Total
3445 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-26426 | 2023-03-22 | N/A | 7.8 HIGH | ||
| Illustrator version 26.5.2 (and earlier) and 27.2.0 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-23514 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2023-03-16 | N/A | 7.8 HIGH |
| A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.2.1, iOS 16.3.1 and iPadOS 16.3.1. An app may be able to execute arbitrary code with kernel privileges.. | |||||
| CVE-2023-26605 | 1 Linux | 1 Linux Kernel | 2023-03-16 | N/A | 7.8 HIGH |
| In the Linux kernel 6.0.8, there is a use-after-free in inode_cgwb_move_to_attached in fs/fs-writeback.c, related to __list_del_entry_valid. | |||||
| CVE-2023-26606 | 1 Linux | 1 Linux Kernel | 2023-03-16 | N/A | 7.8 HIGH |
| In the Linux kernel 6.0.8, there is a use-after-free in ntfs_trim_fs in fs/ntfs3/bitmap.c. | |||||
| CVE-2023-26544 | 1 Linux | 1 Linux Kernel | 2023-03-16 | N/A | 7.8 HIGH |
| In the Linux kernel 6.0.8, there is a use-after-free in run_unpack in fs/ntfs3/run.c, related to a difference between NTFS sector size and media sector size. | |||||
| CVE-2023-0799 | 1 Libtiff | 1 Libtiff | 2023-03-16 | N/A | 5.5 MEDIUM |
| LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3701, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. | |||||
| CVE-2022-33245 | 1 Qualcomm | 144 Apq8064au, Apq8064au Firmware, Apq8096au and 141 more | 2023-03-15 | N/A | 7.8 HIGH |
| Memory corruption in WLAN due to use after free | |||||
| CVE-2022-47460 | 2 Google, Unisoc | 27 Android, S8000, S8000 Firmware and 24 more | 2023-03-15 | N/A | 5.5 MEDIUM |
| In gpu device, there is a memory corruption due to a use after free. This could lead to local denial of service in kernel. | |||||
| CVE-2022-1050 | 1 Qemu | 1 Qemu | 2023-03-14 | 4.6 MEDIUM | 8.8 HIGH |
| A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to execute HW commands when shared buffers are not yet allocated, potentially leading to a use-after-free condition. | |||||
| CVE-2023-0030 | 1 Linux | 1 Linux Kernel | 2023-03-14 | N/A | 7.8 HIGH |
| A use-after-free flaw was found in the Linux kernel’s nouveau driver in how a user triggers a memory overflow that causes the nvkm_vma_tail function to fail. This flaw allows a local user to crash or potentially escalate their privileges on the system. | |||||
| CVE-2023-22436 | 1 Openharmony | 1 Openharmony | 2023-03-14 | N/A | 7.8 HIGH |
| The kernel subsystem function check_permission_for_set_tokenid within OpenHarmony-v3.1.5 and prior versions has an UAF vulnerability which local attackers can exploit this vulnerability to escalate the privilege to root. | |||||
| CVE-2023-25358 | 1 Webkitgtk | 1 Webkitgtk | 2023-03-14 | N/A | 9.8 CRITICAL |
| A use-after-free vulnerability in WebCore::RenderLayer::addChild in WebKitGTK before 2.36.8 allows attackers to execute code remotely. | |||||
| CVE-2023-25360 | 1 Webkitgtk | 1 Webkitgtk | 2023-03-14 | N/A | 9.8 CRITICAL |
| A use-after-free vulnerability in WebCore::RenderLayer::renderer in WebKitGTK before 2.36.8 allows attackers to execute code remotely. | |||||
| CVE-2023-25361 | 1 Webkitgtk | 1 Webkitgtk | 2023-03-14 | N/A | 9.8 CRITICAL |
| A use-after-free vulnerability in WebCore::RenderLayer::setNextSibling in WebKitGTK before 2.36.8 allows attackers to execute code remotely. | |||||
| CVE-2023-25362 | 1 Webkitgtk | 1 Webkitgtk | 2023-03-14 | N/A | 9.8 CRITICAL |
| A use-after-free vulnerability in WebCore::RenderLayer::repaintBlockSelectionGaps in WebKitGTK before 2.36.8 allows attackers to execute code remotely. | |||||
| CVE-2023-25363 | 1 Webkitgtk | 1 Webkitgtk | 2023-03-14 | N/A | 9.8 CRITICAL |
| A use-after-free vulnerability in WebCore::RenderLayer::updateDescendantDependentFlags in WebKitGTK before 2.36.8 allows attackers to execute code remotely. | |||||
| CVE-2022-46394 | 1 Arm | 2 Avalon Gpu Kernel Driver, Valhall Gpu Kernel Driver | 2023-03-14 | N/A | 8.8 HIGH |
| An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Valhall r39p0 through r41p0 before r42p0, and Avalon r41p0 before r42p0. | |||||
| CVE-2023-24581 | 1 Siemens | 1 Solid Edge Se2023 | 2023-03-14 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected application contains a use-after-free vulnerability that could be triggered while parsing specially crafted STP files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-19425) | |||||
| CVE-2022-41285 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2023-03-14 | N/A | 7.8 HIGH |
| A vulnerability has been identified in JT2Go (All versions), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains a use-after-free vulnerability that could be triggered while parsing specially crafted CGM files. An attacker could leverage this vulnerability to execute code in the context of the current process. | |||||
| CVE-2022-3424 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2023-03-13 | N/A | 7.8 HIGH |
| A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by the user, where a fail pass occurs in the gru_check_chiplet_assignment function. This flaw allows a local user to crash or potentially escalate their privileges on the system. | |||||