Total
4955 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-27867 | 1 Autodesk | 1 Autocad | 2022-06-29 | 6.8 MEDIUM | 7.8 HIGH |
| A maliciously crafted JT file in Autodesk AutoCAD 2022, 2021, 2020, 2019 can be used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution. | |||||
| CVE-2022-31306 | 1 F5 | 1 Njs | 2022-06-29 | 4.3 MEDIUM | 5.5 MEDIUM |
| Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_array_convert_to_slow_array at src/njs_array.c. | |||||
| CVE-2021-41682 | 1 Jerryscript | 1 Jerryscript | 2022-06-28 | 6.8 MEDIUM | 7.8 HIGH |
| There is a heap-use-after-free at ecma-helpers-string.c:1940 in ecma_compare_ecma_non_direct_strings in JerryScript 2.4.0 | |||||
| CVE-2022-21806 | 1 Anker | 2 Eufy Homebase 2, Eufy Homebase 2 Firmware | 2022-06-28 | 7.5 HIGH | 9.8 CRITICAL |
| A use-after-free vulnerability exists in the mips_collector appsrv_server functionality of Anker Eufy Homebase 2 2.1.8.5h. A specially-crafted set of network packets can lead to remote code execution. The device is exposed to attacks from the network. | |||||
| CVE-2021-22350 | 1 Huawei | 2 Emui, Magic Ui | 2022-06-28 | 7.8 HIGH | 7.5 HIGH |
| There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause the device to crash and restart. | |||||
| CVE-2021-22353 | 1 Huawei | 2 Emui, Magic Ui | 2022-06-28 | 7.8 HIGH | 7.5 HIGH |
| There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause the kernel to restart. | |||||
| CVE-2021-22348 | 1 Huawei | 2 Emui, Magic Ui | 2022-06-28 | 7.5 HIGH | 9.8 CRITICAL |
| There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause code to execute. | |||||
| CVE-2021-22390 | 1 Huawei | 2 Emui, Magic Ui | 2022-06-28 | 7.5 HIGH | 9.8 CRITICAL |
| There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause certain codes to be executed. | |||||
| CVE-2019-5066 | 1 Aspose | 1 Aspose.pdf For C\+\+ | 2022-06-27 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable use-after-free vulnerability exists in the way LZW-compressed streams are processed in Aspose.PDF 19.2 for C++. A specially crafted PDF can cause a dangling heap pointer, resulting in a use-after-free condition. To trigger this vulnerability, a specifically crafted PDF document needs to be processed by the target application. | |||||
| CVE-2019-5042 | 1 Aspose | 1 Aspose.pdf For C\+\+ | 2022-06-27 | 6.5 MEDIUM | 8.8 HIGH |
| An exploitable Use-After-Free vulnerability exists in the way FunctionType 0 PDF elements are processed in Aspose.PDF 19.2 for C++. A specially crafted PDF can cause a dangling heap pointer, resulting in a use-after-free. An attacker can send a malicious PDF to trigger this vulnerability. | |||||
| CVE-2019-5053 | 1 Gonitro | 1 Nitropdf | 2022-06-27 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable use-after-free vulnerability exists in the Length parsing function of NitroPDF. A specially crafted PDF can cause a type confusion, resulting in a use-after-free condition. An attacker can craft a malicious PDF to trigger this vulnerability. | |||||
| CVE-2019-5047 | 1 Gonitro | 1 Nitropdf | 2022-06-27 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable Use After Free vulnerability exists in the CharProcs parsing functionality of NitroPDF. A specially crafted PDF can cause a type confusion, resulting in a Use After Free. An attacker can craft a malicious PDF to trigger this vulnerability. | |||||
| CVE-2022-20185 | 1 Google | 1 Android | 2022-06-24 | 4.6 MEDIUM | 6.7 MEDIUM |
| In TBD of TBD, there is a possible use after free bug. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-208842348References: N/A | |||||
| CVE-2022-29522 | 1 Fujielectric | 2 V-server, V-sft | 2022-06-22 | 6.8 MEDIUM | 7.8 HIGH |
| Use after free vulnerability exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. | |||||
| CVE-2021-35130 | 1 Qualcomm | 114 Ar8035, Ar8035 Firmware, Qam8295p and 111 more | 2022-06-22 | 7.2 HIGH | 7.8 HIGH |
| Memory corruption in graphics support layer due to use after free condition in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | |||||
| CVE-2021-4150 | 1 Linux | 1 Linux Kernel | 2022-06-22 | 4.9 MEDIUM | 5.5 MEDIUM |
| A use-after-free flaw was found in the add_partition in block/partitions/core.c in the Linux kernel. A local attacker with user privileges could cause a denial of service on the system. The issue results from the lack of code cleanup when device_add call fails when adding a partition to the disk. | |||||
| CVE-2022-22068 | 1 Qualcomm | 232 Apq8053, Apq8053 Firmware, Aqt1000 and 229 more | 2022-06-22 | 7.2 HIGH | 7.8 HIGH |
| kernel event may contain unexpected content which is not generated by NPU software in asynchronous execution mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2019-5096 | 1 Embedthis | 1 Goahead | 2022-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable code execution vulnerability exists in the processing of multi-part/form-data requests within the base GoAhead web server application in versions v5.0.1, v.4.1.1 and v3.6.5. A specially crafted HTTP request can lead to a use-after-free condition during the processing of this request that can be used to corrupt heap structures that could lead to full code execution. The request can be unauthenticated in the form of GET or POST requests, and does not require the requested resource to exist on the server. | |||||
| CVE-2019-5126 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2022-06-17 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit PDF Reader, version 9.7.0.29435. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability. | |||||
| CVE-2022-27512 | 1 Citrix | 1 Application Delivery Management | 2022-06-16 | 5.0 MEDIUM | 5.3 MEDIUM |
| Temporary disruption of the ADM license service. The impact of this includes preventing new licenses from being issued or renewed by Citrix ADM. | |||||