Vulnerabilities (CVE)

Filtered by CWE-416
Total 4506 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-10497 1 Qualcomm 86 Mdm9150, Mdm9150 Firmware, Mdm9206 and 83 more 2019-10-02 4.6 MEDIUM 7.8 HIGH
Use after free issue occurs If another instance of open for voice_svc node has been called from application without closing the previous one. in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24
CVE-2019-10509 1 Qualcomm 64 Msm8909w, Msm8909w Firmware, Msm8996au and 61 more 2019-10-02 10.0 HIGH 9.8 CRITICAL
Device record of the pairing device used after free during ACL disconnection in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, MSM8996AU, QCA6574AU, QCS405, QCS605, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016
CVE-2019-9427 1 Google 1 Android 2019-10-01 2.1 LOW 5.5 MEDIUM
In Bluetooth, there is a possible information disclosure due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-110166350
CVE-2019-9431 1 Google 1 Android 2019-09-30 4.0 MEDIUM 4.9 MEDIUM
In Bluetooth, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure with heap information written to the log with System execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-109755179
CVE-2019-16882 1 String-interner Project 1 String-interner 2019-09-26 5.0 MEDIUM 7.5 HIGH
An issue was discovered in the string-interner crate before 0.7.1 for Rust. It allows attackers to read from memory locations associated with dangling pointers, because of a cloning flaw.
CVE-2019-16881 1 Portaudio-rs Project 1 Portaudio-rs 2019-09-26 7.5 HIGH 9.8 CRITICAL
An issue was discovered in the portaudio-rs crate through 0.3.1 for Rust. There is a use-after-free with resultant arbitrary code execution because of a lack of unwind safety in stream_callback and stream_finished_callback.
CVE-2018-21008 1 Linux 1 Linux Kernel 2019-09-24 4.9 MEDIUM 5.5 MEDIUM
An issue was discovered in the Linux kernel before 4.16.7. A use-after-free can be caused by the function rsi_mac80211_detach in the file drivers/net/wireless/rsi/rsi_91x_mac80211.c.
CVE-2019-15890 2 Libslirp Project, Qemu 2 Libslirp, Qemu 2019-09-20 5.0 MEDIUM 7.5 HIGH
libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c.
CVE-2019-16510 1 Mz-automation 1 Libiec61850 2019-09-19 5.0 MEDIUM 7.5 HIGH
libIEC61850 through 1.3.3 has a use-after-free in MmsServer_waitReady in mms/iso_mms/server/mms_server.c, as demonstrated by server_example_goose.
CVE-2019-16396 1 Gnucobol Project 1 Gnucobol 2019-09-18 6.8 MEDIUM 7.8 HIGH
GnuCOBOL 2.2 has a use-after-free in the end_scope_of_program_name() function in cobc/parser.y via crafted COBOL source code.
CVE-2018-19824 3 Canonical, Debian, Linux 3 Ubuntu Linux, Debian Linux, Linux Kernel 2019-09-10 4.6 MEDIUM 7.8 HIGH
In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c.
CVE-2019-16165 1 Gnu 1 Cflow 2019-09-10 4.3 MEDIUM 6.5 MEDIUM
GNU cflow through 1.6 has a use-after-free in the reference function in parser.c.
CVE-2019-16138 1 Image-rs 1 Image 2019-09-10 7.5 HIGH 9.8 CRITICAL
An issue was discovered in the image crate before 0.21.3 for Rust, affecting the HDR image format decoder. Vec::set_len is called on an uninitialized vector, leading to a use-after-free and arbitrary code execution.
CVE-2019-9271 1 Google 1 Android 2019-09-09 4.4 MEDIUM 6.4 MEDIUM
In the Android kernel in the mnh driver there is a race condition due to insufficient locking. This could lead to a use-after-free which could lead to escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
CVE-2019-15552 1 Libflate Project 1 Libflate 2019-09-05 7.5 HIGH 9.8 CRITICAL
An issue was discovered in the libflate crate before 0.1.25 for Rust. MultiDecoder::read has a use-after-free, leading to arbitrary code execution.
CVE-2019-7363 1 Autodesk 1 Design Review 2019-08-30 6.8 MEDIUM 7.8 HIGH
Use-after-free vulnerability in Autodesk Design Review versions 2011, 2012, 2013, and 2018. An attacker may trick a user into opening a malicious DWF file that may leverage a use-after-free vulnerability, which may result in code execution.
CVE-2019-7761 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more 2019-08-21 9.3 HIGH 8.8 HIGH
Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2019-7768 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more 2019-08-21 10.0 HIGH 9.8 CRITICAL
Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2019-7766 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more 2019-08-21 10.0 HIGH 9.8 CRITICAL
Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2019-7796 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more 2019-08-21 9.3 HIGH 8.8 HIGH
Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution.