0.29435. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
|
|||||
| CVE-2019-5130 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.7.0.29435. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
|
|||||
| CVE-2019-5126 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit PDF Reader, version 9.7.0.29435. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
|
|||||
| CVE-2019-5096 | 1 Embedthis | 1 Goahead | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An exploitable code execution vulnerability exists in the processing of multi-part/form-data requests within the base GoAhead web server application in versions v5.0.1, v.4.1.1 and v3.6.5. A specially crafted HTTP request can lead to a use-after-free condition during the processing of this request that can be used to corrupt heap structures that could lead to full code execution. The request can be unauthenticated in the form of GET or POST requests, and does not require the requested resource t ...
Show More |
|||||
| CVE-2019-5067 | 1 Aspose | 1 Aspose.pdf For C\+\+ | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An uninitialized memory access vulnerability exists in the way Aspose.PDF 19.2 for C++ handles invalid parent object pointers. A specially crafted PDF can cause a read and write from uninitialized memory, resulting in memory corruption and possibly arbitrary code execution. To trigger this vulnerability, a specifically crafted PDF document needs to be processed by the target application.
|
|||||
| CVE-2019-5066 | 1 Aspose | 1 Aspose.pdf For C\+\+ | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An exploitable use-after-free vulnerability exists in the way LZW-compressed streams are processed in Aspose.PDF 19.2 for C++. A specially crafted PDF can cause a dangling heap pointer, resulting in a use-after-free condition. To trigger this vulnerability, a specifically crafted PDF document needs to be processed by the target application.
|
|||||
| CVE-2019-5053 | 1 Gonitro | 1 Nitropdf | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
An exploitable use-after-free vulnerability exists in the Length parsing function of NitroPDF. A specially crafted PDF can cause a type confusion, resulting in a use-after-free condition. An attacker can craft a malicious PDF to trigger this vulnerability.
|
|||||
| CVE-2019-5047 | 1 Gonitro | 1 Nitropdf | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
An exploitable Use After Free vulnerability exists in the CharProcs parsing functionality of NitroPDF. A specially crafted PDF can cause a type confusion, resulting in a Use After Free. An attacker can craft a malicious PDF to trigger this vulnerability.
|
|||||
| CVE-2019-5042 | 1 Aspose | 1 Aspose.pdf For C\+\+ | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
An exploitable Use-After-Free vulnerability exists in the way FunctionType 0 PDF elements are processed in Aspose.PDF 19.2 for C++. A specially crafted PDF can cause a dangling heap pointer, resulting in a use-after-free. An attacker can send a malicious PDF to trigger this vulnerability.
|
|||||
| CVE-2019-5018 | 2 Canonical, Sqlite | 2 Ubuntu Linux, Sqlite | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
|
An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send a malicious SQL command to trigger this vulnerability.
|
|||||
| CVE-2019-3994 | 2 Elog Project, Fedoraproject | 2 Elog, Fedora | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
ELOG 3.1.4-57bea22 and below is affected by a denial of service vulnerability due to a use after free. A remote unauthenticated attacker can crash the ELOG server by sending multiple HTTP POST requests which causes the ELOG function retrieve_url() to use a freed variable.
|
|||||
| CVE-2019-3896 | 2 Linux, Redhat | 5 Linux Kernel, Enterprise Linux Desktop, Enterprise Linux Server and 2 more | 2024-11-21 | 7.2 HIGH | 7.0 HIGH |
|
A double-free can happen in idr_remove_all() in lib/idr.c in the Linux kernel 2.6 branch. An unprivileged local attacker can use this flaw for a privilege escalation or for a system crash and a denial of service (DoS).
|
|||||
| CVE-2019-3885 | 3 Canonical, Clusterlabs, Fedoraproject | 3 Ubuntu Linux, Pacemaker, Fedora | 2024-11-21 | 5.0 MEDIUM | 3.3 LOW |
|
A use-after-free flaw was found in pacemaker up to and including version 2.0.1 which could result in certain sensitive information to be leaked via the system logs.
|
|||||
| CVE-2019-3829 | 2 Fedoraproject, Gnu | 2 Fedora, Gnutls | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. A memory corruption (double free) vulnerability in the certificate verification API. Any client or server application that verifies X.509 certificates with GnuTLS 3.5.8 or later is affected.
|
|||||
| CVE-2019-3817 | 1 Rpm | 1 Libcomps | 2024-11-21 | 6.8 MEDIUM | 7.5 HIGH |
|
A use-after-free flaw has been discovered in libcomps before version 0.1.10 in the way ObjMRTrees are merged. An attacker, who is able to make an application read a crafted comps XML file, may be able to crash the application or execute malicious code.
|
|||||
| CVE-2019-2393 | 1 Mongodb | 1 Mongodb | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which use $lookup and collations. This issue affects MongoDB Server v4.2 versions prior to 4.2.1; MongoDB Server v4.0 versions prior to 4.0.13 and MongoDB Server v3.6 versions prior to 3.6.15.
|
|||||
| CVE-2019-2336 | 1 Qualcomm | 14 Mdm9205, Mdm9205 Firmware, Qcs404 and 11 more | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
|
Subsequent use of the CBO listener may result in further memory corruption due to use after free issue. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in MDM9205, QCS404, SDX55, SM6150, SM7150, SM8150, SXR2130
|
|||||
| CVE-2019-2329 | 1 Qualcomm | 26 Mdm9205, Mdm9205 Firmware, Qcs404 and 23 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Use after free issue in cleanup routine due to missing pointer sanitization for a failed start of a trusted application. in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9205, QCS404, QCS605, SDA845, SDM670, SDM710, SDM845, SDX55, SM6150, SM7150, SM8150, SXR1130, SXR2130
|
|||||
| CVE-2019-2316 | 1 Qualcomm | 42 Mdm9640, Mdm9640 Firmware, Qcs405 and 39 more | 2024-11-21 | 7.2 HIGH | 8.8 HIGH |
|
When computing the digest a local variable is used after going out of scope in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9640, QCS405, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 845 / SD 850, SD 855, SDM660, SDX24
|
|||||
| CVE-2019-2314 | 1 Qualcomm | 48 Msm8909w, Msm8909w Firmware, Qcs405 and 45 more | 2024-11-21 | 4.4 MEDIUM | 7.0 HIGH |
|
Possible race condition that will cause a use-after-free when writing to two sysfs entries at nearly the same time in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, QCS405, QCS605, Qualcomm 215, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 845 / SD 850, SD 855, SDM439, SDM660, SDX20, SDX24
|
|||||
| CVE-2019-2298 | 1 Qualcomm | 58 Mdm9150, Mdm9150 Firmware, Mdm9206 and 55 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Protection is missing while accessing md sessions info via macro which can lead to use-after-free in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, QCS405, QCS605, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 845 / SD 850, SD 855, SDM660, SDX20, SDX24
|
|||||
| CVE-2019-2293 | 1 Qualcomm | 42 Msm8909w, Msm8909w Firmware, Qcs405 and 39 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Pointer dereference while freeing IFE resources due to lack of length check of in port resource. in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, QCS405, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 845 / SD 850, SD 855, SDM630, SDM660, SDX24
|
|||||
| CVE-2019-2290 | 1 Qualcomm | 56 Mdm9206, Mdm9206 Firmware, Mdm9607 and 53 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Multiple open and close from multiple threads will lead camera driver to access destroyed session data pointer in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDM660, SDX20, SDX24, Snapdragon_High_Med_2016
|
|||||
| CVE-2019-2284 | 1 Qualcomm | 42 Msm8909w, Msm8909w Firmware, Qcs405 and 39 more | 2024-11-21 | 4.4 MEDIUM | 7.0 HIGH |
|
Possible use-after-free issue due to a race condition while calling camera ioctl concurrently in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, QCS405, QCS605, Qualcomm 215, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 845 / SD 850, SD 855, SDM439, SDX24
|
|||||
| CVE-2019-2264 | 1 Qualcomm | 52 Mdm9607, Mdm9607 Firmware, Mdm9640 and 49 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Null pointer dereference occurs for channel context while opening glink channel in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9607, MDM9640, MSM8909W, QCS405, QCS605, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SDM439, SDM630, SDM660, SDX24
|
|||||