Total
6777 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-3599 | 1 Google | 1 Android | 2024-11-21 | N/A |
| In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, while notifying a DCI client, a Use After Free condition can occur. | ||||
| CVE-2018-3590 | 1 Qualcomm | 28 Msm8909w, Msm8909w Firmware, Sd 205 and 25 more | 2024-11-21 | N/A |
| In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, a Use After Free condition can occur in RIL while handling requests from Android. | ||||
| CVE-2018-3587 | 1 Google | 1 Android | 2024-11-21 | N/A |
| In a firmware memory dump feature in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android), a Use After Free condition can occur. | ||||
| CVE-2018-3584 | 1 Google | 1 Android | 2024-11-21 | N/A |
| In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, a Use After Free condition can occur in the function rmnet_usb_ctrl_init(). | ||||
| CVE-2018-3571 | 1 Google | 1 Android | 2024-11-21 | N/A |
| In the KGSL driver in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel, a Use After Free condition can occur when printing information about sparse memory allocations | ||||
| CVE-2018-3564 | 1 Google | 1 Android | 2024-11-21 | N/A |
| In the FastRPC driver in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, a Use After Free condition can occur when mapping on the remote processor fails. | ||||
| CVE-2018-3561 | 1 Google | 1 Android | 2024-11-21 | N/A |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition in diag_ioctl_lsm_deinit() leads to a Use After Free condition. | ||||
| CVE-2018-2641 | 6 Canonical, Debian, Hp and 3 more | 19 Ubuntu Linux, Debian Linux, Xp7 Command View and 16 more | 2024-11-21 | 6.1 Medium |
| Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N). | ||||
| CVE-2018-2629 | 6 Canonical, Debian, Hp and 3 more | 19 Ubuntu Linux, Debian Linux, Xp7 Command View and 16 more | 2024-11-21 | 5.3 Medium |
| Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JGSS). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N). | ||||
| CVE-2018-25028 | 1 Libpulse-binding Project | 1 Libpulse-binding | 2024-11-21 | 7.5 High |
| An issue was discovered in the libpulse-binding crate before 1.2.1 for Rust. get_context can cause a use-after-free. | ||||
| CVE-2018-25027 | 1 Libpulse-binding Project | 1 Libpulse-binding | 2024-11-21 | 7.5 High |
| An issue was discovered in the libpulse-binding crate before 1.2.1 for Rust. get_format_info can cause a use-after-free. | ||||
| CVE-2018-25015 | 2 Linux, Netapp | 17 Linux Kernel, H300e, H300e Firmware and 14 more | 2024-11-21 | 7.8 High |
| An issue was discovered in the Linux kernel before 4.14.16. There is a use-after-free in net/sctp/socket.c for a held lock after a peel off, aka CID-a0ff660058b8. | ||||
| CVE-2018-25001 | 1 Libpulse-binding Project | 1 Libpulse-binding | 2024-11-21 | 6.5 Medium |
| An issue was discovered in the libpulse-binding crate before 2.5.0 for Rust. proplist::Iterator can cause a use-after-free. | ||||
| CVE-2018-21085 | 1 Google | 1 Android | 2024-11-21 | 8.1 High |
| An issue was discovered on Samsung mobile devices with L(5.x), M(6.0), and N(7.x) software. There is a race condition with a resultant use-after-free in vnswap_deinit_backing_storage. The Samsung ID is SVE-2017-11176 (February 2018). | ||||
| CVE-2018-21084 | 1 Google | 1 Android | 2024-11-21 | 8.1 High |
| An issue was discovered on Samsung mobile devices with L(5.1), M(6.0), and N(7.x) software. There is a race condition with a resultant read-after-free issue in get_kek. The Samsung ID is SVE-2017-11174 (February 2018). | ||||
| CVE-2018-21040 | 2 Google, Samsung | 2 Android, Exynos 9810 | 2024-11-21 | 8.1 High |
| An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (Exynos 9810 chipsets) software. There is a race condition with a resultant use-after-free in the g2d driver. The Samsung ID is SVE-2018-12959 (December 2018). | ||||
| CVE-2018-21008 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A |
| An issue was discovered in the Linux kernel before 4.16.7. A use-after-free can be caused by the function rsi_mac80211_detach in the file drivers/net/wireless/rsi/rsi_91x_mac80211.c. | ||||
| CVE-2018-20997 | 1 Rust-openssl Project | 1 Rust-openssl | 2024-11-21 | N/A |
| An issue was discovered in the openssl crate before 0.10.9 for Rust. A use-after-free occurs in CMS Signing. | ||||
| CVE-2018-20976 | 2 Linux, Redhat | 6 Linux Kernel, Enterprise Mrg, Rhel Aus and 3 more | 2024-11-21 | N/A |
| An issue was discovered in fs/xfs/xfs_super.c in the Linux kernel before 4.18. A use after free exists, related to xfs_fs_fill_super failure. | ||||
| CVE-2018-20856 | 2 Linux, Redhat | 8 Linux Kernel, Enterprise Linux, Enterprise Mrg and 5 more | 2024-11-21 | N/A |
| An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an __blk_drain_queue() use-after-free because a certain error case is mishandled. | ||||