Total
4955 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-25896 | 3 Adobe, Apple, Microsoft | 3 Dimension, Macos, Windows | 2023-04-03 | N/A | 7.8 HIGH |
| Adobe Dimension versions 3.4.7 (and earlier) is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-25893 | 3 Adobe, Apple, Microsoft | 3 Dimension, Macos, Windows | 2023-04-03 | N/A | 7.8 HIGH |
| Adobe Dimension versions 3.4.7 (and earlier) is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-26336 | 3 Adobe, Apple, Microsoft | 3 Dimension, Macos, Windows | 2023-03-31 | N/A | 7.8 HIGH |
| Adobe Dimension versions 3.4.7 (and earlier) is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-26349 | 1 Adobe | 1 Dimension | 2023-03-31 | N/A | 5.5 MEDIUM |
| Adobe Dimension versions 3.4.7 (and earlier) is affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2019-15232 | 1 Live555 | 1 Streaming Media | 2023-03-29 | 7.5 HIGH | 9.8 CRITICAL |
| Live555 before 2019.08.16 has a Use-After-Free because GenericMediaServer::createNewClientSessionWithId can generate the same client session ID in succession, which is mishandled by the MPEG1or2 and Matroska file demultiplexors. | |||||
| CVE-2022-26702 | 1 Apple | 4 Ipados, Iphone Os, Tvos and 1 more | 2023-03-28 | 9.3 HIGH | 7.8 HIGH |
| A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 8.6, tvOS 15.5, iOS 15.5 and iPadOS 15.5. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2023-26426 | 1 Adobe | 1 Illustrator | 2023-03-24 | N/A | 7.8 HIGH |
| Illustrator version 26.5.2 (and earlier) and 27.2.0 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-21459 | 1 Samsung | 2 Android, Exynos 2100 | 2023-03-23 | N/A | 9.8 CRITICAL |
| Use after free vulnerability in decon driver prior to SMR Mar-2023 Release 1 allows attackers to cause memory access fault. | |||||
| CVE-2022-47460 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-03-23 | N/A | 5.5 MEDIUM |
| In gpu device, there is a memory corruption due to a use after free. This could lead to local denial of service in kernel. | |||||
| CVE-2022-1050 | 1 Qemu | 1 Qemu | 2023-03-15 | 4.6 MEDIUM | 8.8 HIGH |
| A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to execute HW commands when shared buffers are not yet allocated, potentially leading to a use-after-free condition. | |||||
| CVE-2022-44683 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2023-03-10 | N/A | 7.8 HIGH |
| Windows Kernel Elevation of Privilege Vulnerability | |||||
| CVE-2022-46712 | 1 Apple | 1 Macos | 2023-03-08 | N/A | 7.8 HIGH |
| A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13. An app may be able to cause unexpected system termination or potentially execute code with kernel privileges. | |||||
| CVE-2018-11516 | 1 Videolan | 1 Vlc Media Player | 2023-03-03 | 6.8 MEDIUM | 8.8 HIGH |
| The vlc_demux_chained_Delete function in input/demux_chained.c in VideoLAN VLC media player 3.0.1 allows remote attackers to cause a denial of service (heap corruption and application crash) or possibly have unspecified other impact via a crafted .swf file. | |||||
| CVE-2019-13514 | 1 Deltaww | 1 Delta Industrial Automation Dopsoft | 2023-03-03 | 6.8 MEDIUM | 7.8 HIGH |
| In Delta Industrial Automation DOPSoft, Version 4.00.06.15 and prior, processing a specially crafted project file may trigger a use-after-free vulnerability, which may allow information disclosure, remote code execution, or crash of the application. | |||||
| CVE-2022-30539 | 1 Intel | 106 Xeon Gold 5315y, Xeon Gold 5315y Firmware, Xeon Gold 5317 and 103 more | 2023-03-02 | N/A | 6.7 MEDIUM |
| Use after free in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2019-14980 | 2 Imagemagick, Opensuse | 2 Imagemagick, Leap | 2023-03-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| In ImageMagick 7.x before 7.0.8-42 and 6.x before 6.9.10-42, there is a use after free vulnerability in the UnmapBlob function that allows an attacker to cause a denial of service by sending a crafted file. | |||||
| CVE-2022-1652 | 4 Debian, Linux, Netapp and 1 more | 13 Debian Linux, Linux Kernel, H300s and 10 more | 2023-03-01 | 7.2 HIGH | 7.8 HIGH |
| Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system. | |||||
| CVE-2022-1786 | 2 Linux, Netapp | 11 Linux Kernel, H300s, H300s Firmware and 8 more | 2023-03-01 | 7.2 HIGH | 7.8 HIGH |
| A use-after-free flaw was found in the Linux kernel’s io_uring subsystem in the way a user sets up a ring with IORING_SETUP_IOPOLL with more than one task completing submissions on this ring. This flaw allows a local user to crash or escalate their privileges on the system. | |||||
| CVE-2021-43057 | 2 Linux, Netapp | 17 Linux Kernel, H300e, H300e Firmware and 14 more | 2023-03-01 | 7.2 HIGH | 7.8 HIGH |
| An issue was discovered in the Linux kernel before 5.14.8. A use-after-free in selinux_ptrace_traceme (aka the SELinux handler for PTRACE_TRACEME) could be used by local attackers to cause memory corruption and escalate privileges, aka CID-a3727a8bac0a. This occurs because of an attempt to access the subjective credentials of another task. | |||||
| CVE-2023-21584 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2023-03-01 | N/A | 5.5 MEDIUM |
| FrameMaker 2020 Update 4 (and earlier), 2022 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||