# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2023-22402 |
416 |
|
DoS |
2023-01-13 |
2023-01-20 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
A Use After Free vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). In a Non Stop Routing (NSR) scenario, an unexpected kernel restart might be observed if "bgp auto-discovery" is enabled and if there is a BGP neighbor flap of auto-discovery sessions for any reason. This is a race condition which is outside of an attackers direct control and it depends on system internal timing whether this issue occurs. This issue affects Juniper Networks Junos OS Evolved: 21.3 versions prior to 21.3R3-EVO; 21.4 versions prior to 21.4R2-EVO; 22.1 versions prior to 22.1R2-EVO; 22.2 versions prior to 22.2R1-S1-EVO, 22.2R2-EVO. |
2 |
CVE-2023-21608 |
416 |
|
Exec Code |
2023-01-18 |
2023-01-26 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
3 |
CVE-2023-21601 |
416 |
|
Bypass |
2023-01-18 |
2023-01-25 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Adobe Dimension version 3.4.6 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
4 |
CVE-2023-21598 |
416 |
|
Bypass |
2023-01-13 |
2023-01-23 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Adobe InCopy versions 18.0 (and earlier), 17.4 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
5 |
CVE-2023-0358 |
416 |
|
|
2023-01-18 |
2023-01-25 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Use After Free in GitHub repository gpac/gpac prior to 2.3.0-DEV. |
6 |
CVE-2023-0135 |
416 |
|
|
2023-01-10 |
2023-01-13 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Use after free in Cart in Google Chrome prior to 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via database corruption and a crafted HTML page. (Chromium security severity: Medium) |
7 |
CVE-2023-0134 |
416 |
|
|
2023-01-10 |
2023-01-13 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Use after free in Cart in Google Chrome prior to 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via database corruption and a crafted HTML page. (Chromium security severity: Medium) |
8 |
CVE-2023-0128 |
416 |
|
|
2023-01-10 |
2023-01-13 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Use after free in Overview Mode in Google Chrome on Chrome OS prior to 109.0.5414.74 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
9 |
CVE-2022-47946 |
416 |
|
DoS |
2022-12-23 |
2023-01-04 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
An issue was discovered in the Linux kernel 5.10.x before 5.10.155. A use-after-free in io_sqpoll_wait_sq in fs/io_uring.c allows an attacker to crash the kernel, resulting in denial of service. finish_wait can be skipped. An attack can occur in some situations by forking a process and then quickly terminating it. NOTE: later kernel versions, such as the 5.15 longterm series, substantially changed the implementation of io_sqpoll_wait_sq. |
10 |
CVE-2022-47939 |
416 |
|
|
2022-12-23 |
2023-01-23 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2pdu.c has a use-after-free and OOPS for SMB2_TREE_DISCONNECT. |
11 |
CVE-2022-47093 |
416 |
|
|
2023-01-05 |
2023-01-11 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to heap use-after-free via filters/dmx_m2ts.c:470 in m2tsdmx_declare_pid |
12 |
CVE-2022-46891 |
416 |
|
+Priv |
2023-01-17 |
2023-01-24 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
An issue was discovered in the Arm Mali GPU Kernel Driver. There is a use-after-free. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r13p0 through r32p0, Bifrost r1p0 through r40p0, and Valhall r19p0 through r40p0. |
13 |
CVE-2022-46882 |
416 |
|
|
2022-12-22 |
2023-01-04 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
A use-after-free in WebGL extensions could have led to a potentially exploitable crash. This vulnerability affects Firefox < 107, Firefox ESR < 102.6, and Thunderbird < 102.6. |
14 |
CVE-2022-46880 |
416 |
|
|
2022-12-22 |
2023-01-04 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
A missing check related to tex units could have led to a use-after-free and potentially exploitable crash.<br />*Note*: This advisory was added on December 13th, 2022 after we better understood the impact of the issue. The fix was included in the original release of Firefox 105. This vulnerability affects Firefox ESR < 102.6, Firefox < 105, and Thunderbird < 102.6. |
15 |
CVE-2022-46343 |
416 |
|
Exec Code |
2022-12-14 |
2022-12-27 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
A vulnerability was found in X.Org. This security flaw occurs because the handler for the ScreenSaverSetAttributes request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions. |
16 |
CVE-2022-46342 |
416 |
|
|
2022-12-14 |
2022-12-27 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
A vulnerability was found in X.Org. This security flaw occurs because the handler for the XvdiSelectVideoNotify request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X se |
17 |
CVE-2022-46311 |
416 |
|
|
2022-12-20 |
2022-12-24 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The contacts component has a free (undefined) provider vulnerability. Successful exploitation of this vulnerability may affect data integrity. |
18 |
CVE-2022-46282 |
416 |
|
Exec Code |
2022-12-21 |
2022-12-30 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Use after free vulnerability in CX-Drive V3.00 and earlier allows a local attacker to execute arbitrary code by having a user to open a specially crafted file, |
19 |
CVE-2022-45919 |
416 |
|
|
2022-11-27 |
2023-01-13 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there is a disconnect after an open, because of the lack of a wait_event. |
20 |
CVE-2022-45474 |
416 |
|
|
2022-11-18 |
2022-11-28 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
drachtio-server 0.8.18 has a request-handler.cpp event_cb use-after-free for any request. |
21 |
CVE-2022-45409 |
416 |
|
|
2022-12-22 |
2023-01-04 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The garbage collector could have been aborted in several states and zones and <code>GCRuntime::finishCollection</code> may not have been called, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. |
22 |
CVE-2022-45407 |
416 |
|
|
2022-12-22 |
2023-01-04 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
If an attacker loaded a font using <code>FontFace()</code> on a background worker, a use-after-free could have occurred, leading to a potentially exploitable crash. This vulnerability affects Firefox < 107. |
23 |
CVE-2022-45405 |
416 |
|
|
2022-12-22 |
2023-01-04 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Freeing arbitrary <code>nsIInputStream</code>'s on a different thread than creation could have led to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. |
24 |
CVE-2022-45343 |
416 |
|
|
2022-11-29 |
2022-12-01 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
GPAC v2.1-DEV-rev478-g696e6f868-master was discovered to contain a heap use-after-free via the Q_IsTypeOn function at /gpac/src/bifs/unquantize.c. |
25 |
CVE-2022-45146 |
416 |
|
|
2022-11-21 |
2022-11-30 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
An issue was discovered in the FIPS Java API of Bouncy Castle BC-FJA before 1.0.2.4. Changes to the JVM garbage collector in Java 13 and later trigger an issue in the BC-FJA FIPS modules where it is possible for temporary keys used by the module to be zeroed out while still in use by the module, resulting in errors or potential information loss. NOTE: FIPS compliant users are unaffected because the FIPS certification is only for Java 7, 8, and 11. |
26 |
CVE-2022-44547 |
416 |
|
|
2022-11-09 |
2022-11-10 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The Display Service module has a UAF vulnerability. Successful exploitation of this vulnerability may affect the display service availability. |
27 |
CVE-2022-43680 |
416 |
|
|
2022-10-24 |
2022-12-02 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. |
28 |
CVE-2022-43508 |
416 |
|
Exec Code |
2022-12-07 |
2022-12-09 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Use-after free vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead to information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. |
29 |
CVE-2022-43286 |
416 |
|
|
2022-10-28 |
2022-10-31 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Nginx NJS v0.7.2 was discovered to contain a heap-use-after-free bug caused by illegal memory copy in the function njs_json_parse_iterator_call at njs_json.c. |
30 |
CVE-2022-43033 |
416 |
|
DoS |
2022-10-19 |
2022-10-21 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
An issue was discovered in Bento4 1.6.0-639. There is a bad free in the component AP4_HdlrAtom::~AP4_HdlrAtom() which allows attackers to cause a Denial of Service (DoS) via a crafted input. |
31 |
CVE-2022-42896 |
416 |
|
Exec Code |
2022-11-23 |
2022-11-28 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively) remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via Bluetooth if within proximity of the victim. We recommend upgrading past commit https://www.google.com/url https://github.com/torvalds/linux/commit/711f8c3fb3db61897080468586b970c87c61d9e4 https://www.google.com/url |
32 |
CVE-2022-42867 |
416 |
|
Exec Code |
2022-12-15 |
2023-01-09 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution. |
33 |
CVE-2022-42829 |
416 |
|
Exec Code |
2022-11-01 |
2023-01-09 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app with root privileges may be able to execute arbitrary code with kernel privileges. |
34 |
CVE-2022-42754 |
416 |
|
DoS Mem. Corr. |
2022-12-06 |
2022-12-07 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
In npu driver, there is a memory corruption due to a use after free. This could lead to local denial of service in kernel. |
35 |
CVE-2022-42720 |
416 |
|
Exec Code |
2022-10-14 |
2022-11-21 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code. |
36 |
CVE-2022-42719 |
416 |
|
Exec Code |
2022-10-13 |
2023-01-17 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code. |
37 |
CVE-2022-42716 |
416 |
|
+Priv |
2022-12-12 |
2023-01-10 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
An issue was discovered in the Arm Mali GPU Kernel Driver. There is a use-after-free. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Valhall r29p0 through r40P0. |
38 |
CVE-2022-42705 |
416 |
|
DoS |
2022-12-05 |
2022-12-07 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
A use-after-free in res_pjsip_pubsub.c in Sangoma Asterisk 16.28, 18.14, 19.6, and certified/18.9-cert2 may allow a remote authenticated attacker to crash Asterisk (denial of service) by performing activity on a subscription via a reliable transport at the same time that Asterisk is also performing activity on that subscription. |
39 |
CVE-2022-42703 |
416 |
|
|
2022-10-09 |
2022-12-08 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse. |
40 |
CVE-2022-42520 |
416 |
|
|
2022-12-16 |
2022-12-21 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
In ServiceInterface::HandleRequest of serviceinterface.cpp, there is a possible use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242994270References: N/A |
41 |
CVE-2022-41858 |
416 |
|
+Info |
2023-01-17 |
2023-01-23 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information. |
42 |
CVE-2022-41663 |
416 |
|
Exec Code |
2022-11-08 |
2023-01-20 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
A vulnerability has been identified in JT2Go (All versions < V14.1.0.4), Teamcenter Visualization V13.3 (All versions < V13.3.0.7), Teamcenter Visualization V14.0 (All versions < V14.0.0.3), Teamcenter Visualization V14.1 (All versions < V14.1.0.4). The affected applications contain a use-after-free vulnerability that could be triggered while parsing specially crafted CGM files. An attacker could leverage this vulnerability to execute code in the context of the current process. |
43 |
CVE-2022-41303 |
416 |
|
|
2022-10-14 |
2022-10-19 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
A user may be tricked into opening a malicious FBX file which may exploit a use-after-free vulnerability in Autodesk FBX SDK 2020 version causing the application to reference a memory location controlled by an unauthorized third party, thereby running arbitrary code on the system. |
44 |
CVE-2022-41285 |
416 |
|
Exec Code |
2022-12-13 |
2022-12-15 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
A vulnerability has been identified in JT2Go (All versions), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains a use-after-free vulnerability that could be triggered while parsing specially crafted CGM files. An attacker could leverage this vulnerability to execute code in the context of the current process. |
45 |
CVE-2022-41222 |
416 |
|
|
2022-09-21 |
2022-11-07 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move. |
46 |
CVE-2022-41218 |
416 |
|
|
2022-09-21 |
2023-01-26 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release. |
47 |
CVE-2022-40960 |
416 |
|
|
2022-12-22 |
2023-01-04 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Concurrent use of the URL parser with non-UTF-8 data was not thread-safe. This could lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105. |
48 |
CVE-2022-40674 |
416 |
|
|
2022-09-14 |
2022-11-22 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. |
49 |
CVE-2022-40639 |
416 |
|
Exec Code |
2022-09-15 |
2022-09-19 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim 2022 R1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17207. |
50 |
CVE-2022-40638 |
416 |
|
Exec Code |
2022-09-15 |
2022-09-19 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim 2022 R1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of X_B files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17102. |