Total
3445 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-1568 | 3 Debian, Qemu, Redhat | 5 Debian Linux, Qemu, Enterprise Linux and 2 more | 2023-02-12 | 6.9 MEDIUM | 8.8 HIGH |
| Use-after-free vulnerability in hw/ide/ahci.c in QEMU, when built with IDE AHCI Emulation support, allows guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary code via an invalid AHCI Native Command Queuing (NCQ) AIO command. | |||||
| CVE-2022-2738 | 2 Podman Project, Redhat | 3 Podman, Enterprise Linux Server, Enterprise Linux Workstation | 2023-02-12 | N/A | 7.5 HIGH |
| The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version of podman missing the fix for CVE-2020-8945, which was previously fixed via RHSA-2020:2117. This issue could possibly be used to crash or cause potential code execution in Go applications that use the Go GPGME wrapper library, under certain conditions, during GPG signature verification. | |||||
| CVE-2020-25725 | 2 Fedoraproject, Xpdfreader | 2 Fedora, Xpdf | 2023-02-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| In Xpdf 4.02, SplashOutputDev::endType3Char(GfxState *state) SplashOutputDev.cc:3079 is trying to use the freed `t3GlyphStack->cache`, which causes an `heap-use-after-free` problem. The codes of a previous fix for nested Type 3 characters wasn't correctly handling the case where a Type 3 char referred to another char in the same Type 3 font. | |||||
| CVE-2022-1184 | 3 Debian, Linux, Redhat | 3 Debian Linux, Linux Kernel, Enterprise Linux | 2023-02-12 | N/A | 5.5 MEDIUM |
| A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service. | |||||
| CVE-2022-0216 | 2 Fedoraproject, Qemu | 2 Fedora, Qemu | 2023-02-12 | N/A | 4.4 MEDIUM |
| A use-after-free vulnerability was found in the LSI53C895A SCSI Host Bus Adapter emulation of QEMU. The flaw occurs while processing repeated messages to cancel the current SCSI request via the lsi_do_msgout function. This flaw allows a malicious privileged user within the guest to crash the QEMU process on the host, resulting in a denial of service. | |||||
| CVE-2022-4379 | 2 Fedoraproject, Linux | 2 Fedora, Linux Kernel | 2023-02-12 | N/A | 7.5 HIGH |
| A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial | |||||
| CVE-2022-30065 | 2 Busybox, Siemens | 13 Busybox, Scalance Sc622-2c, Scalance Sc622-2c Firmware and 10 more | 2023-02-11 | 6.8 MEDIUM | 7.8 HIGH |
| A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function. | |||||
| CVE-2021-4028 | 2 Linux, Suse | 2 Linux Kernel, Linux Enterprise | 2023-02-10 | N/A | 7.8 HIGH |
| A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element to be used after free. Given the ability to execute code, a local attacker could leverage this use-after-free to crash the system or possibly escalate privileges on the system. | |||||
| CVE-2020-6807 | 2 Canonical, Mozilla | 4 Ubuntu Linux, Firefox, Firefox Esr and 1 more | 2023-02-09 | 6.8 MEDIUM | 8.8 HIGH |
| When a device was changed while a stream was about to be destroyed, the <code>stream-reinit</code> task may have been executed after the stream was destroyed, causing a use-after-free and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6. | |||||
| CVE-2020-6805 | 2 Canonical, Mozilla | 4 Ubuntu Linux, Firefox, Firefox Esr and 1 more | 2023-02-09 | 6.8 MEDIUM | 8.8 HIGH |
| When removing data about an origin whose tab was recently closed, a use-after-free could occur in the Quota manager, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6. | |||||
| CVE-2022-3625 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2023-02-09 | N/A | 7.8 HIGH |
| A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211929 was assigned to this vulnerability. | |||||
| CVE-2023-25012 | 1 Linux | 1 Linux Kernel | 2023-02-09 | N/A | 4.6 MEDIUM |
| The Linux kernel through 6.1.9 has a Use-After-Free in bigben_remove in drivers/hid/hid-bigbenff.c via a crafted USB device because the LED controllers remain registered for too long. | |||||
| CVE-2017-18218 | 1 Linux | 1 Linux Kernel | 2023-02-07 | 7.2 HIGH | 7.8 HIGH |
| In drivers/net/ethernet/hisilicon/hns/hns_enet.c in the Linux kernel before 4.13, local users can cause a denial of service (use-after-free and BUG) or possibly have unspecified other impact by leveraging differences in skb handling between hns_nic_net_xmit_hw and hns_nic_net_xmit. | |||||
| CVE-2023-0240 | 1 Linux | 1 Linux Kernel | 2023-02-06 | N/A | 7.8 HIGH |
| There is a logic error in io_uring's implementation which can be used to trigger a use-after-free vulnerability leading to privilege escalation. In the io_prep_async_work function the assumption that the last io_grab_identity call cannot return false is not true, and in this case the function will use the init_cred or the previous linked requests identity to do operations instead of using the current identity. This can lead to reference counting issues causing use-after-free. We recommend upgrading past version 5.10.161. | |||||
| CVE-2023-0266 | 1 Linux | 1 Linux Kernel | 2023-02-06 | N/A | 7.8 HIGH |
| A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgrading past commit 56b88b50565cd8b946a2d00b0c83927b7ebb055e | |||||
| CVE-2023-0471 | 1 Google | 1 Chrome | 2023-02-06 | N/A | 8.8 HIGH |
| Use after free in WebTransport in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2023-0472 | 1 Google | 1 Chrome | 2023-02-06 | N/A | 8.8 HIGH |
| Use after free in WebRTC in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2023-0474 | 1 Google | 1 Chrome | 2023-02-06 | N/A | 8.8 HIGH |
| Use after free in GuestView in Google Chrome prior to 109.0.5414.119 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a Chrome web app. (Chromium security severity: Medium) | |||||
| CVE-2023-20928 | 1 Google | 1 Android | 2023-02-06 | N/A | 7.8 HIGH |
| In binder_vma_close of binder.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-254837884References: Upstream kernel | |||||
| CVE-2021-33641 | 1 Openeuler | 1 Byacc | 2023-02-06 | N/A | 9.8 CRITICAL |
| When processing files, malloc stores the data of the current line. When processing comments, malloc incorrectly accesses the released memory (use after free). | |||||