Search Results (8325 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-10661 3 Debian, Linux, Redhat 12 Debian Linux, Linux Kernel, Enterprise Linux and 9 more 2025-04-20 7.0 High
Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing.
CVE-2017-10672 2 Debian, Xml-libxml Project 2 Debian Linux, Xml-libxml 2025-04-20 9.8 Critical
Use-after-free in the XML-LibXML module through 2.0129 for Perl allows remote attackers to execute arbitrary code by controlling the arguments to a replaceChild call.
CVE-2017-10686 2 Canonical, Nasm 2 Ubuntu Linux, Netwide Assembler 2025-04-20 N/A
In Netwide Assembler (NASM) 2.14rc0, there are multiple heap use after free vulnerabilities in the tool nasm. The related heap is allocated in the token() function and freed in the detoken() function (called by pp_getline()) - it is used again at multiple positions later that could cause multiple damages. For example, it causes a corrupted double-linked list in detoken(), a double free or corruption in delete_Token(), and an out-of-bounds write in detoken(). It has a high possibility to lead to a remote code execution attack.
CVE-2017-11223 3 Adobe, Apple, Microsoft 7 Acrobat, Acrobat Dc, Acrobat Reader and 4 more 2025-04-20 N/A
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the core of the XFA engine. Successful exploitation could lead to arbitrary code execution.
CVE-2017-11224 3 Adobe, Apple, Microsoft 7 Acrobat, Acrobat Dc, Acrobat Reader and 4 more 2025-04-20 N/A
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the XFA layout engine. Successful exploitation could lead to arbitrary code execution.
CVE-2017-11225 6 Adobe, Apple, Google and 3 more 11 Flash Player, Macos, Chrome Os and 8 more 2025-04-20 N/A
An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the Primetime SDK metadata functionality. The mismatch between an old and a new object can provide an attacker with unintended memory access -- potentially leading to code corruption, control-flow hijack, or an information leak attack. Successful exploitation could lead to arbitrary code execution.
CVE-2017-11231 3 Adobe, Apple, Microsoft 7 Acrobat, Acrobat Dc, Acrobat Reader and 4 more 2025-04-20 N/A
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in Acrobat/Reader rendering engine. Successful exploitation could lead to arbitrary code execution.
CVE-2017-11232 3 Adobe, Apple, Microsoft 7 Acrobat, Acrobat Dc, Acrobat Reader and 4 more 2025-04-20 N/A
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability when processing Enhanced Metafile Format (EMF) data related to brush manipulation. Successful exploitation could lead to arbitrary code execution.
CVE-2017-11235 3 Adobe, Apple, Microsoft 7 Acrobat, Acrobat Dc, Acrobat Reader and 4 more 2025-04-20 N/A
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the image conversion engine when decompressing JPEG data. Successful exploitation could lead to arbitrary code execution.
CVE-2017-11254 3 Adobe, Apple, Microsoft 7 Acrobat, Acrobat Dc, Acrobat Reader and 4 more 2025-04-20 N/A
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the Acrobat/Reader's JavaScript engine. Successful exploitation could lead to arbitrary code execution.
CVE-2017-11256 3 Adobe, Apple, Microsoft 7 Acrobat, Acrobat Dc, Acrobat Reader and 4 more 2025-04-20 N/A
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability when generating content using XFA layout engine. Successful exploitation could lead to arbitrary code execution.
CVE-2017-11274 1 Adobe 1 Digital Editions 2025-04-20 N/A
Adobe Digital Editions 4.5.4 and earlier has an exploitable use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2017-11279 1 Adobe 1 Digital Editions 2025-04-20 N/A
Adobe Digital Editions 4.5.4 and earlier has an exploitable use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2017-11304 1 Adobe 1 Photoshop 2025-04-20 N/A
An issue was discovered in Adobe Photoshop 18.1.1 (2017.1.1) and earlier versions. An exploitable use-after-free vulnerability exists. Successful exploitation could lead to arbitrary code execution.
CVE-2017-11337 1 Exiv2 1 Exiv2 2025-04-20 N/A
There is an invalid free in the Action::TaskFactory::cleanup function of actions.cpp in Exiv2 0.26. A crafted input will lead to a remote denial of service attack.
CVE-2017-11403 1 Graphicsmagick 1 Graphicsmagick 2025-04-20 N/A
The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 has an out-of-order CloseBlob call, resulting in a use-after-free via a crafted file.
CVE-2017-12133 1 Gnu 1 Glibc 2025-04-20 N/A
Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) before 2.26 allows remote attackers to have unspecified impact via vectors related to error path.
CVE-2017-12780 1 Matroska 3 Libebml2, Mkclean, Mkvalidator 2025-04-20 N/A
The ReadData function in ebmlstring.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (invalid free and application crash) via a crafted mkv file.
CVE-2017-12877 3 Canonical, Debian, Imagemagick 3 Ubuntu Linux, Debian Linux, Imagemagick 2025-04-20 6.5 Medium
Use-after-free vulnerability in the DestroyImage function in image.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a crafted file.
CVE-2017-12932 2 Php, Redhat 2 Php, Rhel Software Collections 2025-04-20 N/A
ext/standard/var_unserializer.re in PHP 7.0.x through 7.0.22 and 7.1.x through 7.1.8 is prone to a heap use after free while unserializing untrusted data, related to improper use of the hash API for key deletion in a situation with an invalid array size. Exploitation of this issue can have an unspecified impact on the integrity of PHP.