103967 matches found
CVE-2026-13126
CVE-2026-13126 affects Foxit PDF Editor/Reader due to a use-after-free in the handling of PDF annotations (embedded JavaScript). The issue can lead to a crash when the application attempts to write to an invalid popup annotation object, as described in the CVE description. CVSS 3.1 metrics indica...
CVE-2026-13128
CVE-2026-13128 affects Foxit PDF Editor/Reader with a use-after-free in the Doc Object when embedding JavaScript in a PDF, leading to application crash and potential remote code execution. The vulnerability impacts the document view’s properties after the page is deleted, enabling continued acces...
CVE-2026-57240
CVE-2026-57240 affects Foxit PDF Editor/Reader: when opening a PDF, if JavaScript deletes form fields, the app may still reference old field pointers, causing a use-after-free and crash. The CVSS/metrics indicate a HIGH impact with local access, requiring user interaction. No explicit exploit det...
CVE-2026-57238
CVE-2026-57238 concerns Foxit PDF Editor/Reader, specifically an annotation use-after-free issue that enables a remote code execution vulnerability. The description states that after opening a PDF, JavaScript deletes a form field object; subsequently, the application accesses the invalid object, ...
CVE-2026-57242
Technical details are not publicly available in the provided documents for CVE-2026-57242; monitor Foxit security bulletins for updates on affected products, versions, impact, and remediation.
CVE-2026-57245
Foxit PDF Editor/Reader contains a use-after-free vulnerability in the handling of hyperlink annotations when opening and traversing annotation elements. The issue can lead to an invalid state and an invalid pointer write during destruction, causing a crash. CVSSv3.1 base score 7.8 ( HIGH ) with ...
CVE-2026-57249
CVE-2026-57249 affects Foxit PDF Editor/Reader in the annotation handling path. After opening a PDF, the software resets the annotation status and triggers a reset form event; during the subsequent re-entry it accesses invalid objects, leading to a crash. CVSS 3.1 vector: AV:L/AC:L/PR:N/UI:R/S:U/...
EUVD-2026-42202
Local attackers with a X connection able to provide GLX commit to the X server xorg-server before 21.2.24 and xwayland before 24.1.13 could cause a Heap Use After Free, due to CommonMakeCurrent pointing into potentially reallocated memory...
CVE-2026-57252
CVE-2026-57252 affects Foxit PDF Editor/Reader when handling AcroForm operations during PDF loading—specifically during JavaScript-based page deletion and removal of attachment annotations. This triggers a use-after-free condition on invalid pointers within the attachment panel, causing the appli...
CVE-2026-57237
CVE-2026-57237 impacts Foxit PDF Editor/Reader (annotation handling) where JavaScript modifying form-field properties leaves underlying objects in an invalid state, triggering a use-after-free and reading an illegal memory address. This can crash the application. The Connected documents do not pr...
CVE-2026-57244
CVE-2026-57244 affects Foxit PDF Editor/Reader Form Control. The root cause is a missing re-entry protection and object lifecycle verification during form synchronization after JavaScript resets, causing a control pointer dereference after a failure and resulting in a crash. The CVSSv3.1 vector i...
CVE-2026-57250
CVE-2026-57250 affects Foxit PDF Editor/Reader when opening a PDF and JavaScript resets form fields, causing a re-entry into the interface that damages a native object. The app validates insufficiently, and the function call on the damaged object leads to a crash. The CVSS v3.1 vector is LOCAL/Ux...
CVE-2026-57256
CVE-2026-57256 concerns Foxit Editor/Reader. When opening a PDF with JavaScript, the app performs abnormal operations on a list box form field, and repeats this after the form is reset. The issue stems from inadequate verification of the form objects and their internal dictionary pointers, allowi...
kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service
A flaw was found in the Linux kernel's bonding driver. A local attacker with low privileges could exploit a use-after-free vulnerability in the bondxmitbroadcast function. This occurs due to a race condition during concurrent slave enslave/release operations, which can lead to the original socket...
kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service
A flaw was found in the Linux kernel's bonding driver. A local attacker with low privileges could exploit a use-after-free vulnerability in the bondxmitbroadcast function. This occurs due to a race condition during concurrent slave enslave/release operations, which can lead to the original socket...
kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service
A flaw was found in the Linux kernel's bonding driver. A local attacker with low privileges could exploit a use-after-free vulnerability in the bondxmitbroadcast function. This occurs due to a race condition during concurrent slave enslave/release operations, which can lead to the original socket...
Important: Red Hat Security Advisory: kpatch-patch-5_14_0-284_117_1, kpatch-patch-5_14_0-284_134_1, kpatch-patch-5_14_0-284_148_1, kpatch-patch-5_14_0-284_158_1, and kpatch-patch-5_14_0-284_172_1 security update
An update for multiple packages is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
EUVD-2026-42121
The application contains a use-after-free vulnerability that can be exploited to cause memory corruption while parsing specially crafted files. This could allow an attacker to execute arbitrary code in the context of the current process...
CVE-2026-60002
OpenSSH before 10.4 is affected by a use-after-free when a server changes its host key during a key re-exchange, impacting the client-side component. The CVE-2026-60002 entry indicates a NETWORK-exposed vulnerability with high impact to confidentiality and integrity, and a low impact to availabil...
EUVD-2026-42146
ssh in OpenSSH before 10.4 can have a use-after-free when a server changes its host key during a key re-exchange. This outcome occurs only on the client side...