Vulnerabilities (CVE)

Filtered by CWE-416
Total 5622 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-24349 1 F5 1 Njs 2024-11-21 2.1 LOW 5.5 MEDIUM
njs through 0.4.3, used in NGINX, allows control-flow hijack in njs_value_property in njs_value.c. NOTE: the vendor considers the issue to be "fluff" in the NGINX use case because there is no remote attack surface.
CVE-2020-24346 1 F5 1 Njs 2024-11-21 6.8 MEDIUM 7.8 HIGH
njs through 0.4.3, used in NGINX, has a use-after-free in njs_json_parse_iterator_call in njs_json.c.
CVE-2020-24343 1 Artifex 1 Mujs 2024-11-21 6.8 MEDIUM 7.8 HIGH
Artifex MuJS through 1.0.7 has a use-after-free in jsrun.c because of unconditional marking in jsgc.c.
CVE-2020-24241 1 Nasm 1 Netwide Assembler 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
In Netwide Assembler (NASM) 2.15rc10, there is heap use-after-free in saa_wbytes in nasmlib/saa.c.
CVE-2020-24240 1 Gnu 1 Bison 2024-11-21 7.1 HIGH 5.5 MEDIUM
GNU Bison before 3.7.1 has a use-after-free in _obstack_free in lib/obstack.c (called from gram_lex) when a '\0' byte is encountered. NOTE: there is a risk only if Bison is used with untrusted input, and the observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug report was intended to show that a crash may occur in Bison itself, not that a crash may occur in code that is generated by Bison.
CVE-2020-23856 2 Fedoraproject, Gnu 2 Fedora, Cflow 2024-11-21 2.1 LOW 5.5 MEDIUM
Use-after-Free vulnerability in cflow 1.6 in the void call(char *name, int line) function at src/parser.c, which could cause a denial of service via the pointer variable caller->callee.
CVE-2020-23302 1 Jerryscript 1 Jerryscript 2024-11-21 7.5 HIGH 9.8 CRITICAL
There is a heap-use-after-free at ecma-helpers-string.c:772 in ecma_ref_ecma_string in JerryScript 2.2.0
CVE-2020-22617 1 Ardour 1 Ardour 2024-11-21 7.5 HIGH 9.8 CRITICAL
Ardour v5.12 contains a use-after-free vulnerability in the component ardour/libs/pbd/xml++.cc when using xmlFreeDoc and xmlXPathFreeContext.
CVE-2020-21913 2 Debian, Unicode 2 Debian Linux, International Components For Unicode 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
International Components for Unicode (ICU-20850) v66.1 was discovered to contain a use after free bug in the pkg_createWithAssemblyCode function in the file tools/pkgdata/pkgdata.cpp.
CVE-2020-21896 1 Artifex 1 Mupdf 2024-11-21 N/A 5.5 MEDIUM
A Use After Free vulnerability in svg_dev_text_span_as_paths_defs function in source/fitz/svg-device.c in Artifex Software MuPDF 1.16.0 allows remote attackers to cause a denial of service via opening of a crafted PDF file.
CVE-2020-21722 1 Ogg Video Tools Project 1 Ogg Video Tools 2024-11-21 N/A 7.8 HIGH
Buffer Overflow vulnerability in oggvideotools 0.9.1 allows remote attackers to run arbitrary code via opening of crafted ogg file.
CVE-2020-21697 2 Debian, Ffmpeg 2 Debian Linux, Ffmpeg 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
A heap-use-after-free in the mpeg_mux_write_packet function in libavformat/mpegenc.c of FFmpeg 4.2 allows to cause a denial of service (DOS) via a crafted avi file.
CVE-2020-21688 2 Debian, Ffmpeg 2 Debian Linux, Ffmpeg 2024-11-21 6.8 MEDIUM 8.8 HIGH
A heap-use-after-free in the av_freep function in libavutil/mem.c of FFmpeg 4.2 allows attackers to execute arbitrary code.
CVE-2020-1983 5 Canonical, Debian, Fedoraproject and 2 more 5 Ubuntu Linux, Debian Linux, Fedora and 2 more 2024-11-21 2.1 LOW 7.5 HIGH
A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service.
CVE-2020-1909 1 Whatsapp 2 Whatsapp, Whatsapp Business 2024-11-21 7.5 HIGH 9.8 CRITICAL
A use-after-free in a logging library in WhatsApp for iOS prior to v2.20.111 and WhatsApp Business for iOS prior to v2.20.111 could have resulted in memory corruption, crashes and potentially code execution. This could have happened only if several events occurred together in sequence, including receiving an animated sticker while placing a WhatsApp video call on hold.
CVE-2020-1900 1 Facebook 1 Hhvm 2024-11-21 7.5 HIGH 9.8 CRITICAL
When unserializing an object with dynamic properties HHVM needs to pre-reserve the full size of the dynamic property array before inserting anything into it. Otherwise the array might resize, invalidating previously stored references. This pre-reservation was not occurring in HHVM prior to v4.32.3, between versions 4.33.0 and 4.56.0, 4.57.0, 4.58.0, 4.58.1, 4.59.0, 4.60.0, 4.61.0, 4.62.0.
CVE-2020-1897 1 Facebook 1 Proxygen 2024-11-21 7.5 HIGH 9.8 CRITICAL
A use-after-free is possible due to an error in lifetime management in the request adaptor when a malicious client invokes request error handling in a specific sequence. This issue affects versions of proxygen prior to v2020.05.18.00.
CVE-2020-1799 1 Huawei 2 E6878-370, E6878-370 Firmware 2024-11-21 5.4 MEDIUM 7.5 HIGH
E6878-370 with versions of 10.0.3.1(H557SP27C233), 10.0.3.1(H563SP1C00), 10.0.3.1(H563SP1C233) has a use after free vulnerability. The software references memory after it has been freed in certain scenario, the attacker does a series of crafted operations through web portal, successful exploit could cause a use after free condition which may lead to malicious code execution.
CVE-2020-1752 4 Canonical, Debian, Gnu and 1 more 9 Ubuntu Linux, Debian Linux, Glibc and 6 more 2024-11-21 3.7 LOW 7.0 HIGH
A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.
CVE-2020-1712 3 Debian, Redhat, Systemd Project 7 Debian Linux, Ceph Storage, Discovery and 4 more 2024-11-21 4.6 MEDIUM 7.8 HIGH
A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges, by sending specially crafted dbus messages.