Total
5500 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-21608 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-08-02 | 7.8 High |
| Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-21598 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2024-08-02 | 5.5 Medium |
| Adobe InCopy versions 18.0 (and earlier), 17.4 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-21551 | 1 Microsoft | 13 Windows 10 1809, Windows 10 20h2, Windows 10 20h2 and 10 more | 2024-08-02 | 7.8 High |
| Microsoft Cryptographic Services Elevation of Privilege Vulnerability | ||||
| CVE-2023-21552 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2024-08-02 | 7.8 High |
| Windows GDI Elevation of Privilege Vulnerability | ||||
| CVE-2023-21532 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2024-08-02 | 7 High |
| Windows GDI Elevation of Privilege Vulnerability | ||||
| CVE-2023-21584 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2024-08-02 | 5.5 Medium |
| FrameMaker 2020 Update 4 (and earlier), 2022 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-21459 | 1 Samsung | 2 Android, Exynos 2100 | 2024-08-02 | 5 Medium |
| Use after free vulnerability in decon driver prior to SMR Mar-2023 Release 1 allows attackers to cause memory access fault. | ||||
| CVE-2023-21400 | 2 Debian, Google | 2 Debian Linux, Android | 2024-08-02 | 6.7 Medium |
| In multiple functions of io_uring.c, there is a possible kernel memory corruption due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-21395 | 1 Google | 1 Android | 2024-08-02 | 6.5 Medium |
| In Bluetooth, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-21392 | 1 Google | 1 Android | 2024-08-02 | 8.8 High |
| In Bluetooth, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege when connecting to a Bluetooth device with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-21361 | 1 Google | 1 Android | 2024-08-02 | 8.8 High |
| In Bluetooth, there is a possibility of code-execution due to a use after free. This could lead to paired device escalation of privilege in the privileged Bluetooth process with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-21255 | 2 Debian, Google | 2 Debian Linux, Android | 2024-08-02 | 7.8 High |
| In multiple functions of binder.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-21146 | 1 Google | 1 Android | 2024-08-02 | 6.7 Medium |
| there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239867994References: N/A | ||||
| CVE-2023-21147 | 1 Google | 1 Android | 2024-08-02 | 7.8 High |
| In lwis_i2c_device_disable of lwis_device_i2c.c, there is a possible UAF due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-269661912References: N/A | ||||
| CVE-2023-21108 | 1 Google | 1 Android | 2024-08-02 | 8.8 High |
| In sdpu_build_uuid_seq of sdp_discovery.cc, there is a possible out of bounds write due to a use after free. This could lead to remote code execution over Bluetooth, if HFP support is enabled, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-239414876 | ||||
| CVE-2023-21101 | 1 Google | 1 Android | 2024-08-02 | 7.0 High |
| In multiple functions of WVDrmPlugin.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-258189255 | ||||
| CVE-2023-21120 | 1 Google | 1 Android | 2024-08-02 | 7.8 High |
| In multiple functions of cdm_engine.cpp, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-258188673 | ||||
| CVE-2023-21096 | 1 Google | 1 Android | 2024-08-02 | 9.8 Critical |
| In OnWakelockReleased of attribution_processor.cc, there is a use after free that could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-254774758 | ||||
| CVE-2023-21018 | 1 Google | 1 Android | 2024-08-02 | 6.7 Medium |
| In UnwindingWorker of unwinding.cc, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-233338564 | ||||
| CVE-2023-21045 | 1 Google | 1 Android | 2024-08-02 | 4.4 Medium |
| When cpif handles probe failures, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-259323725References: N/A | ||||