Total
3445 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-2852 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-01-23 | N/A | 8.8 HIGH |
| Use after free in FedCM in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-3197 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-01-23 | N/A | 8.8 HIGH |
| Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High) | |||||
| CVE-2022-3199 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-01-23 | N/A | 8.8 HIGH |
| Use after free in Frames in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2022-3198 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-01-23 | N/A | 8.8 HIGH |
| Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High) | |||||
| CVE-2022-3196 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-01-23 | N/A | 8.8 HIGH |
| Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High) | |||||
| CVE-2020-6509 | 1 Google | 1 Chrome | 2023-01-20 | 6.8 MEDIUM | 9.6 CRITICAL |
| Use after free in extensions in Google Chrome prior to 83.0.4103.116 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. | |||||
| CVE-2022-45888 | 2 Linux, Netapp | 11 Linux Kernel, H300s, H300s Firmware and 8 more | 2023-01-20 | N/A | 6.4 MEDIUM |
| An issue was discovered in the Linux kernel through 6.0.9. drivers/char/xillybus/xillyusb.c has a race condition and use-after-free during physical removal of a USB device. | |||||
| CVE-2022-45886 | 2 Linux, Netapp | 11 Linux Kernel, H300s, H300s Firmware and 8 more | 2023-01-20 | N/A | 7.0 HIGH |
| An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_net.c has a .disconnect versus dvb_device_open race condition that leads to a use-after-free. | |||||
| CVE-2022-45885 | 2 Linux, Netapp | 11 Linux Kernel, H300s, H300s Firmware and 8 more | 2023-01-20 | N/A | 7.0 HIGH |
| An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_frontend.c has a race condition that can cause a use-after-free when a device is disconnected. | |||||
| CVE-2022-45884 | 2 Linux, Netapp | 11 Linux Kernel, H300s, H300s Firmware and 8 more | 2023-01-20 | N/A | 7.0 HIGH |
| An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to dvb_register_device dynamically allocating fops. | |||||
| CVE-2022-41663 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2023-01-20 | N/A | 7.8 HIGH |
| A vulnerability has been identified in JT2Go (All versions < V14.1.0.4), Teamcenter Visualization V13.3 (All versions < V13.3.0.7), Teamcenter Visualization V14.0 (All versions < V14.0.0.3), Teamcenter Visualization V14.1 (All versions < V14.1.0.4). The affected applications contain a use-after-free vulnerability that could be triggered while parsing specially crafted CGM files. An attacker could leverage this vulnerability to execute code in the context of the current process. | |||||
| CVE-2023-22402 | 1 Juniper | 1 Junos Os Evolved | 2023-01-20 | N/A | 5.9 MEDIUM |
| A Use After Free vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). In a Non Stop Routing (NSR) scenario, an unexpected kernel restart might be observed if "bgp auto-discovery" is enabled and if there is a BGP neighbor flap of auto-discovery sessions for any reason. This is a race condition which is outside of an attackers direct control and it depends on system internal timing whether this issue occurs. This issue affects Juniper Networks Junos OS Evolved: 21.3 versions prior to 21.3R3-EVO; 21.4 versions prior to 21.4R2-EVO; 22.1 versions prior to 22.1R2-EVO; 22.2 versions prior to 22.2R1-S1-EVO, 22.2R2-EVO. | |||||
| CVE-2022-3640 | 3 Debian, Fedoraproject, Linux | 3 Debian Linux, Fedora, Linux Kernel | 2023-01-20 | N/A | 8.8 HIGH |
| A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function l2cap_conn_del of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211944. | |||||
| CVE-2016-0975 | 5 Adobe, Apple, Google and 2 more | 13 Air Desktop Runtime, Air Sdk, Air Sdk \& Compiler and 10 more | 2023-01-20 | 9.3 HIGH | 8.8 HIGH |
| Use-after-free vulnerability in the instanceof function in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code by leveraging improper reference handling, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0982, CVE-2016-0983, and CVE-2016-0984. | |||||
| CVE-2022-3352 | 3 Debian, Fedoraproject, Vim | 3 Debian Linux, Fedora, Vim | 2023-01-20 | N/A | 7.8 HIGH |
| Use After Free in GitHub repository vim/vim prior to 9.0.0614. | |||||
| CVE-2022-3256 | 3 Debian, Fedoraproject, Vim | 3 Debian Linux, Fedora, Vim | 2023-01-20 | N/A | 7.8 HIGH |
| Use After Free in GitHub repository vim/vim prior to 9.0.0530. | |||||
| CVE-2022-2938 | 4 Fedoraproject, Linux, Netapp and 1 more | 13 Fedora, Linux Kernel, H300s and 10 more | 2023-01-20 | N/A | 7.8 HIGH |
| A flaw was found in the Linux kernel's implementation of Pressure Stall Information. While the feature is disabled by default, it could allow an attacker to crash the system or have other memory-corruption side effects. | |||||
| CVE-2022-3235 | 3 Debian, Fedoraproject, Vim | 3 Debian Linux, Fedora, Vim | 2023-01-20 | N/A | 7.8 HIGH |
| Use After Free in GitHub repository vim/vim prior to 9.0.0490. | |||||
| CVE-2022-2526 | 2 Netapp, Systemd Project | 10 Active Iq Unified Manager, H300s, H300s Firmware and 7 more | 2023-01-19 | N/A | 9.8 CRITICAL |
| A use-after-free vulnerability was found in systemd. This issue occurs due to the on_stream_io() function and dns_stream_complete() function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream object. Therefore, other functions and callbacks called can dereference the DNSStream object, causing the use-after-free when the reference is still used later. | |||||
| CVE-2022-3620 | 2 Exim, Fedoraproject | 2 Exim, Fedora | 2023-01-19 | N/A | 9.8 CRITICAL |
| A vulnerability was found in Exim and classified as problematic. This issue affects the function dmarc_dns_lookup of the file dmarc.c of the component DMARC Handler. The manipulation leads to use after free. The attack may be initiated remotely. The name of the patch is 12fb3842f81bcbd4a4519d5728f2d7e0e3ca1445. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211919. | |||||