Total
5984 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-9944 | 1 Foxitsoftware | 2 Foxit Reader, Phantompdf | 2024-11-21 | N/A |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the addLink method. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5379. | ||||
| CVE-2018-9935 | 1 Foxitsoftware | 2 Foxit Reader, Phantompdf | 2024-11-21 | N/A |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.2.25013. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the addField method. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5312. | ||||
| CVE-2018-9517 | 2 Google, Redhat | 3 Android, Enterprise Linux, Rhel Extras Rt | 2024-11-21 | N/A |
| In pppol2tp_connect, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-38159931. | ||||
| CVE-2018-9514 | 1 Google | 1 Android | 2024-11-21 | N/A |
| In sdcardfs_open of file.c, there is a possible Use After Free due to an unusual root cause. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-111642636 References: N/A | ||||
| CVE-2018-9476 | 1 Google | 1 Android | 2024-11-21 | N/A |
| In avrc_pars_browsing_cmd of avrc_pars_tg.cc, there is a possible use-after-free due to improper locking. This could lead to remote escalation of privilege in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0 Android-8.1 Android ID: A-109699112 | ||||
| CVE-2018-9465 | 1 Google | 1 Android | 2024-11-21 | N/A |
| In task_get_unused_fd_flags of binder.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-69164715 References: Upstream kernel. | ||||
| CVE-2018-9422 | 2 Debian, Google | 2 Debian Linux, Android | 2024-11-21 | N/A |
| In get_futex_key of futex.c, there is a use-after-free due to improper locking. This could lead to local escalation of privilege with no additional privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-74250718 References: Upstream kernel. | ||||
| CVE-2018-9009 | 2 Debian, Libming | 2 Debian Linux, Libming | 2024-11-21 | N/A |
| In libming 0.4.8, there is a use-after-free in the decompileJUMP function of the decompile.c file. | ||||
| CVE-2018-8964 | 1 Libming | 1 Libming | 2024-11-21 | N/A |
| In libming 0.4.8, the decompileDELETE function of decompile.c has a use-after-free. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file. | ||||
| CVE-2018-8963 | 1 Libming | 1 Libming | 2024-11-21 | N/A |
| In libming 0.4.8, the decompileGETVARIABLE function of decompile.c has a use-after-free. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file. | ||||
| CVE-2018-8962 | 1 Libming | 1 Libming | 2024-11-21 | N/A |
| In libming 0.4.8, the decompileSingleArgBuiltInFunctionCall function of decompile.c has a use-after-free. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file. | ||||
| CVE-2018-8961 | 1 Libming | 1 Libming | 2024-11-21 | N/A |
| In libming 0.4.8, the decompilePUSHPARAM function of decompile.c has a use-after-free. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file. | ||||
| CVE-2018-8843 | 1 Rockwellautomation | 1 Arena | 2024-11-21 | N/A |
| Rockwell Automation Arena versions 15.10.00 and prior contains a use after free vulnerability caused by processing specially crafted Arena Simulation Software files that may cause the software application to crash, potentially losing any unsaved data.. | ||||
| CVE-2018-8807 | 1 Libming | 1 Libming | 2024-11-21 | N/A |
| In libming 0.4.8, these is a use-after-free in the function decompileCALLFUNCTION of decompile.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file. | ||||
| CVE-2018-8806 | 1 Libming | 1 Libming | 2024-11-21 | N/A |
| In libming 0.4.8, there is a use-after-free in the decompileArithmeticOp function of decompile.c. Remote attackers could use this vulnerability to cause a denial-of-service via a crafted swf file. | ||||
| CVE-2018-8804 | 3 Canonical, Imagemagick, Redhat | 3 Ubuntu Linux, Imagemagick, Enterprise Linux | 2024-11-21 | N/A |
| WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote attackers to cause a denial of service (MagickCore/memory.c double free and application crash) or possibly have unspecified other impact via a crafted file. | ||||
| CVE-2018-8625 | 1 Microsoft | 9 Internet Explorer, Windows 10, Windows 7 and 6 more | 2024-11-21 | N/A |
| A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. | ||||
| CVE-2018-8544 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | N/A |
| A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. | ||||
| CVE-2018-8353 | 1 Microsoft | 8 Internet Explorer, Windows 10, Windows 7 and 5 more | 2024-11-21 | N/A |
| A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-8355, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-2018-8373, CVE-2018-8385, CVE-2018-8389, CVE-2018-8390. | ||||
| CVE-2018-7993 | 1 Huawei | 2 Mate 10, Mate 10 Firmware | 2024-11-21 | N/A |
| HUAWEI Mate 10 smartphones with versions earlier than ALP-AL00 8.1.0.311 have a use after free vulnerability on mediaserver component. An attacker tricks the user install a malicious application, which make the software to reference memory after it has been freed. Successful exploit could cause execution of arbitrary code. | ||||