Total
5502 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-32091 | 4 Debian, Fedoraproject, Mariadb and 1 more | 5 Debian Linux, Fedora, Mariadb and 2 more | 2024-08-03 | 7.5 High |
| MariaDB v10.7 was discovered to contain an use-after-poison in in __interceptor_memset at /libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc. | ||||
| CVE-2022-32081 | 3 Fedoraproject, Mariadb, Redhat | 4 Fedora, Mariadb, Enterprise Linux and 1 more | 2024-08-03 | 7.5 High |
| MariaDB v10.4 to v10.7 was discovered to contain an use-after-poison in prepare_inplace_add_virtual at /storage/innobase/handler/handler0alter.cc. | ||||
| CVE-2022-31747 | 2 Mozilla, Redhat | 6 Firefox, Firefox Esr, Thunderbird and 3 more | 2024-08-03 | 9.8 Critical |
| Mozilla developers Andrew McCreight, Nicolas B. Pierron, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 100 and Firefox ESR 91.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10. | ||||
| CVE-2022-31307 | 1 F5 | 1 Njs | 2024-08-03 | 5.5 Medium |
| Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_string_offset at src/njs_string.c. | ||||
| CVE-2022-31306 | 1 F5 | 1 Njs | 2024-08-03 | 5.5 Medium |
| Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_array_convert_to_slow_array at src/njs_array.c. | ||||
| CVE-2022-31146 | 1 Bytecodealliance | 2 Cranelift-codegen, Wasmtime | 2024-08-03 | 6.4 Medium |
| Wasmtime is a standalone runtime for WebAssembly. There is a bug in the Wasmtime's code generator, Cranelift, where functions using reference types may be incorrectly missing metadata required for runtime garbage collection. This means that if a GC happens at runtime then the GC pass will mistakenly think these functions do not have live references to GC'd values, reclaiming them and deallocating them. The function will then subsequently continue to use the values assuming they had not been GC'd, leading later to a use-after-free. This bug was introduced in the migration to the `regalloc2` register allocator that occurred in the Wasmtime 0.37.0 release on 2022-05-20. This bug has been patched and users should upgrade to Wasmtime version 0.38.2. Mitigations for this issue can be achieved by disabling the reference types proposal by passing `false` to `wasmtime::Config::wasm_reference_types` or downgrading to Wasmtime 0.36.0 or prior. | ||||
| CVE-2022-30644 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2024-08-03 | 7.8 High |
| Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2022-30539 | 1 Intel | 106 Xeon Gold 5315y, Xeon Gold 5315y Firmware, Xeon Gold 5317 and 103 more | 2024-08-03 | 7.5 High |
| Use after free in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-30065 | 2 Busybox, Siemens | 13 Busybox, Scalance Sc622-2c, Scalance Sc622-2c Firmware and 10 more | 2024-08-03 | 7.8 High |
| A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function. | ||||
| CVE-2022-29919 | 1 Intel | 1 Virtual Raid On Cpu | 2024-08-03 | 7.8 High |
| Use after free in the Intel(R) VROC software before version 7.7.6.1003 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-29794 | 1 Huawei | 2 Emui, Harmonyos | 2024-08-03 | 9.8 Critical |
| The frame scheduling module has a Use After Free (UAF) vulnerability.Successful exploitation of this vulnerability will affect data integrity, availability, and confidentiality. | ||||
| CVE-2022-29692 | 1 Unicorn-engine | 1 Unicorn Engine | 2024-08-03 | 7.8 High |
| Unicorn Engine v1.0.3 was discovered to contain a use-after-free vulnerability via the hook function. | ||||
| CVE-2022-29522 | 1 Fujielectric | 2 V-server, V-sft | 2024-08-03 | 7.8 High |
| Use after free vulnerability exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. | ||||
| CVE-2022-29581 | 5 Canonical, Debian, Linux and 2 more | 22 Ubuntu Linux, Debian Linux, Linux Kernel and 19 more | 2024-08-03 | 7.8 High |
| Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions. | ||||
| CVE-2022-29582 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-08-03 | 7.0 High |
| In the Linux kernel before 5.17.3, fs/io_uring.c has a use-after-free due to a race condition in io_uring timeouts. This can be triggered by a local user who has no access to any user namespace; however, the race condition perhaps can only be exploited infrequently. | ||||
| CVE-2022-29227 | 1 Envoyproxy | 1 Envoy | 2024-08-03 | 7.5 High |
| Envoy is a cloud-native high-performance edge/middle/service proxy. In versions prior to 1.22.1 if Envoy attempts to send an internal redirect of an HTTP request consisting of more than HTTP headers, there’s a lifetime bug which can be triggered. If while replaying the request Envoy sends a local reply when the redirect headers are processed, the downstream state indicates that the downstream stream is not complete. On sending the local reply, Envoy will attempt to reset the upstream stream, but as it is actually complete, and deleted, this result in a use-after-free. Users are advised to upgrade. Users unable to upgrade are advised to disable internal redirects if crashes are observed. | ||||
| CVE-2022-29228 | 2 Envoyproxy, Redhat | 2 Envoy, Service Mesh | 2024-08-03 | 7.5 High |
| Envoy is a cloud-native high-performance proxy. In versions prior to 1.22.1 the OAuth filter would try to invoke the remaining filters in the chain after emitting a local response, which triggers an ASSERT() in newer versions and corrupts memory on earlier versions. continueDecoding() shouldn’t ever be called from filters after a local reply has been sent. Users are advised to upgrade. There are no known workarounds for this issue. | ||||
| CVE-2022-29156 | 2 Linux, Netapp | 17 Linux Kernel, H300e, H300e Firmware and 14 more | 2024-08-03 | 7.8 High |
| drivers/infiniband/ulp/rtrs/rtrs-clt.c in the Linux kernel before 5.16.12 has a double free related to rtrs_clt_dev_release. | ||||
| CVE-2022-28893 | 4 Debian, Linux, Netapp and 1 more | 25 Debian Linux, Linux Kernel, H300e and 22 more | 2024-08-03 | 7.8 High |
| The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state. | ||||
| CVE-2022-28835 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2024-08-03 | 7.8 High |
| Adobe InCopy versions 17.1 (and earlier) and 16.4.1 (and earlier) are affected by an Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||