Total
6538 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-21084 | 1 Google | 1 Android | 2024-11-21 | 8.1 High |
| An issue was discovered on Samsung mobile devices with L(5.1), M(6.0), and N(7.x) software. There is a race condition with a resultant read-after-free issue in get_kek. The Samsung ID is SVE-2017-11174 (February 2018). | ||||
| CVE-2018-21040 | 2 Google, Samsung | 2 Android, Exynos 9810 | 2024-11-21 | 8.1 High |
| An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (Exynos 9810 chipsets) software. There is a race condition with a resultant use-after-free in the g2d driver. The Samsung ID is SVE-2018-12959 (December 2018). | ||||
| CVE-2018-21008 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A |
| An issue was discovered in the Linux kernel before 4.16.7. A use-after-free can be caused by the function rsi_mac80211_detach in the file drivers/net/wireless/rsi/rsi_91x_mac80211.c. | ||||
| CVE-2018-20997 | 1 Rust-openssl Project | 1 Rust-openssl | 2024-11-21 | N/A |
| An issue was discovered in the openssl crate before 0.10.9 for Rust. A use-after-free occurs in CMS Signing. | ||||
| CVE-2018-20976 | 2 Linux, Redhat | 6 Linux Kernel, Enterprise Mrg, Rhel Aus and 3 more | 2024-11-21 | N/A |
| An issue was discovered in fs/xfs/xfs_super.c in the Linux kernel before 4.18. A use after free exists, related to xfs_fs_fill_super failure. | ||||
| CVE-2018-20856 | 2 Linux, Redhat | 8 Linux Kernel, Enterprise Linux, Enterprise Mrg and 5 more | 2024-11-21 | N/A |
| An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an __blk_drain_queue() use-after-free because a certain error case is mishandled. | ||||
| CVE-2018-20836 | 7 Canonical, Debian, F5 and 4 more | 16 Ubuntu Linux, Debian Linux, Traffix Signaling Delivery Controller and 13 more | 2024-11-21 | 8.1 High |
| An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free. | ||||
| CVE-2018-20748 | 4 Canonical, Debian, Libvnc Project and 1 more | 15 Ubuntu Linux, Debian Linux, Libvncserver and 12 more | 2024-11-21 | 9.8 Critical |
| LibVNC before 0.9.12 contains multiple heap out-of-bounds write vulnerabilities in libvncclient/rfbproto.c. The fix for CVE-2018-20019 was incomplete. | ||||
| CVE-2018-20592 | 2 Fedoraproject, Msweet | 2 Fedora, Mini-xml | 2024-11-21 | N/A |
| In Mini-XML (aka mxml) v2.12, there is a use-after-free in the mxmlAdd function of the mxml-node.c file. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted xml file, as demonstrated by mxmldoc. | ||||
| CVE-2018-20538 | 1 Nasm | 1 Netwide Assembler | 2024-11-21 | N/A |
| There is a use-after-free at asm/preproc.c (function pp_getline) in Netwide Assembler (NASM) 2.14rc16 that will cause a denial of service during certain finishes tests. | ||||
| CVE-2018-20535 | 1 Nasm | 1 Netwide Assembler | 2024-11-21 | N/A |
| There is a use-after-free at asm/preproc.c (function pp_getline) in Netwide Assembler (NASM) 2.14rc16 that will cause a denial of service during a line-number increment attempt. | ||||
| CVE-2018-20356 | 1 Cesanta | 1 Mongoose | 2024-11-21 | N/A |
| An invalid read of 8 bytes due to a use-after-free vulnerability in the mg_http_free_proto_data_cgi function call in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service (application crash) or remote code execution. | ||||
| CVE-2018-20355 | 1 Cesanta | 1 Mongoose | 2024-11-21 | N/A |
| An invalid write of 8 bytes due to a use-after-free vulnerability in the mg_http_free_proto_data_cgi function call in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service (application crash) or remote code execution. | ||||
| CVE-2018-20354 | 1 Cesanta | 1 Mongoose | 2024-11-21 | N/A |
| An invalid read of 8 bytes due to a use-after-free vulnerability during a "return" in the mg_http_get_proto_data function in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service (application crash) or remote code execution. | ||||
| CVE-2018-20353 | 1 Cesanta | 1 Mongoose | 2024-11-21 | N/A |
| An invalid read of 8 bytes due to a use-after-free vulnerability during a "NULL test" in the mg_http_get_proto_data function in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service (application crash) or remote code execution. | ||||
| CVE-2018-20352 | 1 Cesanta | 1 Mongoose Embedded Web Server Library | 2024-11-21 | N/A |
| Use-after-free vulnerability in the mg_cgi_ev_handler function in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service (application crash) or remote code execution. | ||||
| CVE-2018-20066 | 1 Google | 1 Chrome | 2024-11-21 | N/A |
| Incorrect object lifecycle in Extensions in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2018-20020 | 3 Canonical, Debian, Libvnc Project | 3 Ubuntu Linux, Debian Linux, Libvncserver | 2024-11-21 | N/A |
| LibVNC before commit 7b1ef0ffc4815cab9a96c7278394152bdc89dc4d contains heap out-of-bound write vulnerability inside structure in VNC client code that can result remote code execution | ||||
| CVE-2018-20019 | 4 Canonical, Debian, Libvnc Project and 1 more | 15 Ubuntu Linux, Debian Linux, Libvncserver and 12 more | 2024-11-21 | 9.8 Critical |
| LibVNC before commit a83439b9fbe0f03c48eb94ed05729cb016f8b72f contains multiple heap out-of-bound write vulnerabilities in VNC client code that can result remote code execution | ||||
| CVE-2018-20005 | 2 Fedoraproject, Msweet | 2 Fedora, Mini-xml | 2024-11-21 | N/A |
| An issue has been found in Mini-XML (aka mxml) 2.12. It is a use-after-free in mxmlWalkNext in mxml-search.c, as demonstrated by mxmldoc. | ||||