Search
Total
1952 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-31175 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2023-08-02 | 6.8 MEDIUM | 7.8 HIGH |
| Microsoft Office Remote Code Execution Vulnerability | |||||
| CVE-2023-3600 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2023-07-31 | N/A | 8.8 HIGH |
| During the worker lifecycle, a use-after-free condition could have occured, which could have led to a potentially exploitable crash. This vulnerability affects Firefox < 115.0.2, Firefox ESR < 115.0.2, and Thunderbird < 115.0.1. | |||||
| CVE-2023-3269 | 2 Fedoraproject, Linux | 2 Fedora, Linux Kernel | 2023-07-29 | N/A | 7.8 HIGH |
| A vulnerability exists in the memory management subsystem of the Linux kernel. The lock handling for accessing and updating virtual memory areas (VMAs) is incorrect, leading to use-after-free problems. This issue can be successfully exploited to execute arbitrary kernel code, escalate containers, and gain root privileges. | |||||
| CVE-2021-20226 | 2 Linux, Netapp | 2 Linux Kernel, Cloud Backup | 2023-07-28 | 6.1 MEDIUM | 7.8 HIGH |
| A use-after-free flaw was found in the io_uring in Linux kernel, where a local attacker with a user privilege could cause a denial of service problem on the system The issue results from the lack of validating the existence of an object prior to performing operations on the object by not incrementing the file reference counter while in use. The highest threat from this vulnerability is to data integrity, confidentiality and system availability. | |||||
| CVE-2022-28736 | 1 Gnu | 1 Grub2 | 2023-07-28 | N/A | 7.8 HIGH |
| There's a use-after-free vulnerability in grub_cmd_chainloader() function; The chainloader command is used to boot up operating systems that doesn't support multiboot and do not have direct support from GRUB2. When executing chainloader more than once a use-after-free vulnerability is triggered. If an attacker can control the GRUB2's memory allocation pattern sensitive data may be exposed and arbitrary code execution can be achieved. | |||||
| CVE-2023-3141 | 1 Linux | 1 Linux Kernel | 2023-07-27 | N/A | 7.1 HIGH |
| A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak. | |||||
| CVE-2023-35823 | 1 Linux | 1 Linux Kernel | 2023-07-27 | N/A | 7.0 HIGH |
| An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in saa7134_finidev in drivers/media/pci/saa7134/saa7134-core.c. | |||||
| CVE-2023-32233 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2023-07-27 | N/A | 7.8 HIGH |
| In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled. | |||||
| CVE-2023-35824 | 1 Linux | 1 Linux Kernel | 2023-07-27 | N/A | 7.0 HIGH |
| An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in dm1105_remove in drivers/media/pci/dm1105/dm1105.c. | |||||
| CVE-2023-23514 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2023-07-27 | N/A | 7.8 HIGH |
| A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.2.1, macOS Big Sur 11.7.5. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2023-28205 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2023-07-27 | N/A | 8.8 HIGH |
| A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.4.1, iOS 15.7.5 and iPadOS 15.7.5, iOS 16.4.1 and iPadOS 16.4.1, macOS Ventura 13.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. | |||||
| CVE-2023-27969 | 1 Apple | 5 Ipad Os, Iphone Os, Macos and 2 more | 2023-07-27 | N/A | 7.8 HIGH |
| A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4, watchOS 9.4. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2023-32398 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-07-27 | N/A | 7.8 HIGH |
| A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2023-33866 | 1 Foxit | 1 Pdf Reader | 2023-07-26 | N/A | 8.8 HIGH |
| A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.1.2.15332. By prematurely deleting objects associated with pages, a specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled. | |||||
| CVE-2023-33876 | 1 Foxit | 1 Pdf Reader | 2023-07-26 | N/A | 8.8 HIGH |
| A use-after-free vulnerability exists in the way Foxit Reader 12.1.2.15332 handles destroying annotations. A specially-crafted Javascript code inside a malicious PDF document can trigger reuse of a previously freed object which can lead to memory corruption and result in arbitrary code execution. A specially-crafted Javascript code inside a malicious PDF document can cause memory corruption and lead to remote code execution. Exploitation is also possible if a user visits a specially-crafted, malicious site if the browser plugin extension is enabled. | |||||
| CVE-2023-28744 | 1 Foxit | 1 Pdf Reader | 2023-07-26 | N/A | 8.8 HIGH |
| A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.1.1.15289. A specially crafted PDF document can trigger the reuse of previously freed memory by manipulating form fields of a specific type. This can lead to memory corruption and arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled. | |||||
| CVE-2023-27379 | 1 Foxit | 1 Pdf Reader | 2023-07-26 | N/A | 8.8 HIGH |
| A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.1.2.15332. By prematurely deleting objects associated with pages, a specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled. | |||||
| CVE-2020-13558 | 1 Webkitgtk | 1 Webkitgtk | 2022-07-30 | 6.8 MEDIUM | 8.8 HIGH |
| A code execution vulnerability exists in the AudioSourceProviderGStreamer functionality of Webkit WebKitGTK 2.30.1. A specially crafted web page can lead to a use after free. | |||||
| CVE-2022-1485 | 1 Google | 1 Chrome | 2022-07-29 | N/A | 7.5 HIGH |
| Use after free in File System API in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-1479 | 1 Google | 1 Chrome | 2022-07-29 | N/A | 8.8 HIGH |
| Use after free in ANGLE in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-1478 | 1 Google | 1 Chrome | 2022-07-29 | N/A | 8.8 HIGH |
| Use after free in SwiftShader in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-1477 | 1 Google | 1 Chrome | 2022-07-29 | N/A | 8.8 HIGH |
| Use after free in Vulkan in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2019-5828 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2022-07-29 | 6.8 MEDIUM | 8.8 HIGH |
| Object lifecycle issue in ServiceWorker in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. | |||||
| CVE-2022-1481 | 2 Apple, Google | 2 Macos, Chrome | 2022-07-29 | N/A | 8.8 HIGH |
| Use after free in Sharing in Google Chrome on Mac prior to 101.0.4951.41 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-22207 | 1 Juniper | 18 Junos, Mx10, Mx10000 and 15 more | 2022-07-29 | N/A | 7.5 HIGH |
| A Use After Free vulnerability in the Advanced Forwarding Toolkit (AFT) manager process (aftmand) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a kernel crash due to intensive polling of Abstracted Fabric (AF) interface statistics and thereby a Denial of Service (DoS). Continued gathering of AF interface statistics will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS on MX Series: 20.1 versions later than 20.1R1; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S4; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2; 21.2 versions prior to 21.2R2. | |||||
| CVE-2022-1496 | 1 Google | 1 Chrome | 2022-07-29 | N/A | 8.8 HIGH |
| Use after free in File Manager in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific and direct user interaction. | |||||
| CVE-2022-1490 | 1 Google | 1 Chrome | 2022-07-28 | N/A | 8.8 HIGH |
| Use after free in Browser Switcher in Google Chrome prior to 101.0.4951.41 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-1487 | 1 Google | 1 Chrome | 2022-07-28 | N/A | 7.5 HIGH |
| Use after free in Ozone in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via running a Wayland test. | |||||
| CVE-2021-40420 | 1 Foxit | 1 Pdf Reader | 2022-07-28 | 6.8 MEDIUM | 8.8 HIGH |
| A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 11.1.0.52543. A specially-crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially-crafted, malicious site if the browser plugin extension is enabled. | |||||
| CVE-2022-1633 | 1 Google | 2 Chrome, Chrome Os | 2022-07-28 | N/A | 8.8 HIGH |
| Use after free in Sharesheet in Google Chrome on Chrome OS prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific user interactions. | |||||
| CVE-2022-1634 | 1 Google | 2 Android, Chrome | 2022-07-28 | N/A | 8.8 HIGH |
| Use after free in Browser UI in Google Chrome prior to 101.0.4951.64 allowed a remote attacker who had convinced a user to engage in specific UI interaction to potentially exploit heap corruption via specific user interactions. | |||||
| CVE-2022-1635 | 1 Google | 2 Android, Chrome | 2022-07-28 | N/A | 8.8 HIGH |
| Use after free in Permission Prompts in Google Chrome prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific user interactions. | |||||
| CVE-2022-1636 | 1 Google | 2 Android, Chrome | 2022-07-28 | N/A | 8.8 HIGH |
| Use after free in Performance APIs in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-1641 | 1 Google | 2 Chrome, Chrome Os | 2022-07-28 | N/A | 8.8 HIGH |
| Use after free in Web UI Diagnostics in Google Chrome on Chrome OS prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific user interaction. | |||||
| CVE-2022-1640 | 1 Google | 1 Chrome | 2022-07-28 | N/A | 8.8 HIGH |
| Use after free in Sharing in Google Chrome prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-1639 | 1 Google | 1 Chrome | 2022-07-28 | N/A | 8.8 HIGH |
| Use after free in ANGLE in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-1493 | 1 Google | 1 Chrome | 2022-07-28 | N/A | 8.8 HIGH |
| Use after free in Dev Tools in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific and direct user interaction. | |||||
| CVE-2022-1491 | 1 Google | 1 Chrome | 2022-07-28 | N/A | 8.8 HIGH |
| Use after free in Bookmarks in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific and direct user interaction. | |||||
| CVE-2020-8648 | 6 Broadcom, Canonical, Debian and 3 more | 9 Brocade Fabric Operating System Firmware, Ubuntu Linux, Debian Linux and 6 more | 2022-07-28 | 3.6 LOW | 7.1 HIGH |
| There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c. | |||||
| CVE-2022-31146 | 1 Bytecodealliance | 2 Cranelift-codegen, Wasmtime | 2022-07-27 | N/A | 8.8 HIGH |
| Wasmtime is a standalone runtime for WebAssembly. There is a bug in the Wasmtime's code generator, Cranelift, where functions using reference types may be incorrectly missing metadata required for runtime garbage collection. This means that if a GC happens at runtime then the GC pass will mistakenly think these functions do not have live references to GC'd values, reclaiming them and deallocating them. The function will then subsequently continue to use the values assuming they had not been GC'd, leading later to a use-after-free. This bug was introduced in the migration to the `regalloc2` register allocator that occurred in the Wasmtime 0.37.0 release on 2022-05-20. This bug has been patched and users should upgrade to Wasmtime version 0.38.2. Mitigations for this issue can be achieved by disabling the reference types proposal by passing `false` to `wasmtime::Config::wasm_reference_types` or downgrading to Wasmtime 0.36.0 or prior. | |||||
| CVE-2022-1127 | 1 Google | 1 Chrome | 2022-07-27 | N/A | 8.8 HIGH |
| Use after free in QR Code Generator in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction. | |||||
| CVE-2022-1131 | 1 Google | 1 Chrome | 2022-07-27 | N/A | 8.8 HIGH |
| Use after free in Cast UI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-1133 | 1 Google | 1 Chrome | 2022-07-27 | N/A | 8.8 HIGH |
| Use after free in WebRTC Perf in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-1135 | 1 Google | 1 Chrome | 2022-07-27 | N/A | 8.8 HIGH |
| Use after free in Shopping Cart in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via standard feature user interaction. | |||||
| CVE-2022-1136 | 1 Google | 1 Chrome | 2022-07-27 | N/A | 8.8 HIGH |
| Use after free in Tab Strip in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific set of user gestures. | |||||
| CVE-2022-1141 | 1 Google | 1 Chrome | 2022-07-27 | N/A | 8.8 HIGH |
| Use after free in File Manager in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific user gesture. | |||||
| CVE-2022-1144 | 1 Google | 1 Chrome | 2022-07-27 | N/A | 8.8 HIGH |
| Use after free in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific input into DevTools. | |||||
| CVE-2022-1145 | 1 Google | 1 Chrome | 2022-07-27 | N/A | 7.5 HIGH |
| Use after free in Extensions in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific user interaction and profile destruction. | |||||
| CVE-2022-1305 | 1 Google | 1 Chrome | 2022-07-27 | N/A | 8.8 HIGH |
| Use after free in storage in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-1308 | 1 Google | 1 Chrome | 2022-07-27 | N/A | 8.8 HIGH |
| Use after free in BFCache in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||