CVE-2019-5236

MEDIUM Year: 2019
CVSS v3 Score
6.3
Medium
CVSS v2 Score
6.8
Medium
Weakness Type
CWE-415
View all →

Vulnerability Description

Huawei smart phones Emily-L29C with versions of 8.1.0.132a(C432), 8.1.0.135(C782), 8.1.0.154(C10), 8.1.0.154(C461), 8.1.0.154(C635), 8.1.0.156(C185), 8.1.0.156(C605), 8.1.0.159(C636) have a double free vulnerability. An attacker can trick a user to click a URL to exploit this vulnerability. Successful exploitation may cause the affected phone abnormal.

Related Vulnerabilities

CVE-2018-0160

MEDIUM
CVSS:6.3(Medium)

A vulnerability in Simple Network Management Protocol (SNMP) subsystem of Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerab...

CWE-4152018

CVE-2021-37159

MEDIUM
CVSS:6.4(Medium)

hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.

CWE-4152021

CVE-2011-1803

MEDIUM
CVSS:6.5(Medium)

An issue exists in third_party/WebKit/Source/WebCore/svg/animation/SVGSMILElement.h in WebKit in Google Chrome before Blink M11 and M12 when trying to access a removed smil element.

CWE-4152011

CVE-2015-1207

MEDIUM
CVSS:6.5(Medium)

Double-free vulnerability in libavformat/mov.c in FFMPEG in Google Chrome 41.0.2251.0 allows remote attackers to cause a denial of service (memory corruption and crash) via a crafted .m4a file.

CWE-4152015

CVE-2015-1239

MEDIUM
CVSS:6.5(Medium)

Double free vulnerability in the j2k_read_ppm_v3 function in OpenJPEG before r2997, as used in PDFium in Google Chrome, allows remote attackers to cause a denial of service (process crash) via a craft...

CWE-4152015

CVE-2017-12925

MEDIUM
CVSS:6.5(Medium)

Double free vulnerability in DfFromLB in docfile.cxx in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service via a crafted fpx image.

CWE-4152017