Total
5500 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-28071 | 1 Radare | 1 Radare2 | 2024-10-03 | 7.5 High |
| A use after free in r_reg_get_name_idx function in radare2 5.4.2 and 5.4.0. | ||||
| CVE-2022-28073 | 1 Radare | 1 Radare2 | 2024-10-03 | 7.5 High |
| A use after free in r_reg_set_value function in radare2 5.4.2 and 5.4.0. | ||||
| CVE-2022-4921 | 1 Google | 1 Chrome | 2024-10-03 | 8.8 High |
| Use after free in Accessibility in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2022-4919 | 1 Google | 1 Chrome | 2024-10-03 | 8.8 High |
| Use after free in Base Internals in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2021-4322 | 1 Google | 1 Chrome | 2024-10-03 | 8.8 High |
| Use after free in DevTools in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security severity: Medium) | ||||
| CVE-2022-4918 | 1 Google | 1 Chrome | 2024-10-02 | 8.8 High |
| Use after free in UI in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2022-4916 | 1 Google | 1 Chrome | 2024-10-02 | 8.8 High |
| Use after free in Media in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2022-46884 | 1 Mozilla | 1 Firefox | 2024-10-02 | 8.8 High |
| A potential use-after-free vulnerability existed in SVG Images if the Refresh Driver was destroyed at an inopportune time. This could have lead to memory corruption or a potentially exploitable crash. *Note*: This advisory was added on December 13th, 2022 after discovering it was inadvertently left out of the original advisory. The fix was included in the original release of Firefox 106. This vulnerability affects Firefox < 106. | ||||
| CVE-2023-39562 | 1 Gpac | 1 Gpac | 2024-10-02 | 5.5 Medium |
| GPAC v2.3-DEV-rev449-g5948e4f70-master was discovered to contain a heap-use-after-free via the gf_bs_align function at bitstream.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted file. | ||||
| CVE-2023-43514 | 1 Qualcomm | 167 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 164 more | 2024-10-01 | 8.4 High |
| Memory corruption while invoking IOCTLs calls from user space for internal mem MAP and internal mem UNMAP. | ||||
| CVE-2023-20849 | 4 Google, Linux, Linuxfoundation and 1 more | 12 Android, Linux Kernel, Yocto and 9 more | 2024-10-01 | 6.5 Medium |
| In imgsys_cmdq, there is a possible use after free due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340350. | ||||
| CVE-2023-35618 | 1 Microsoft | 1 Edge Chromium | 2024-10-01 | 9.6 Critical |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | ||||
| CVE-2023-29358 | 1 Microsoft | 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more | 2024-10-01 | 7.8 High |
| Windows GDI Elevation of Privilege Vulnerability | ||||
| CVE-2023-3297 | 2 Canonical, Linux | 3 Accountsservice, Ubuntu Linux, Linux Kernel | 2024-09-30 | 8.1 High |
| In Ubuntu's accountsservice an unprivileged local attacker can trigger a use-after-free vulnerability in accountsservice by sending a D-Bus message to the accounts-daemon process. | ||||
| CVE-2024-4607 | 1 Arm | 4 5th Gen Gpu Architecture Kernel Driver, Arm 5th Gen Gpu Architecture Kernel Driver, Bifrost Gpu Kernel Driver and 1 more | 2024-09-30 | 7.8 High |
| Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r41p0 through r49p0; Valhall GPU Kernel Driver: from r41p0 through r49p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r49p0. | ||||
| CVE-2024-2937 | 1 Arm | 3 5th Gen Gpu Architecture Kernel Driver, Bifrost Gpu Kernel Driver, Valhall Gpu Kernel Driver | 2024-09-30 | 7.8 High |
| Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r41p0 through r49p0; Valhall GPU Kernel Driver: from r41p0 through r49p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r49p0. | ||||
| CVE-2024-3655 | 1 Arm | 3 Arm 5th Gen Gpu Architecture Kernel Driver, Bifrost Gpu Kernel Driver, Valhall Gpu Kernel Driver | 2024-09-30 | 7.8 High |
| Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r43p0 through r49p0; Valhall GPU Kernel Driver: from r43p0 through r49p0; Arm 5th Gen GPU Architecture Kernel Driver: from r43p0 through r49p0. | ||||
| CVE-2020-2758 | 2 Opensuse, Oracle | 2 Leap, Vm Virtualbox | 2024-09-30 | 8.2 High |
| Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H). | ||||
| CVE-2024-0775 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-09-28 | 6.7 Medium |
| A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to cause an information leak problem while freeing the old quota file names before a potential failure, leading to a use-after-free. | ||||
| CVE-2023-3472 | 1 Panasonic | 1 Kw Watcher | 2024-09-26 | 8.6 High |
| Use after free vulnerability in Panasonic KW Watcher versions 1.00 through 2.82 may allow attackers to execute arbitrary code. | ||||