Total
4506 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-45405 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2023-01-04 | N/A | 6.5 MEDIUM |
| Freeing arbitrary <code>nsIInputStream</code>'s on a different thread than creation could have led to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. | |||||
| CVE-2022-34470 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2023-01-04 | N/A | 9.8 CRITICAL |
| Session history navigations may have led to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11. | |||||
| CVE-2022-40960 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2023-01-04 | N/A | 6.5 MEDIUM |
| Concurrent use of the URL parser with non-UTF-8 data was not thread-safe. This could lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105. | |||||
| CVE-2022-38476 | 1 Mozilla | 2 Firefox Esr, Thunderbird | 2023-01-03 | N/A | 7.5 HIGH |
| A data race could occur in the <code>PK11_ChangePW</code> function, potentially leading to a use-after-free vulnerability. In Firefox, this lock protected the data when a user changed their master password. This vulnerability affects Firefox ESR < 102.2 and Thunderbird < 102.2. | |||||
| CVE-2021-4128 | 2 Apple, Mozilla | 2 Macos, Firefox | 2023-01-03 | N/A | 6.5 MEDIUM |
| When transitioning in and out of fullscreen mode, a graphics object was not correctly protected; resulting in memory corruption and a potentially exploitable crash.<br>*This bug only affects Firefox on MacOS. Other operating systems are unaffected.*. This vulnerability affects Firefox < 95. | |||||
| CVE-2021-3748 | 5 Canonical, Debian, Fedoraproject and 2 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2023-01-03 | 6.9 MEDIUM | 7.5 HIGH |
| A use-after-free vulnerability was found in the virtio-net device of QEMU. It could occur when the descriptor's address belongs to the non direct access region, due to num_buffers being set after the virtqueue elem has been unmapped. A malicious guest could use this flaw to crash QEMU, resulting in a denial of service condition, or potentially execute code on the host with the privileges of the QEMU process. | |||||
| CVE-2022-46282 | 1 Omron | 1 Cx-drive | 2022-12-30 | N/A | 7.8 HIGH |
| Use after free vulnerability in CX-Drive V3.00 and earlier allows a local attacker to execute arbitrary code by having a user to open a specially crafted file, | |||||
| CVE-2022-26486 | 1 Mozilla | 4 Firefox, Firefox Esr, Firefox Focus and 1 more | 2022-12-30 | N/A | 9.6 CRITICAL |
| An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. | |||||
| CVE-2022-28282 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2022-12-30 | N/A | 6.5 MEDIUM |
| By using a link with <code>rel="localization"</code> a use-after-free could have been triggered by destroying an object during JavaScript execution and then referencing the object through a freed pointer, leading to a potential exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8. | |||||
| CVE-2022-26485 | 1 Mozilla | 4 Firefox, Firefox Esr, Firefox Focus and 1 more | 2022-12-30 | N/A | 8.8 HIGH |
| Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. | |||||
| CVE-2022-26385 | 1 Mozilla | 1 Firefox | 2022-12-30 | N/A | 6.5 MEDIUM |
| In unusual circumstances, an individual thread may outlive the thread's manager during shutdown. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox < 98. | |||||
| CVE-2022-26381 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2022-12-30 | N/A | 8.8 HIGH |
| An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a potentially exploitable crash. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7. | |||||
| CVE-2022-1196 | 1 Mozilla | 2 Firefox Esr, Thunderbird | 2022-12-29 | N/A | 6.5 MEDIUM |
| After a VR Process is destroyed, a reference to it may have been retained and used, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Thunderbird < 91.8 and Firefox ESR < 91.8. | |||||
| CVE-2022-1097 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2022-12-29 | N/A | 6.5 MEDIUM |
| <code>NSSToken</code> objects were referenced via direct points, and could have been accessed in an unsafe way on different threads, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8. | |||||
| CVE-2022-22740 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2022-12-29 | N/A | 8.8 HIGH |
| Certain network request objects were freed too early when releasing a network request handle. This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. | |||||
| CVE-2022-46311 | 1 Huawei | 1 Harmonyos | 2022-12-24 | N/A | 7.5 HIGH |
| The contacts component has a free (undefined) provider vulnerability. Successful exploitation of this vulnerability may affect data integrity. | |||||
| CVE-2016-6931 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player Desktop Runtime, Mac Os X and 5 more | 2022-12-22 | 9.3 HIGH | 8.8 HIGH |
| Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, and CVE-2016-6932. | |||||
| CVE-2022-42520 | 1 Google | 1 Android | 2022-12-21 | N/A | 6.7 MEDIUM |
| In ServiceInterface::HandleRequest of serviceinterface.cpp, there is a possible use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242994270References: N/A | |||||
| CVE-2021-30469 | 3 Fedoraproject, Podofo Project, Redhat | 3 Fedora, Podofo, Enterprise Linux | 2022-12-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| A flaw was found in PoDoFo 0.9.7. An use-after-free in PoDoFo::PdfVecObjects::Clear() function can cause a denial of service via a crafted PDF file. | |||||
| CVE-2021-4022 | 1 Rizin | 1 Rizin | 2022-12-21 | N/A | 5.5 MEDIUM |
| A vulnerability was found in rizin. The bug involves an ELF64 binary for the HPPA architecture. When a specially crafted binarygets analysed by rizin, it causes rizin to crash by freeing an uninitialized (and potentially user controlled, depending on the build) memory address. | |||||