ReportizFlow
Filtered by vendor
Subscriptions
Total
5628 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-8636 | 1 Google | 1 Chrome | 2024-09-13 | 8.8 High |
| Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-8394 | 2 Mozilla, Redhat | 6 Thunderbird, Enterprise Linux, Rhel Aus and 3 more | 2024-09-11 | 6.5 Medium |
| When aborting the verification of an OTR chat session, an attacker could have caused a use-after-free bug leading to a potentially exploitable crash. This vulnerability affects Thunderbird < 128.2. | ||||
| CVE-2024-41160 | 2 Openatom, Openharmony | 2 Openharmony, Openharmony | 2024-09-09 | 8.8 High |
| in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through use after free. | ||||
| CVE-2024-8384 | 2 Mozilla, Redhat | 8 Firefox, Firefox Esr, Enterprise Linux and 5 more | 2024-09-06 | 9.8 Critical |
| The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two passes. This could have led to memory corruption. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, Firefox ESR < 115.15, Thunderbird < 128.2, and Thunderbird < 115.15. | ||||
| CVE-2024-45063 | 1 Freebsd | 1 Freebsd | 2024-09-06 | 9.8 Critical |
| The function ctl_write_buffer incorrectly set a flag which resulted in a kernel Use-After-Free when a command finished processing. Malicious software running in a guest VM that exposes virtio_scsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process. A malicious iSCSI initiator could achieve remote code execution on the iSCSI target host. | ||||
| CVE-2024-45107 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-09-06 | 5.5 Medium |
| Acrobat Reader versions 20.005.30636, 24.002.20964, 24.001.30123, 24.002.20991 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-38402 | 1 Qualcomm | 362 Ar8035, Ar8035 Firmware, Csra6620 and 359 more | 2024-09-06 | 7.8 High |
| Memory corruption while processing IOCTL call for getting group info. | ||||
| CVE-2024-38401 | 1 Qualcomm | 82 Ar8035, Ar8035 Firmware, C-v2x 9150 and 79 more | 2024-09-05 | 7.8 High |
| Memory corruption while processing concurrent IOCTL calls. | ||||
| CVE-2024-33060 | 1 Qualcomm | 540 215 Mobile, 215 Mobile Firmware, 315 5g Iot and 537 more | 2024-09-05 | 8.4 High |
| Memory corruption when two threads try to map and unmap a single node simultaneously. | ||||
| CVE-2024-23365 | 1 Qualcomm | 27 Fastconnect 7800 Firmware, Qam8255p Firmware, Qam8650p Firmware and 24 more | 2024-09-05 | 8.4 High |
| Memory corruption while releasing shared resources in MinkSocket listener thread. | ||||
| CVE-2024-8362 | 1 Google | 1 Chrome | 2024-09-05 | 8.8 High |
| Use after free in WebAudio in Google Chrome prior to 128.0.6613.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-41157 | 2 Openatom, Openharmony | 2 Openharmony, Openharmony | 2024-09-04 | 8.8 High |
| in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through use after free. | ||||
| CVE-2024-7968 | 1 Google | 1 Chrome | 2024-08-27 | 8.8 High |
| Use after free in Autofill in Google Chrome prior to 128.0.6613.84 allowed a remote attacker who had convinced the user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-7964 | 1 Google | 2 Android, Chrome | 2024-08-27 | 8.8 High |
| Use after free in Passwords in Google Chrome on Android prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-7527 | 2 Mozilla, Redhat | 9 Firefox, Firefox Esr, Thunderbird and 6 more | 2024-08-20 | 8.8 High |
| Unexpected marking work at the start of sweeping could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14. | ||||
| CVE-2024-39383 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-08-20 | 7.8 High |
| Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-32927 | 1 Google | 1 Android | 2024-08-20 | 7.8 High |
| In sendDeviceState_1_6 of RadioExt.cpp, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-20789 | 1 Adobe | 1 Dimension | 2024-08-19 | 7.8 High |
| Dimension versions 3.4.11 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-39422 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-08-15 | 7.8 High |
| Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-39424 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-08-15 | 7.8 High |
| Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||