• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-416

CVE-2020-24343

February 26, 2023 by

Artifex MuJS through 1.0.7 has a use-after-free in jsrun.c because of unconditional marking in jsgc.c.

CVE-2020-24346

February 26, 2023 by

njs through 0.4.3, used in NGINX, has a use-after-free in njs_json_parse_iterator_call in njs_json.c.

CVE-2020-24349

February 26, 2023 by

njs through 0.4.3, used in NGINX, allows control-flow hijack in njs_value_property in njs_value.c. NOTE: the vendor considers the issue to be “fluff” in the NGINX use case because there is no remote attack surface.

CVE-2020-24240

February 26, 2023 by

GNU Bison before 3.7.1 has a use-after-free in _obstack_free in lib/obstack.c (called from gram_lex) when a ” byte is encountered. NOTE: there is a risk only if Bison is used with untrusted input, and the observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug report was intended to show that a crash may occur in Bison itself, not that a crash may occur in code that is generated by Bison.

CVE-2020-24241

February 26, 2023 by

In Netwide Assembler (NASM) 2.15rc10, there is heap use-after-free in saa_wbytes in nasmlib/saa.c.

CVE-2020-23856

February 26, 2023 by

Use-after-Free vulnerability in cflow 1.6 in the void call(char *name, int line) function at src/parser.c, which could cause a denial of service via the pointer variable caller->callee.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 116
  • Go to page 117
  • Go to page 118
  • Go to page 119
  • Go to page 120
  • Interim pages omitted …
  • Go to page 436
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE