Total
5651 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-27784 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A | 5.5 MEDIUM |
| A vulnerability was found in the Linux kernel, where accessing a deallocated instance in printer_ioctl() printer_ioctl() tries to access of a printer_dev instance. However, use-after-free arises because it had been freed by gprinter_free(). | |||||
| CVE-2020-27675 | 3 Debian, Fedoraproject, Linux | 3 Debian Linux, Fedora, Linux Kernel | 2024-11-21 | 4.7 MEDIUM | 4.7 MEDIUM |
| An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. drivers/xen/events/events_base.c allows event-channel removal during the event-handling loop (a race condition). This can cause a use-after-free or NULL pointer dereference, as demonstrated by a dom0 crash via events for an in-reconfiguration paravirtualized device, aka CID-073d0552ead5. | |||||
| CVE-2020-27672 | 4 Debian, Fedoraproject, Opensuse and 1 more | 4 Debian Linux, Fedora, Leap and 1 more | 2024-11-21 | 6.9 MEDIUM | 7.0 HIGH |
| An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a host OS denial of service, achieve data corruption, or possibly gain privileges by exploiting a race condition that leads to a use-after-free involving 2MiB and 1GiB superpages. | |||||
| CVE-2020-27418 | 1 Fedoraproject | 1 Fedora Linux Kernel | 2024-11-21 | N/A | 4.4 MEDIUM |
| A Use After Free vulnerability in Fedora Linux kernel 5.9.0-rc9 allows attackers to obatin sensitive information via vgacon_invert_region() function. | |||||
| CVE-2020-27280 | 1 Deltaww | 1 Ispsoft | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A use after free issue has been identified in the way ISPSoft(v3.12 and prior) processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution. | |||||
| CVE-2020-27207 | 1 Zetetic | 1 Sqlcipher | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Zetetic SQLCipher 4.x before 4.4.1 has a use-after-free, related to sqlcipher_codec_pragma and sqlite3Strlen30 in sqlite3.c. A remote denial of service attack can be performed. For example, a SQL injection can be used to execute the crafted SQL command sequence. After that, some unexpected RAM data is read. | |||||
| CVE-2020-27067 | 1 Google | 1 Android | 2024-11-21 | 4.4 MEDIUM | 6.4 MEDIUM |
| In the l2tp subsystem, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-152409173 | |||||
| CVE-2020-27066 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| In xfrm6_tunnel_free_spi of net/ipv6/xfrm6_tunnel.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-168043318 | |||||
| CVE-2020-27044 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| In restartWrite of Parcel.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-157066561 | |||||
| CVE-2020-27035 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| In priorLinearAllocation of C2AllocatorIon.cpp, there is a possible use-after-free due to improper locking. This could lead to local information disclosure in the media codec with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-152239213 | |||||
| CVE-2020-26972 | 1 Mozilla | 1 Firefox | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The lifecycle of IPC Actors allows managed actors to outlive their manager actors; and the former must ensure that they are not attempting to use a dead actor they have a reference to. Such a check was omitted in WebGL, resulting in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox < 84. | |||||
| CVE-2020-26960 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
| If the Compact() method was called on an nsTArray, the array could have been reallocated without updating other pointers, leading to a potential use-after-free and exploitable crash. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5. | |||||
| CVE-2020-26959 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| During browser shutdown, reference decrementing could have occured on a previously freed object, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5. | |||||
| CVE-2020-26950 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
| In certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This vulnerability affects Firefox < 82.0.3, Firefox ESR < 78.4.1, and Thunderbird < 78.4.2. | |||||
| CVE-2020-26539 | 1 Foxitsoftware | 2 Foxit Reader, Phantompdf | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Foxit Reader and PhantomPDF before 10.1. When there is a multiple interpretation error for /V (in the Additional Action and Field dictionaries), a use-after-free can occur with resultant remote code execution (or an information leak). | |||||
| CVE-2020-26534 | 1 Foxitsoftware | 2 Foxit Reader, Phantompdf | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Foxit Reader and PhantomPDF before 10.1. There is an Opt object use-after-free related to Field::ClearItems and Field::DeleteOptions, during AcroForm JavaScript execution. | |||||
| CVE-2020-25725 | 2 Fedoraproject, Xpdfreader | 2 Fedora, Xpdf | 2024-11-21 | 4.3 MEDIUM | 5.0 MEDIUM |
| In Xpdf 4.02, SplashOutputDev::endType3Char(GfxState *state) SplashOutputDev.cc:3079 is trying to use the freed `t3GlyphStack->cache`, which causes an `heap-use-after-free` problem. The codes of a previous fix for nested Type 3 characters wasn't correctly handling the case where a Type 3 char referred to another char in the same Type 3 font. | |||||
| CVE-2020-25671 | 4 Debian, Fedoraproject, Linux and 1 more | 23 Debian Linux, Fedora, Linux Kernel and 20 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability was found in Linux Kernel, where a refcount leak in llcp_sock_connect() causing use-after-free which might lead to privilege escalations. | |||||
| CVE-2020-25670 | 4 Debian, Fedoraproject, Linux and 1 more | 23 Debian Linux, Fedora, Linux Kernel and 20 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability was found in Linux Kernel where refcount leak in llcp_sock_bind() causing use-after-free which might lead to privilege escalations. | |||||
| CVE-2020-25669 | 3 Debian, Linux, Netapp | 21 Debian Linux, Linux Kernel, Cloud Backup and 18 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability was found in the Linux Kernel where the function sunkbd_reinit having been scheduled by sunkbd_interrupt before sunkbd being freed. Though the dangling pointer is set to NULL in sunkbd_disconnect, there is still an alias in sunkbd_reinit causing Use After Free. | |||||