15 matches found
EUVD-2024-20654
Malicious code in bioql PyPI...
EUVD-2025-9588
Malicious code in bioql PyPI...
CVE-2021-39712
In TBD of TBD, there is a possible user after free vulnerability due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
CVE-2020-9237
Huawei smartphone Taurus-AL00B with versions earlier than 10.1.0.126C00E125R5P3 have a user after free vulnerability. A module is lack of lock protection. Attackers can exploit this vulnerability by launching specific request. This could compromise normal service of the affected device...
CVE-2024-23135
A maliciously crafted SLDPRT file in ASMkern228A.dll when parsed through Autodesk applications can be used in user-after-free vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process...
CVE-2024-50086
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix user-after-free from session log off There is racy issue between smb2 session log off and smb2 session setup. It will cause user-after-free from session log off. This add sessionlock when setting SMB2SESSIONEXPIRED and...
CVE-2024-23135
Autodesk AutoCAD is affected by a use-after-free in parsing SLDPRT files within ASMkern228A.dll, enabling code execution in the current process. Several sources describe CVE-2024-23135 as a remote code execution vulnerability exploitable via a malicious SLDPRT file; one advisory notes that user i...
CVE-2024-23134
CVE-2024-23134 corresponds to a use-after-free in Autodesk AutoCAD triggered by parsing a malicious IGS file (tbb.dll). Multiple connected sources (ZDI advisory, Red Hat, NVD, CVE lists) confirm remote code execution potential when an affected IGS file is opened or viewed, with user interaction o...
Ubuntu: Security Advisory (USN-5583-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-3025-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3025-1] irssi security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3025-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb May 26, 2022 https://wiki.debian.org/LTS - -------------------------------------------------------------------------...
SUSE-SU-2021:3371-1 Security update for the Linux Kernel (Live Patch 24 for SLE 15)
This update for the Linux Kernel 4.12.14-15072 fixes several issues. The following security issues were fixed: - CVE-2021-3715: Fixed a user-after-free in the Linux kernel's Traffic Control networking subsystem which could lead to local privilege escalation. bsc1190350. - CVE-2021-38160: Fixed a...
CVE-2020-9237
Huawei smartphone Taurus-AL00B with versions earlier than 10.1.0.126C00E125R5P3 have a user after free vulnerability. A module is lack of lock protection. Attackers can exploit this vulnerability by launching specific request. This could compromise normal service of the affected device...
MS13-059 Microsoft Internet Explorer CFlatMarkupPointer Use-After-Free
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...
CVE-2010-1419
CVE-2010-1419 describes a use-after-free in WebKit used by Apple Safari on Windows and macOS (Safari before 5.0 on Mac OS X 10.5–10.6 and Windows; before 4.1 on Mac OS X 10.4). The flaw can be triggered by a window close action during a drag-and-drop operation, allowing a user‑assisted remote att...