CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (Memory Corruption)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2022-47967 119 Exec Code Overflow Mem. Corr. 2023-01-10 2023-01-17
0.0
None ??? ??? ??? ??? ??? ???
A vulnerability has been identified in Solid Edge (All versions < V2023 MP1). The DOCMGMT.DLL contains a memory corruption vulnerability that could be triggered while parsing files in different file formats such as PAR, ASM, DFT. This could allow an attacker to execute code in the context of the current process.
2 CVE-2022-47935 119 Exec Code Overflow Mem. Corr. 2023-01-10 2023-01-17
0.0
None ??? ??? ??? ??? ??? ???
A vulnerability has been identified in JT Open (All versions < V11.1.1.0), JT Utilities (All versions < V13.1.1.0), Solid Edge (All versions < V2023). The Jt1001.dll contains a memory corruption vulnerability while parsing specially crafted JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-19078)
3 CVE-2022-46885 787 Mem. Corr. 2022-12-22 2023-01-04
0.0
None ??? ??? ??? ??? ??? ???
Mozilla developers Timothy Nikkel, Ashley Hale, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 105. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 106.
4 CVE-2022-46883 Mem. Corr. 2022-12-22 2023-01-04
0.0
None ??? ??? ??? ??? ??? ???
Mozilla developers Gabriele Svelto, Yulia Startsev, Andrew McCreight and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 106. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.<br />*Note*: This advisory was added on December 13th, 2022 after discovering it was inadvertently left out of the original advisory. The fix was included in the original release of Firefox 107. This vulnerability affects Firefox < 107.
5 CVE-2022-46881 Mem. Corr. 2022-12-22 2023-01-04
0.0
None ??? ??? ??? ??? ??? ???
An optimization in WebGL was incorrect in some cases, and could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 106, Firefox ESR < 102.6, and Thunderbird < 102.6.
6 CVE-2022-46879 Mem. Corr. 2022-12-22 2023-01-04
0.0
None ??? ??? ??? ??? ??? ???
Mozilla developers and community members Lukas Bernhard, Gabriele Svelto, Randell Jesup, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 107. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 108.
7 CVE-2022-46878 Mem. Corr. 2022-12-22 2023-01-04
0.0
None ??? ??? ??? ??? ??? ???
Mozilla developers Randell Jesup, Valentin Gosu, Olli Pettay, and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 108, Firefox ESR < 102.6, and Thunderbird < 102.6.
8 CVE-2022-46700 787 Exec Code Mem. Corr. 2022-12-15 2023-01-09
0.0
None ??? ??? ??? ??? ??? ???
A memory corruption issue was addressed with improved input validation. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution.
9 CVE-2022-46699 787 Exec Code Mem. Corr. 2022-12-15 2023-01-09
0.0
None ??? ??? ??? ??? ??? ???
A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution.
10 CVE-2022-46696 787 Exec Code Mem. Corr. 2022-12-15 2023-01-09
0.0
None ??? ??? ??? ??? ??? ???
A memory corruption issue was addressed with improved input validation. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution.
11 CVE-2022-45869 362 DoS Mem. Corr. 2022-11-30 2022-12-05
0.0
None ??? ??? ??? ??? ??? ???
A race condition in the x86 KVM subsystem in the Linux kernel through 6.1-rc6 allows guest OS users to cause a denial of service (host OS crash or host OS memory corruption) when nested virtualisation and the TDP MMU are enabled.
12 CVE-2022-45421 Mem. Corr. 2022-12-22 2023-01-04
0.0
None ??? ??? ??? ??? ??? ???
Mozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs present in Thunderbird 102.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.
13 CVE-2022-44898 787 DoS Mem. Corr. 2022-12-14 2022-12-16
0.0
None ??? ??? ??? ??? ??? ???
The MsIo64.sys component in Asus Aura Sync through v1.07.79 does not properly validate input to IOCTL 0x80102040, 0x80102044, 0x80102050, and 0x80102054, allowing attackers to trigger a memory corruption and cause a Denial of Service (DoS) or escalate privileges via crafted IOCTL requests.
14 CVE-2022-44789 119 Exec Code Overflow Mem. Corr. 2022-11-23 2022-12-20
0.0
None ??? ??? ??? ??? ??? ???
A logical issue in O_getOwnPropertyDescriptor() in Artifex MuJS 1.0.0 through 1.3.x before 1.3.2 allows an attacker to achieve Remote Code Execution through memory corruption, via the loading of a crafted JavaScript file.
15 CVE-2022-44650 787 Exec Code Mem. Corr. 2022-12-12 2022-12-13
0.0
None ??? ??? ??? ??? ??? ???
A memory corruption vulnerability in the Unauthorized Change Prevention service of Trend Micro Apex One and Apex One as a Service could allow a local attacker to elevate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
16 CVE-2022-43598 122 Exec Code Mem. Corr. 2022-12-22 2022-12-30
0.0
None ??? ??? ??? ??? ??? ???
Multiple memory corruption vulnerabilities exist in the IFFOutput alignment padding functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to arbitrary code execution. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `m_spec.format` is `TypeDesc::UINT16`.
17 CVE-2022-43597 122 Exec Code Mem. Corr. 2022-12-22 2022-12-30
0.0
None ??? ??? ??? ??? ??? ???
Multiple memory corruption vulnerabilities exist in the IFFOutput alignment padding functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to arbitrary code execution. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `m_spec.format` is `TypeDesc::UINT8`.
18 CVE-2022-42944 787 Exec Code Mem. Corr. 2022-10-21 2022-10-24
0.0
None ??? ??? ??? ??? ??? ???
A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
19 CVE-2022-42943 787 Exec Code Mem. Corr. 2022-10-21 2022-10-24
0.0
None ??? ??? ??? ??? ??? ???
A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
20 CVE-2022-42942 787 Exec Code Mem. Corr. 2022-10-21 2022-10-24
0.0
None ??? ??? ??? ??? ??? ???
A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
21 CVE-2022-42941 787 Exec Code Mem. Corr. 2022-10-21 2022-10-24
0.0
None ??? ??? ??? ??? ??? ???
A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
22 CVE-2022-42940 787 Exec Code Mem. Corr. 2022-10-21 2022-10-24
0.0
None ??? ??? ??? ??? ??? ???
A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
23 CVE-2022-42939 787 Exec Code Mem. Corr. 2022-10-21 2022-10-24
0.0
None ??? ??? ??? ??? ??? ???
A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
24 CVE-2022-42938 787 Exec Code Mem. Corr. 2022-10-21 2022-10-24
0.0
None ??? ??? ??? ??? ??? ???
A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
25 CVE-2022-42937 787 Exec Code Mem. Corr. 2022-10-21 2022-10-24
0.0
None ??? ??? ??? ??? ??? ???
A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
26 CVE-2022-42936 787 Exec Code Mem. Corr. 2022-10-21 2022-10-24
0.0
None ??? ??? ??? ??? ??? ???
A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
27 CVE-2022-42935 787 Exec Code Mem. Corr. 2022-10-21 2022-10-24
0.0
None ??? ??? ??? ??? ??? ???
A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
28 CVE-2022-42934 787 Exec Code Mem. Corr. 2022-10-21 2022-10-24
0.0
None ??? ??? ??? ??? ??? ???
A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
29 CVE-2022-42933 787 Exec Code Mem. Corr. 2022-10-21 2022-10-24
0.0
None ??? ??? ??? ??? ??? ???
A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
30 CVE-2022-42932 Mem. Corr. 2022-12-22 2023-01-04
0.0
None ??? ??? ??? ??? ??? ???
Mozilla developers Ashley Hale and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 102.4, Firefox ESR < 102.4, and Firefox < 106.
31 CVE-2022-42928 Mem. Corr. 2022-12-22 2023-01-04
0.0
None ??? ??? ??? ??? ??? ???
Certain types of allocations were missing annotations that, if the Garbage Collector was in a specific state, could have lead to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 102.4, Firefox ESR < 102.4, and Firefox < 106.
32 CVE-2022-42863 787 Exec Code Mem. Corr. 2022-12-15 2023-01-09
0.0
None ??? ??? ??? ??? ??? ???
A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution.
33 CVE-2022-42820 Exec Code Mem. Corr. 2022-11-01 2022-11-03
0.0
None ??? ??? ??? ??? ??? ???
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app may cause unexpected app termination or arbitrary code execution.
34 CVE-2022-42775 667 DoS Mem. Corr. 2022-12-06 2022-12-08
0.0
None ??? ??? ??? ??? ??? ???
In camera driver, there is a possible memory corruption due to improper locking. This could lead to local denial of service in kernel.
35 CVE-2022-42754 416 DoS Mem. Corr. 2022-12-06 2022-12-07
0.0
None ??? ??? ??? ??? ??? ???
In npu driver, there is a memory corruption due to a use after free. This could lead to local denial of service in kernel.
36 CVE-2022-42519 787 Exec Code Mem. Corr. 2022-12-16 2022-12-21
0.0
None ??? ??? ??? ??? ??? ???
In CdmaBroadcastSmsConfigsRequestData::encode of cdmasmsdata.cpp, there is a possible stack clash leading to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242540694References: N/A
37 CVE-2022-42377 Exec Code Mem. Corr. 2023-01-26 2023-01-26
0.0
None ??? ??? ??? ??? ??? ???
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18630.
38 CVE-2022-42309 763 Mem. Corr. 2022-11-01 2022-11-29
0.0
None ??? ??? ??? ??? ??? ???
Xenstore: Guests can crash xenstored Due to a bug in the fix of XSA-115 a malicious guest can cause xenstored to use a wrong pointer during node creation in an error path, resulting in a crash of xenstored or a memory corruption in xenstored causing further damage. Entering the error path can be controlled by the guest e.g. by exceeding the quota value of maximum nodes per domain.
39 CVE-2022-41992 787 Mem. Corr. 2022-12-16 2022-12-22
0.0
None ??? ??? ??? ??? ??? ???
A memory corruption vulnerability exists in the VHD File Format parsing CXSPARSE record functionality of PowerISO PowerISO 8.3. A specially-crafted file can lead to an out-of-bounds write. A victim needs to open a malicious file to trigger this vulnerability.
40 CVE-2022-41837 787 Mem. Corr. 2022-12-22 2022-12-30
0.0
None ??? ??? ??? ??? ??? ???
An out-of-bounds write vulnerability exists in the OpenImageIO::add_exif_item_to_spec functionality of OpenImageIO Project OpenImageIO v2.4.4.2. Specially-crafted exif metadata can lead to stack-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability.
41 CVE-2022-41745 125 Exec Code Mem. Corr. 2022-10-10 2022-10-11
0.0
None ??? ??? ??? ??? ??? ???
An Out-of-Bounds access vulnerability in Trend Micro Apex One could allow a local attacker to create a specially crafted message to cause memory corruption on a certain service process which could lead to local privilege escalation on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
42 CVE-2022-41686 125 Mem. Corr. 2022-10-14 2022-10-17
0.0
None ??? ??? ??? ??? ??? ???
OpenHarmony-v3.1.2 and prior versions, 3.0.6 and prior versions have an Out-of-bound memory read and write vulnerability in /dev/mmz_userdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could read out-of-bound memory leading sensitive to information disclosure. The processes with system user UID run on the device would be able to write out-of-bound memory which could lead to unspecified memory corruption.
43 CVE-2022-41639 122 Exec Code Overflow Mem. Corr. 2022-12-22 2023-01-06
0.0
None ??? ??? ??? ??? ??? ???
A heap based buffer overflow vulnerability exists in tile decoding code of TIFF image parser in OpenImageIO master-branch-9aeece7a and v2.3.19.0. A specially-crafted TIFF file can lead to an out of bounds memory corruption, which can result in arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
44 CVE-2022-41310 787 Exec Code Mem. Corr. 2022-10-21 2022-10-24
0.0
None ??? ??? ??? ??? ??? ???
A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
45 CVE-2022-41309 787 Exec Code Mem. Corr. 2022-10-21 2022-10-24
0.0
None ??? ??? ??? ??? ??? ???
A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
46 CVE-2022-41308 787 Exec Code Mem. Corr. 2022-10-14 2022-10-19
0.0
None ??? ??? ??? ??? ??? ???
A maliciously crafted PKT file when consumed through SubassemblyComposer.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
47 CVE-2022-41307 787 Exec Code Mem. Corr. 2022-10-14 2022-10-19
0.0
None ??? ??? ??? ??? ??? ???
A maliciously crafted PKT file when consumed through SubassemblyComposer.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
48 CVE-2022-41306 787 Exec Code Mem. Corr. 2022-10-14 2022-10-19
0.0
None ??? ??? ??? ??? ??? ???
A maliciously crafted PCT file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
49 CVE-2022-41305 787 Exec Code Mem. Corr. 2022-10-14 2022-10-18
0.0
None ??? ??? ??? ??? ??? ???
A maliciously crafted PKT file when consumed through SubassemblyComposer.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
50 CVE-2022-41301 787 Exec Code Mem. Corr. 2022-10-03 2022-12-09
0.0
None ??? ??? ??? ??? ??? ???
A maliciously crafted PKT file when consumed through SubassemblyComposer.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.