Total
4506 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-20292 | 4 Debian, Fedoraproject, Linux and 1 more | 4 Debian Linux, Fedora, Linux Kernel and 1 more | 2023-07-28 | 7.2 HIGH | 6.7 MEDIUM |
| There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveau_sgdma.c in nouveau_sgdma_create_ttm in Nouveau DRM subsystem. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker with a local account with a root privilege, can leverage this vulnerability to escalate privileges and execute code in the context of the kernel. | |||||
| CVE-2021-20226 | 2 Linux, Netapp | 2 Linux Kernel, Cloud Backup | 2023-07-28 | 6.1 MEDIUM | 7.8 HIGH |
| A use-after-free flaw was found in the io_uring in Linux kernel, where a local attacker with a user privilege could cause a denial of service problem on the system The issue results from the lack of validating the existence of an object prior to performing operations on the object by not incrementing the file reference counter while in use. The highest threat from this vulnerability is to data integrity, confidentiality and system availability. | |||||
| CVE-2023-36833 | 1 Juniper | 5 Junos Os Evolved, Ptx10001-36mr, Ptx10004 and 2 more | 2023-07-27 | N/A | 6.5 MEDIUM |
| A Use After Free vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS Evolved on PTX10001-36MR, and PTX10004, PTX10008, PTX10016 with LC1201/1202 allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS). The process 'aftman-bt' will crash after multiple flaps on a multicast-only fast reroute (MoFRR) enabled interface. This will cause the respective FPC to stop forwarding traffic and it needs to be rebooted to restore the service. An indication that the system experienced this issue is the following log message: <date> <hostname> evo-aftmand-bt[<pid>]: [Error] jexpr_fdb: sanity check failed, ... , app_name L3 Mcast Routes This issue affects Juniper Networks Junos OS Evolved on PTX10001-36MR, PTX10004, PTX10008, PTX10016 with LC1201/1202: 21.2 version 21.2R1-EVO and later versions; 21.3 version 21.3R1-EVO and later versions; 21.4 versions prior to 21.4R3-S3-EVO; 22.1 version 22.1R1-EVO and later versions; 22.2 versions prior to 22.2R3-S2-EVO; 22.3 versions prior to 22.3R3-EVO; 22.4 versions prior to 22.4R1-S2-EVO, 22.4R2-EVO. | |||||
| CVE-2023-32412 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-07-27 | N/A | 9.8 CRITICAL |
| A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. A remote attacker may be able to cause unexpected app termination or arbitrary code execution. | |||||
| CVE-2023-32398 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-07-27 | N/A | 7.8 HIGH |
| A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2023-32387 | 1 Apple | 1 Macos | 2023-07-27 | N/A | 9.8 CRITICAL |
| A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution. | |||||
| CVE-2023-27969 | 1 Apple | 5 Ipad Os, Iphone Os, Macos and 2 more | 2023-07-27 | N/A | 7.8 HIGH |
| A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4, watchOS 9.4. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2023-23514 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2023-07-27 | N/A | 7.8 HIGH |
| A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.2.1, macOS Big Sur 11.7.5. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2023-33866 | 1 Foxit | 1 Pdf Reader | 2023-07-26 | N/A | 8.8 HIGH |
| A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.1.2.15332. By prematurely deleting objects associated with pages, a specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled. | |||||
| CVE-2023-28744 | 1 Foxit | 1 Pdf Reader | 2023-07-26 | N/A | 8.8 HIGH |
| A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.1.1.15289. A specially crafted PDF document can trigger the reuse of previously freed memory by manipulating form fields of a specific type. This can lead to memory corruption and arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled. | |||||
| CVE-2023-27379 | 1 Foxit | 1 Pdf Reader | 2023-07-26 | N/A | 8.8 HIGH |
| A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.1.2.15332. By prematurely deleting objects associated with pages, a specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled. | |||||
| CVE-2023-2912 | 1 Secomea | 1 Sitemanager Embedded | 2023-07-26 | N/A | 7.5 HIGH |
| Use After Free vulnerability in Secomea SiteManager Embedded allows Obstruction. | |||||
| CVE-2022-41222 | 4 Canonical, Debian, Linux and 1 more | 4 Ubuntu Linux, Debian Linux, Linux Kernel and 1 more | 2023-07-21 | N/A | 7.0 HIGH |
| mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move. | |||||
| CVE-2023-35693 | 1 Google | 1 Android | 2023-07-20 | N/A | 6.7 MEDIUM |
| In incfs_kill_sb of fs/incfs/vfs.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-2763 | 1 3ds | 1 3dexperience Solidworks | 2023-07-20 | N/A | 7.8 HIGH |
| Use-After-Free, Out-of-bounds Write and Heap-based Buffer Overflow vulnerabilities exist in the DWG and DXF file reading procedure in SOLIDWORKS Desktop from Release SOLIDWORKS 2021 through Release SOLIDWORKS 2023. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted DWG or DXF file. | |||||
| CVE-2023-2762 | 1 3ds | 1 3dexperience Solidworks | 2023-07-20 | N/A | 7.8 HIGH |
| A Use-After-Free vulnerability in SLDPRT file reading procedure exists in SOLIDWORKS Desktop from Release SOLIDWORKS 2021 through Release SOLIDWORKS 2023. This vulnerability could allow an attacker to execute arbitrary code while opening a specially crafted SLDPRT file. | |||||
| CVE-2018-5873 | 2 Google, Linux | 2 Android, Linux Kernel | 2023-07-19 | 6.9 MEDIUM | 7.0 HIGH |
| An issue was discovered in the __ns_get_path function in fs/nsfs.c in the Linux kernel before 4.11. Due to a race condition when accessing files, a Use After Free condition can occur. This also affects all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05. | |||||
| CVE-2023-1902 | 1 Zephyrproject | 1 Zephyr | 2023-07-17 | N/A | 8.0 HIGH |
| The bluetooth HCI host layer logic not clearing a global reference to a state pointer after handling connection events may allow a malicious HCI Controller to cause the use of a dangling reference in the host layer, leading to a crash (DoS) or potential RCE on the Host layer. | |||||
| CVE-2023-20893 | 1 Vmware | 1 Vcenter Server | 2023-07-13 | N/A | 9.8 CRITICAL |
| The VMware vCenter Server contains a use-after-free vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may exploit this issue to execute arbitrary code on the underlying operating system that hosts vCenter Server. | |||||
| CVE-2021-32495 | 1 Radare | 1 Radare2 | 2023-07-13 | N/A | 9.1 CRITICAL |
| Radare2 has a use-after-free vulnerability in pyc parser's get_none_object function. Attacker can read freed memory afterwards. This will allow attackers to cause denial of service. | |||||