ReportizFlow
Filtered by vendor
Subscriptions
Total
7120 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-23380 | 1 Qualcomm | 215 Fastconnect 6200, Fastconnect 6200 Firmware, Fastconnect 6700 and 212 more | 2024-11-21 | 8.4 High |
| Memory corruption while handling user packets during VBO bind operation. | ||||
| CVE-2024-23373 | 1 Qualcomm | 444 205 Mobile Platform, 205 Mobile Platform Firmware, 215 Mobile Platform and 441 more | 2024-11-21 | 8.4 High |
| Memory corruption when IOMMU unmap operation fails, the DMA and anon buffers are getting released. | ||||
| CVE-2024-23322 | 1 Envoyproxy | 1 Envoy | 2024-11-21 | 7.5 High |
| Envoy is a high-performance edge/middle/service proxy. Envoy will crash when certain timeouts happen within the same interval. The crash occurs when the following are true: 1. hedge_on_per_try_timeout is enabled, 2. per_try_idle_timeout is enabled (it can only be done in configuration), 3. per-try-timeout is enabled, either through headers or configuration and its value is equal, or within the backoff interval of the per_try_idle_timeout. This issue has been addressed in released 1.29.1, 1.28.1, 1.27.3, and 1.26.7. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2024-22920 | 1 Swftools | 1 Swftools | 2024-11-21 | 7.8 High |
| swftools 0.9.2 was discovered to contain a heap-use-after-free via the function bufferWriteData in swftools/lib/action/compile.c. | ||||
| CVE-2024-22914 | 1 Swftools | 1 Swftools | 2024-11-21 | 5.5 Medium |
| A heap-use-after-free was found in SWFTools v0.9.2, in the function input at lex.swf5.c:2620. It allows an attacker to cause denial of service. | ||||
| CVE-2024-22088 | 1 Chendotjs | 1 Lotos Webserver | 2024-11-21 | 9.8 Critical |
| Lotos WebServer through 0.1.1 (commit 3eb36cc) has a use-after-free in buffer_avail() at buffer.h via a long URI, because realloc is mishandled. | ||||
| CVE-2024-21860 | 1 Openatom | 1 Openharmony | 2024-11-21 | 8.2 High |
| in OpenHarmony v4.0.0 and prior versions allow an adjacent attacker arbitrary code execution in any apps through use after free. | ||||
| CVE-2024-20734 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-11-21 | 5.5 Medium |
| Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-1848 | 2024-11-21 | 7.8 High | ||
| Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds Read, Out-Of-Bounds Write, Stack-based Buffer Overflow, Type Confusion, Uninitialized Variable, Use-After-Free vulnerabilities exist in the file reading procedure in SOLIDWORKS Desktop on Release SOLIDWORKS 2024. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted CATPART, DWG, DXF, IPT, JT, SAT, SLDDRW, SLDPRT, STL, STP, X_B or X_T file. | ||||
| CVE-2024-1847 | 2024-11-21 | 7.8 High | ||
| Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds Read, Out-Of-Bounds Write, Stack-based Buffer Overflow, Type Confusion, Uninitialized Variable, Use-After-Free vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted CATPART, IPT, JT, SAT, STL, STP, X_B or X_T file. NOTE: CVE-2024-3298 and CVE-2024-3299 were SPLIT from this ID. | ||||
| CVE-2024-1312 | 3 Fedoraproject, Linux, Redhat | 3 Fedora, Linux Kernel, Enterprise Linux | 2024-11-21 | 5.1 Medium |
| A use-after-free flaw was found in the Linux kernel's Memory Management subsystem when a user wins two races at the same time with a fail in the mas_prev_slot function. This issue could allow a local user to crash the system. | ||||
| CVE-2023-5447 | 2024-11-21 | 5.5 Medium | ||
| Missing lock check in SynHsaService may create a use-after-free condition which causes abnormal termination of the service, resulting in denial of service for the Synaptics Hardware Support App. | ||||
| CVE-2023-5249 | 1 Arm | 2 Bifrost Gpu Kernel Driver, Valhall Gpu Kernel Driver | 2024-11-21 | 7.0 High |
| Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper memory processing operations to exploit a software race condition. If the system’s memory is carefully prepared by the user, then this in turn cause a use-after-free.This issue affects Bifrost GPU Kernel Driver: from r35p0 through r40p0; Valhall GPU Kernel Driver: from r35p0 through r40p0. | ||||
| CVE-2023-52266 | 1 Hongliuliao | 1 Ehttp | 2024-11-21 | 7.5 High |
| ehttp 1.0.6 before 17405b9 has an epoll_socket.cpp read_func use-after-free. An attacker can make many connections over a short time to trigger this. | ||||
| CVE-2023-51782 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-11-21 | 7.0 High |
| An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl in net/rose/af_rose.c has a use-after-free because of a rose_accept race condition. | ||||
| CVE-2023-51781 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-11-21 | 7.0 High |
| An issue was discovered in the Linux kernel before 6.6.8. atalk_ioctl in net/appletalk/ddp.c has a use-after-free because of an atalk_recvmsg race condition. | ||||
| CVE-2023-51780 | 3 Debian, Linux, Redhat | 3 Debian Linux, Linux Kernel, Enterprise Linux | 2024-11-21 | 7.0 High |
| An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race condition. | ||||
| CVE-2023-51779 | 2 Linux, Redhat | 6 Kernel, Enterprise Linux, Rhel Aus and 3 more | 2024-11-21 | 7 High |
| bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race condition. | ||||
| CVE-2023-51043 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Rhel Eus and 1 more | 2024-11-21 | 7.0 High |
| In the Linux kernel before 6.4.5, drivers/gpu/drm/drm_atomic.c has a use-after-free during a race condition between a nonblocking atomic commit and a driver unload. | ||||
| CVE-2023-51042 | 2 Linux, Redhat | 5 Linux Kernel, Enterprise Linux, Logging and 2 more | 2024-11-21 | 7.8 High |
| In the Linux kernel before 6.4.12, amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c has a fence use-after-free. | ||||