Export limit exceeded: 336805 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (7030 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0059 | 2 Redhat, Zlib | 3 Linux, Powertools, Zlib | 2025-04-03 | 9.8 Critical |
| The decompression algorithm in zlib 1.1.3 and earlier, as used in many different utilities and packages, causes inflateEnd to release certain memory more than once (a "double free"), which may allow local and remote attackers to execute arbitrary code via a block of malformed compression data. | ||||
| CVE-2006-4434 | 1 Sendmail | 1 Sendmail | 2025-04-03 | 7.5 High |
| Use-after-free vulnerability in Sendmail before 8.13.8 allows remote attackers to cause a denial of service (crash) via a long "header line", which causes a previously freed variable to be referenced. NOTE: the original developer has disputed the severity of this issue, saying "The only denial of service that is possible here is to fill up the disk with core dumps if the OS actually generates different core dumps (which is unlikely)... the bug is in the shutdown code (finis()) which leads directly to exit(3), i.e., the process would terminate anyway, no mail delivery or receiption is affected." | ||||
| CVE-2024-25199 | 2 Opennav, Openrobotics | 2 Nav2, Robot Operating System | 2025-04-02 | 8.1 High |
| Inappropriate pointer order of map_sub_ and map_free(map_) (amcl_node.cpp) in Open Robotics Robotic Operating Sytstem 2 (ROS2) and Nav2 humble versions leads to a use-after-free. | ||||
| CVE-2024-25198 | 2 Opennav, Openrobotics | 2 Nav2, Robot Operating System | 2025-04-02 | 9.1 Critical |
| Inappropriate pointer order of laser_scan_filter_.reset() and tf_listener_.reset() (amcl_node.cpp) in Open Robotics Robotic Operating Sytstem 2 (ROS2) and Nav2 humble versions leads to a use-after-free. | ||||
| CVE-2023-0414 | 1 Wireshark | 1 Wireshark | 2025-04-02 | 6.3 Medium |
| Crash in the EAP dissector in Wireshark 4.0.0 to 4.0.2 allows denial of service via packet injection or crafted capture file | ||||
| CVE-2023-20928 | 1 Google | 1 Android | 2025-04-02 | 7.8 High |
| In binder_vma_close of binder.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-254837884References: Upstream kernel | ||||
| CVE-2023-20925 | 1 Google | 1 Android | 2025-04-02 | 7.8 High |
| In setUclampMinLocked of PowerSessionManager.cpp, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-236674672References: N/A | ||||
| CVE-2023-20920 | 1 Google | 1 Android | 2025-04-02 | 7.8 High |
| In queue of UsbRequest.java, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-204584366 | ||||
| CVE-2025-2476 | 1 Google | 1 Chrome | 2025-04-01 | 8.8 High |
| Use after free in Lens in Google Chrome prior to 134.0.6998.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) | ||||
| CVE-2024-4771 | 1 Mozilla | 1 Firefox | 2025-04-01 | 8.6 High |
| A memory allocation check was missing which would lead to a use-after-free if the allocation failed. This could have triggered a crash or potentially be leveraged to achieve code execution. This vulnerability affects Firefox < 126. | ||||
| CVE-2024-4770 | 2 Mozilla, Redhat | 7 Firefox, Thunderbird, Enterprise Linux and 4 more | 2025-04-01 | 8.8 High |
| When saving a page to PDF, certain font styles could have led to a potential use-after-free crash. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. | ||||
| CVE-2024-4764 | 1 Mozilla | 1 Firefox | 2025-04-01 | 9.8 Critical |
| Multiple WebRTC threads could have claimed a newly connected audio input leading to use-after-free. This vulnerability affects Firefox < 126. | ||||
| CVE-2024-27284 | 1 Cassandra-rs Project | 1 Cassandra-rs | 2025-04-01 | 7.5 High |
| cassandra-rs is a Cassandra (CQL) driver for Rust. Code that attempts to use an item (e.g., a row) returned by an iterator after the iterator has advanced to the next item will be accessing freed memory and experience undefined behaviour. The problem has been fixed in version 3.0.0. | ||||
| CVE-2023-0469 | 1 Linux | 1 Linux Kernel | 2025-04-01 | 5.5 Medium |
| A use-after-free flaw was found in io_uring/filetable.c in io_install_fixed_file in the io_uring subcomponent in the Linux Kernel during call cleanup. This flaw may lead to a denial of service. | ||||
| CVE-2023-0468 | 1 Linux | 1 Linux Kernel | 2025-04-01 | 4.7 Medium |
| A use-after-free flaw was found in io_uring/poll.c in io_poll_check_events in the io_uring subcomponent in the Linux Kernel due to a race condition of poll_refs. This flaw may cause a NULL pointer dereference. | ||||
| CVE-2022-42414 | 1 Pdf-xchange | 1 Pdf-xchange Editor | 2025-04-01 | 5.5 Medium |
| This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-18326. | ||||
| CVE-2024-3861 | 3 Debian, Mozilla, Redhat | 8 Debian Linux, Firefox, Thunderbird and 5 more | 2025-04-01 | 4.0 Medium |
| If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10. | ||||
| CVE-2024-3857 | 3 Debian, Mozilla, Redhat | 8 Debian Linux, Firefox, Thunderbird and 5 more | 2025-04-01 | 7.8 High |
| The JIT created incorrect code for arguments in certain cases. This led to potential use-after-free crashes during garbage collection. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10. | ||||
| CVE-2022-3094 | 2 Isc, Redhat | 3 Bind, Enterprise Linux, Rhel Eus | 2025-04-01 | 7.5 High |
| Sending a flood of dynamic DNS updates may cause `named` to allocate large amounts of memory. This, in turn, may cause `named` to exit due to a lack of free memory. We are not aware of any cases where this has been exploited. Memory is allocated prior to the checking of access permissions (ACLs) and is retained during the processing of a dynamic update from a client whose access credentials are accepted. Memory allocated to clients that are not permitted to send updates is released immediately upon rejection. The scope of this vulnerability is limited therefore to trusted clients who are permitted to make dynamic zone changes. If a dynamic update is REFUSED, memory will be released again very quickly. Therefore it is only likely to be possible to degrade or stop `named` by sending a flood of unaccepted dynamic updates comparable in magnitude to a query flood intended to achieve the same detrimental outcome. BIND 9.11 and earlier branches are also affected, but through exhaustion of internal resources rather than memory constraints. This may reduce performance but should not be a significant problem for most servers. Therefore we don't intend to address this for BIND versions prior to BIND 9.16. This issue affects BIND 9 versions 9.16.0 through 9.16.36, 9.18.0 through 9.18.10, 9.19.0 through 9.19.8, and 9.16.8-S1 through 9.16.36-S1. | ||||
| CVE-2022-42374 | 1 Pdf-xchange | 1 Pdf-xchange Editor | 2025-04-01 | 7.8 High |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18403. | ||||