Total
4955 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-36086 | 2 Fedoraproject, Selinux Project | 2 Fedora, Selinux | 2023-11-07 | 2.1 LOW | 3.3 LOW |
| The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list). | |||||
| CVE-2021-33574 | 4 Debian, Fedoraproject, Gnu and 1 more | 20 Debian Linux, Fedora, Glibc and 17 more | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact. | |||||
| CVE-2021-33034 | 3 Debian, Fedoraproject, Linux | 3 Debian Linux, Fedora, Linux Kernel | 2023-11-07 | 4.6 MEDIUM | 7.8 HIGH |
| In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. This leads to writing an arbitrary value. | |||||
| CVE-2021-30980 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2023-11-07 | 9.3 HIGH | 7.8 HIGH |
| A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2021-30951 | 3 Apple, Debian, Fedoraproject | 8 Ipados, Iphone Os, Macos and 5 more | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2021-30609 | 2 Fedoraproject, Microsoft | 3 Fedora, Edge, Edge Chromium | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Chromium: CVE-2021-30609 Use after free in Sign-In | |||||
| CVE-2021-30586 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in dialog box handling in Windows in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-30624 | 2 Fedoraproject, Microsoft | 3 Fedora, Edge, Edge Chromium | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Chromium: CVE-2021-30624 Use after free in Autofill | |||||
| CVE-2021-30613 | 2 Fedoraproject, Microsoft | 3 Fedora, Edge, Edge Chromium | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Chromium: CVE-2021-30613 Use after free in Base internals | |||||
| CVE-2021-30527 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in WebUI in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-30543 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in Tab Strip in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-30604 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in ANGLE in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-30546 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in Autofill in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-30549 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in Spell check in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-30522 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in WebAudio in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-30528 | 2 Fedoraproject, Google | 3 Fedora, Android, Chrome | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in WebAuthentication in Google Chrome on Android prior to 91.0.4472.77 allowed a remote attacker who had compromised the renderer process of a user who had saved a credit card in their Google account to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-30902 | 1 Apple | 3 Ipad Os, Ipados, Iphone Os | 2023-11-07 | 4.6 MEDIUM | 7.8 HIGH |
| A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8.1 and iPadOS 14.8.1, iOS 15.1 and iPadOS 15.1. A local attacker may be able to cause unexpected application termination or arbitrary code execution. | |||||
| CVE-2021-30606 | 2 Fedoraproject, Microsoft | 3 Fedora, Edge, Edge Chromium | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Chromium: CVE-2021-30606 Use after free in Blink | |||||
| CVE-2021-30886 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-11-07 | 9.3 HIGH | 7.8 HIGH |
| A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2021-30550 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in Accessibility in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. | |||||