Total
6799 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-13511 | 1 Rockwellautomation | 1 Arena | 2024-12-17 | 3.3 Low |
| Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier contain an INFORMATION EXPOSURE CWE-200. A maliciously crafted Arena file opened by an unsuspecting user may result in the limited exposure of information related to the targeted workstation. | ||||
| CVE-2019-13510 | 1 Rockwellautomation | 1 Arena | 2024-12-17 | N/A |
| Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier contain a USE AFTER FREE CWE-416. A maliciously crafted Arena file opened by an unsuspecting user may result in the application crashing or the execution of arbitrary code. | ||||
| CVE-2024-12382 | 1 Google | 1 Chrome | 2024-12-17 | 8.8 High |
| Use after free in Translate in Google Chrome prior to 131.0.6778.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2023-46708 | 1 Openatom | 1 Openharmony | 2024-12-16 | 4.3 Medium |
| in OpenHarmony v3.2.4 and prior versions allow a local attacker arbitrary code execution in any apps through use after free. | ||||
| CVE-2023-40100 | 1 Google | 1 Android | 2024-12-16 | 7.8 High |
| In discovery_thread of Dns64Configuration.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-47892 | 2024-12-16 | 7.8 High | ||
| Software installed and run as a non-privileged user may conduct GPU system calls to read and write freed physical memory from the GPU. | ||||
| CVE-2024-46971 | 2024-12-16 | 7.8 High | ||
| Software installed and run as a non-privileged user may conduct GPU system calls to read and write freed physical memory from the GPU. | ||||
| CVE-2023-21165 | 1 Google | 1 Android | 2024-12-16 | 7.8 High |
| In DevmemIntUnmapPMR of devicemem_server.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-40107 | 1 Google | 1 Android | 2024-12-13 | 7.8 High |
| In ARTPWriter of ARTPWriter.cpp, there is a possible use after free due to uninitialized data. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-40114 | 1 Google | 1 Android | 2024-12-13 | 7.8 High |
| In multiple functions of MtpFfsHandle.cpp , there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. | ||||
| CVE-2023-40115 | 1 Google | 1 Android | 2024-12-13 | 7.8 High |
| In readLogs of StatsService.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-33053 | 1 Qualcomm | 114 C-v2x 9150, C-v2x 9150 Firmware, Fastconnect 6200 and 111 more | 2024-12-12 | 6.7 Medium |
| Memory corruption when multiple threads try to unregister the CVP buffer at the same time. | ||||
| CVE-2024-33040 | 1 Qualcomm | 60 Fastconnect 6800, Fastconnect 6800 Firmware, Fastconnect 6900 and 57 more | 2024-12-12 | 6.7 Medium |
| Memory corruption while invoking redundant release command to release one buffer from user space as race condition can occur in kernel space between buffer release and buffer access. | ||||
| CVE-2023-25747 | 1 Mozilla | 1 Firefox | 2024-12-11 | 7.5 High |
| A potential use-after-free in libaudio was fixed by disabling the AAudio backend when running on Android API below version 30. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox for Android < 110.1.0. | ||||
| CVE-2024-10074 | 2 Openatom, Openharmony | 2 Openharmony, Openharmony | 2024-12-11 | 8.8 High |
| in OpenHarmony v4.1.1 and prior versions allow a local attacker cause the common permission is upgraded to root through use after free. | ||||
| CVE-2020-20703 | 1 Vim | 1 Vim | 2024-12-10 | 9.8 Critical |
| Buffer Overflow vulnerability in VIM v.8.1.2135 allows a remote attacker to execute arbitrary code via the operand parameter. | ||||
| CVE-2024-52568 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-12-10 | 7.8 High |
| A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All versions < V2312.0008), Teamcenter Visualization V2406 (All versions < V2406.0005), Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). The affected applications contain a use-after-free vulnerability that could be triggered while parsing specially crafted WRL files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-24244) | ||||
| CVE-2024-38910 | 1 Open Robotics | 2 Nav2 Humble, Ros2 | 2024-12-06 | 7.5 High |
| Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble version was discovered to contain a use-after-free in the nav2_amcl process. This vulnerability is triggered via sending a request to change dynamic parameters. | ||||
| CVE-2024-38920 | 1 Open Robotics | 2 Nav2 Humble, Ros2 | 2024-12-06 | 9.1 Critical |
| Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl process. This vulnerability is triggerd via remotely sending a request for change the value of dynamic-parameter`/amcl max_beams` . | ||||
| CVE-2022-22630 | 1 Apple | 2 Mac Os X, Macos | 2024-12-06 | 9.8 Critical |
| A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.6.6, macOS Monterey 12.3, Security Update 2022-004 Catalina. A remote user may cause an unexpected app termination or arbitrary code execution | ||||