Skip to main content

Use After Free

6128 CVEs technique

Monthly

CVE-2022-3449 HIGH This Week

Use after free in Safe Browsing in Google Chrome prior to 106.0.5249.119 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Use After Free Denial Of Service Memory Corruption Chrome
NVD VulDB
CVSS 3.1
8.8
EPSS
0.4%
CVE-2022-3448 HIGH This Week

Use after free in Permissions API in Google Chrome prior to 106.0.5249.119 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Use After Free Denial Of Service Memory Corruption Chrome
NVD VulDB
CVSS 3.1
8.8
EPSS
0.7%
CVE-2022-3445 HIGH This Week

Use after free in Skia in Google Chrome prior to 106.0.5249.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Use After Free Denial Of Service Memory Corruption Chrome
NVD VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2022-3888 HIGH This Week

Use after free in WebCodecs in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Use After Free Denial Of Service Memory Corruption Chrome +1
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2022-3887 HIGH This Week

Use after free in Web Workers in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Use After Free Denial Of Service Memory Corruption Chrome +1
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2022-3886 HIGH This Week

Use after free in Speech Recognition in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Use After Free Denial Of Service Memory Corruption Chrome +1
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2022-3885 HIGH This Week

Use after free in V8 in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Use After Free Denial Of Service Memory Corruption Chrome +1
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2022-20447 MEDIUM This Month

In PAN_WriteBuf of pan_api.cc, there is a possible out of bounds read due to a use after free. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Google Buffer Overflow Information Disclosure Use After Free +2
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2022-32607 MEDIUM This Month

In aee, there is a possible use after free due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Use After Free Denial Of Service Memory Corruption Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-41663 HIGH This Week

A vulnerability has been identified in JT2Go (All versions < V14.1.0.4), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.7),. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Use After Free Memory Corruption Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-3659 HIGH This Week

Use after free in Accessibility in Google Chrome on Chrome OS prior to 107.0.5304.62 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service Use After Free Chrome
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2022-3658 HIGH POC This Week

Use after free in Feedback service on Chrome OS in Google Chrome on Chrome OS prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Google Denial Of Service Use After Free Chrome
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2022-3657 HIGH This Week

Use after free in Extensions in Google Chrome prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service Use After Free Chrome
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2022-3654 HIGH This Week

Use after free in Layout in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service Use After Free Chrome
NVD
CVSS 3.1
8.8
EPSS
23.8%
CVE-2022-42829 MEDIUM This Month

A use after free issue was addressed with improved memory management. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Apple Denial Of Service Memory Corruption RCE Use After Free +3
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2022-3314 MEDIUM This Month

Use after free in logging in Google Chrome prior to 106.0.5249.62 allowed a remote attacker who had compromised a WebUI process to potentially perform a sandbox escape via a crafted HTML page. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service Use After Free Chrome
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2022-3311 MEDIUM This Month

Use after free in import in Google Chrome prior to 106.0.5249.62 allowed a remote attacker who had compromised a WebUI process to potentially perform a sandbox escape via a crafted HTML page. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service Use After Free Chrome
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2022-3309 MEDIUM POC This Month

Use after free in assistant in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Google Denial Of Service Use After Free Chrome
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2022-3306 HIGH This Week

Use after free in survey in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service Use After Free Chrome
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2022-3305 HIGH This Week

Use after free in survey in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service Use After Free Chrome
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2022-32922 HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Denial Of Service Memory Corruption RCE Use After Free +4
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2022-32914 HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Denial Of Service Memory Corruption RCE Use After Free +4
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-32903 HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Denial Of Service Memory Corruption RCE Use After Free +3
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-26717 HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Denial Of Service Memory Corruption Microsoft RCE +8
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2022-26710 HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Denial Of Service Memory Corruption RCE Use After Free +5
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2022-26709 HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Denial Of Service Memory Corruption RCE Use After Free +6
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2022-3304 HIGH This Week

Use after free in CSS in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service Use After Free Chrome
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2022-3370 HIGH This Week

Use after free in Custom Elements in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service Use After Free Chrome
NVD VulDB
CVSS 3.1
8.8
EPSS
0.7%
CVE-2022-43286 CRITICAL POC PATCH Act Now

Nginx NJS v0.7.2 was discovered to contain a heap-use-after-free bug caused by illegal memory copy in the function njs_json_parse_iterator_call at njs_json.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Information Disclosure Nginx Use After Free Njs
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-38181 HIGH POC KEV THREAT This Week

The Arm Mali GPU kernel driver allows unprivileged users to access freed memory because GPU memory operations are mishandled. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Information Disclosure Use After Free Bifrost Gpu Kernel Driver Midgard Gpu Kernel Driver +1
NVD GitHub
CVSS 3.1
8.8
EPSS
12.6%
CVE-2022-43680 HIGH POC This Week

In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Information Disclosure Use After Free Libexpat Debian Linux +10
NVD GitHub
CVSS 3.1
7.5
EPSS
2.3%
CVE-2022-39823 HIGH This Week

An issue was discovered in Softing OPC UA C++ SDK 5.66 through 6.x before 6.10. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Information Disclosure Use After Free Opc Opc Ua C Software Development Kit
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-3586 MEDIUM PATCH This Month

A flaw was found in the Linux kernel’s networking code. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Linux Denial Of Service Use After Free Linux Kernel +1
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.4%
CVE-2022-43033 MEDIUM POC This Month

An issue was discovered in Bento4 1.6.0-639. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Denial Of Service Use After Free Bento4
NVD GitHub
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-25723 HIGH PATCH This Week

Memory corruption in multimedia due to use after free during callback registration failure in Snapdragon Mobile. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Buffer Overflow Memory Corruption Qualcomm Use After Free +8
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-25666 MEDIUM PATCH This Month

Memory corruption due to use after free in service while trying to access maps by different threads in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT,. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Denial Of Service Buffer Overflow Memory Corruption Qualcomm Use After Free +148
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-22077 HIGH PATCH This Week

Memory corruption in graphics due to use-after-free in graphics dispatcher logic in Snapdragon Mobile. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Buffer Overflow Qualcomm Use After Free Sd 8 Gen1 5g Firmware +7
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-22208 MEDIUM This Month

A Use After Free vulnerability in the Routing Protocol Daemon (rdp) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker to cause Denial of Service. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Memory Corruption Juniper Denial Of Service Use After Free Junos +1
NVD
CVSS 3.1
5.9
EPSS
0.4%
CVE-2022-0699 CRITICAL POC PATCH Act Now

A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0 and older releases. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Denial Of Service Use After Free Shapelib
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-38448 HIGH PATCH This Week

Adobe Dimension versions 3.4.5 is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Memory Corruption RCE Adobe Use After Free +1
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-38447 HIGH PATCH This Week

Adobe Dimension versions 3.4.5 is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Memory Corruption RCE Adobe Use After Free +1
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-38446 HIGH PATCH This Week

Adobe Dimension versions 3.4.5 is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Memory Corruption RCE Adobe Use After Free +1
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-38445 HIGH PATCH This Week

Adobe Dimension versions 3.4.5 is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Memory Corruption RCE Adobe Use After Free +1
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-38444 HIGH PATCH This Week

Adobe Dimension versions 3.4.5 is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Memory Corruption RCE Adobe Use After Free +1
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-38442 HIGH PATCH This Week

Adobe Dimension versions 3.4.5 is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Memory Corruption RCE Adobe Use After Free +1
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-38437 MEDIUM This Month

Adobe Acrobat Reader versions 22.002.20212 (and earlier) and 20.005.30381 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service Adobe Use After Free Acrobat Dc +3
NVD
CVSS 3.1
5.5
EPSS
2.6%
CVE-2022-41303 HIGH PATCH This Week

A user may be tricked into opening a malicious FBX file which may exploit a use-after-free vulnerability in Autodesk FBX SDK 2020 version causing the application to reference a memory location. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Fbx Software Development Kit
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-38983 CRITICAL Act Now

The BT Hfp Client module has a Use-After-Free (UAF) vulnerability.Successful exploitation of this vulnerability may result in arbitrary code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Emui Harmonyos
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2022-42720 HIGH POC PATCH This Week

Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Memory Corruption Linux Code Injection Use After Free Linux Kernel +2
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2022-42719 HIGH POC PATCH This Week

A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Linux Denial Of Service Use After Free Linux Kernel +2
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2022-20421 HIGH PATCH This Week

In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Google Privilege Escalation Memory Corruption Use After Free +2
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-20409 MEDIUM PATCH This Month

In io_identity_cow of io_uring.c, there is a possible way to corrupt memory due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Denial Of Service Google Privilege Escalation Memory Corruption Use After Free +1
NVD
CVSS 3.1
6.7
EPSS
0.6%
CVE-2022-42703 MEDIUM POC PATCH This Month

mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Memory Corruption Information Disclosure Linux Use After Free Linux Kernel
NVD GitHub
CVSS 3.1
5.5
EPSS
1.0%
CVE-2022-39853 HIGH This Week

A use after free vulnerability in perf-mgr driver prior to SMR Oct-2022 Release 1 allows attacker to cause memory access fault. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service Use After Free Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-39847 MEDIUM This Month

Use after free vulnerability in set_nft_pid and signal_handler function of NFC driver prior to SMR Oct-2022 Release 1 allows attackers to perform malicious actions. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service Use After Free Android
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2022-3352 HIGH POC PATCH This Week

Use After Free in GitHub repository vim/vim prior to 9.0.0614. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Denial Of Service Use After Free Vim Fedora +1
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-40278 HIGH POC This Week

An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Samsung Denial Of Service Use After Free Tizenrt
NVD GitHub
CVSS 3.1
7.5
EPSS
1.3%
CVE-2022-38222 HIGH POC This Week

There is a use-after-free issue in JBIG2Stream::close() located in JBIG2Stream.cc in Xpdf 4.04. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Denial Of Service Use After Free Xpdf
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-22058 HIGH PATCH This Week

Memory corruption due to use after free issue in kernel while processing ION handles in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Buffer Overflow Memory Corruption Qualcomm Use After Free +79
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-3199 HIGH This Week

Use after free in Frames in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service Use After Free Chrome +1
NVD
CVSS 3.1
8.8
EPSS
1.9%
CVE-2022-3198 HIGH This Week

Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service Use After Free Chrome +1
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2022-3197 HIGH This Week

Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service Use After Free Chrome +1
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2022-3196 HIGH This Week

Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service Use After Free Chrome +1
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2022-3058 HIGH PATCH This Week

Use after free in Sign-In Flow in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Memory Corruption Google Denial Of Service Use After Free Chrome +1
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2022-3055 HIGH PATCH This Week

Use after free in Passwords in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Memory Corruption Google Denial Of Service Use After Free Chrome +1
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2022-3046 HIGH This Week

Use after free in Browser Tag in Google Chrome prior to 105.0.5195.52 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service Use After Free Chrome +1
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2022-3041 HIGH This Week

Use after free in WebSQL in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service Use After Free Chrome +1
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2022-3039 HIGH This Week

Use after free in WebSQL in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service Use After Free Chrome +1
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2022-3038 HIGH POC KEV THREAT This Week

Use after free in Network Service in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Google Denial Of Service Use After Free Chrome +1
NVD
CVSS 3.1
8.8
EPSS
24.7%
CVE-2022-2998 HIGH This Week

Use after free in Browser Creation in Google Chrome prior to 104.0.5112.101 allowed a remote attacker who had convinced a user to engage in a specific UI interaction to potentially exploit heap. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service Use After Free Chrome
NVD
CVSS 3.1
8.8
EPSS
30.3%
CVE-2022-2859 HIGH PATCH This Week

Use after free in Chrome OS Shell in Google Chrome prior to 104.0.5112.101 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Memory Corruption Google Denial Of Service Use After Free Chrome +1
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2022-2858 HIGH PATCH This Week

Use after free in Sign-In Flow in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via specific UI interaction. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Memory Corruption Google Denial Of Service Use After Free Chrome +1
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2022-2855 HIGH PATCH This Week

Use after free in ANGLE in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Memory Corruption Google Denial Of Service Use After Free Chrome +1
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2022-2852 HIGH This Week

Use after free in FedCM in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service Use After Free Chrome +1
NVD
CVSS 3.1
8.8
EPSS
2.5%
CVE-2022-3297 HIGH POC PATCH This Week

Use After Free in GitHub repository vim/vim prior to 9.0.0579. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Denial Of Service Use After Free Vim Fedora
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-22628 HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Denial Of Service Memory Corruption RCE Use After Free +6
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2022-22624 HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Denial Of Service Memory Corruption RCE Use After Free +4
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2022-3256 HIGH POC PATCH This Week

Use After Free in GitHub repository vim/vim prior to 9.0.0530. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Denial Of Service Use After Free Vim Fedora +1
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-41222 HIGH POC PATCH This Week

mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move. Rated high severity (CVSS 7.0). Public exploit code available.

Memory Corruption Information Disclosure Linux Use After Free Linux Kernel +3
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2022-41218 MEDIUM POC This Month

In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Information Disclosure Linux Use After Free Linux Kernel +1
NVD
CVSS 3.1
5.5
EPSS
0.8%
CVE-2022-40009 CRITICAL POC Act Now

SWFTools commit 772e55a was discovered to contain a heap-use-after-free via the function grow_unicode at /lib/ttf.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Information Disclosure Use After Free Swftools
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-3239 HIGH PATCH This Week

A flaw use after free in the Linux kernel video4linux driver was found in the way user triggers em28xx_usb_probe() for the Empia 28xx based TV cards. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Memory Corruption Linux Denial Of Service Use After Free Linux Kernel
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-38425 MEDIUM PATCH This Month

Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Memory Corruption Denial Of Service Adobe Use After Free Bridge
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2022-35709 MEDIUM PATCH This Month

Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Memory Corruption Denial Of Service Adobe Use After Free Bridge
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2022-35704 HIGH PATCH This Week

Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Memory Corruption RCE Adobe Use After Free +1
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-3235 HIGH POC PATCH This Week

Use After Free in GitHub repository vim/vim prior to 9.0.0490. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Denial Of Service Use After Free Vim Fedora +1
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-38434 HIGH This Week

Adobe Photoshop versions 22.5.8 (and earlier) and 23.4.2 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Memory Corruption RCE Adobe Use After Free +1
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-38428 MEDIUM This Month

Adobe Photoshop versions 22.5.8 (and earlier) and 23.4.2 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service Adobe Use After Free Photoshop
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2022-3176 HIGH PATCH This Week

There exists a use-after-free in io_uring in the Linux kernel. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Information Disclosure Linux Use After Free Linux Kernel +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-25693 HIGH PATCH This Week

Memory corruption in graphics due to use-after-free while graphics profiling in Snapdragon Connectivity, Snapdragon Mobile. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Buffer Overflow Qualcomm Use After Free Sd 8 Gen1 5g Firmware +14
NVD
CVSS 3.1
7.8
EPSS
0.1%
EPSS 0% CVSS 8.8
HIGH This Week

Use after free in Safe Browsing in Google Chrome prior to 106.0.5249.119 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Use After Free Denial Of Service +2
NVD VulDB
EPSS 1% CVSS 8.8
HIGH This Week

Use after free in Permissions API in Google Chrome prior to 106.0.5249.119 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Use After Free Denial Of Service +2
NVD VulDB
EPSS 1% CVSS 8.8
HIGH This Week

Use after free in Skia in Google Chrome prior to 106.0.5249.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Use After Free Denial Of Service +2
NVD VulDB
EPSS 1% CVSS 8.8
HIGH This Week

Use after free in WebCodecs in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Use After Free Denial Of Service +3
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Use after free in Web Workers in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Use After Free Denial Of Service +3
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Use after free in Speech Recognition in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Use After Free Denial Of Service +3
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Use after free in V8 in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Use After Free Denial Of Service +3
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

In PAN_WriteBuf of pan_api.cc, there is a possible out of bounds read due to a use after free. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Google Buffer Overflow +4
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In aee, there is a possible use after free due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Use After Free Denial Of Service +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A vulnerability has been identified in JT2Go (All versions < V14.1.0.4), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.7),. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Use After Free Memory Corruption +2
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Use after free in Accessibility in Google Chrome on Chrome OS prior to 107.0.5304.62 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service +2
NVD
EPSS 0% CVSS 8.8
HIGH POC This Week

Use after free in Feedback service on Chrome OS in Google Chrome on Chrome OS prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Google Denial Of Service +2
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Use after free in Extensions in Google Chrome prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service +2
NVD
EPSS 24% CVSS 8.8
HIGH This Week

Use after free in Layout in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A use after free issue was addressed with improved memory management. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Apple Denial Of Service Memory Corruption +5
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Use after free in logging in Google Chrome prior to 106.0.5249.62 allowed a remote attacker who had compromised a WebUI process to potentially perform a sandbox escape via a crafted HTML page. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service +2
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Use after free in import in Google Chrome prior to 106.0.5249.62 allowed a remote attacker who had compromised a WebUI process to potentially perform a sandbox escape via a crafted HTML page. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service +2
NVD
EPSS 1% CVSS 6.5
MEDIUM POC This Month

Use after free in assistant in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Google Denial Of Service +2
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Use after free in survey in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service +2
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Use after free in survey in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service +2
NVD
EPSS 1% CVSS 8.8
HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Denial Of Service Memory Corruption +6
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Denial Of Service Memory Corruption +6
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Denial Of Service Memory Corruption +5
NVD
EPSS 1% CVSS 8.8
HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Denial Of Service Memory Corruption +10
NVD
EPSS 1% CVSS 8.8
HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Denial Of Service Memory Corruption +7
NVD
EPSS 1% CVSS 8.8
HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Denial Of Service Memory Corruption +8
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Use after free in CSS in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service +2
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Use after free in Custom Elements in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service +2
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

Nginx NJS v0.7.2 was discovered to contain a heap-use-after-free bug caused by illegal memory copy in the function njs_json_parse_iterator_call at njs_json.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Information Disclosure Nginx +2
NVD GitHub
EPSS 13% CVSS 8.8
HIGH POC KEV THREAT This Week

The Arm Mali GPU kernel driver allows unprivileged users to access freed memory because GPU memory operations are mishandled. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Information Disclosure Use After Free +3
NVD GitHub
EPSS 2% CVSS 7.5
HIGH POC This Week

In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Information Disclosure Use After Free +12
NVD GitHub
EPSS 1% CVSS 7.5
HIGH This Week

An issue was discovered in Softing OPC UA C++ SDK 5.66 through 6.x before 6.10. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Information Disclosure Use After Free +2
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

A flaw was found in the Linux kernel’s networking code. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Linux Denial Of Service +3
NVD GitHub VulDB
EPSS 1% CVSS 6.5
MEDIUM POC This Month

An issue was discovered in Bento4 1.6.0-639. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Denial Of Service Use After Free +1
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in multimedia due to use after free during callback registration failure in Snapdragon Mobile. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Buffer Overflow Memory Corruption +10
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Memory corruption due to use after free in service while trying to access maps by different threads in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT,. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Denial Of Service Buffer Overflow Memory Corruption +150
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in graphics due to use-after-free in graphics dispatcher logic in Snapdragon Mobile. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Buffer Overflow Qualcomm +9
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

A Use After Free vulnerability in the Routing Protocol Daemon (rdp) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker to cause Denial of Service. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Memory Corruption Juniper Denial Of Service +3
NVD
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0 and older releases. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Denial Of Service Use After Free +1
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Adobe Dimension versions 3.4.5 is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Memory Corruption RCE +3
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Adobe Dimension versions 3.4.5 is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Memory Corruption RCE +3
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Adobe Dimension versions 3.4.5 is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Memory Corruption RCE +3
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Adobe Dimension versions 3.4.5 is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Memory Corruption RCE +3
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Adobe Dimension versions 3.4.5 is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Memory Corruption RCE +3
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Adobe Dimension versions 3.4.5 is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Memory Corruption RCE +3
NVD
EPSS 3% CVSS 5.5
MEDIUM This Month

Adobe Acrobat Reader versions 22.002.20212 (and earlier) and 20.005.30381 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service Adobe +5
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A user may be tricked into opening a malicious FBX file which may exploit a use-after-free vulnerability in Autodesk FBX SDK 2020 version causing the application to reference a memory location. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

The BT Hfp Client module has a Use-After-Free (UAF) vulnerability.Successful exploitation of this vulnerability may result in arbitrary code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free +2
NVD
EPSS 1% CVSS 7.8
HIGH POC PATCH This Week

Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Memory Corruption Linux Code Injection +4
NVD
EPSS 1% CVSS 8.8
HIGH POC PATCH This Week

A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Linux Denial Of Service +4
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Google Privilege Escalation +4
NVD
EPSS 1% CVSS 6.7
MEDIUM PATCH This Month

In io_identity_cow of io_uring.c, there is a possible way to corrupt memory due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Denial Of Service Google Privilege Escalation +3
NVD
EPSS 1% CVSS 5.5
MEDIUM POC PATCH This Month

mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Memory Corruption Information Disclosure Linux +2
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Week

A use after free vulnerability in perf-mgr driver prior to SMR Oct-2022 Release 1 allows attacker to cause memory access fault. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service Use After Free +1
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Use after free vulnerability in set_nft_pid and signal_handler function of NFC driver prior to SMR Oct-2022 Release 1 allows attackers to perform malicious actions. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service Use After Free +1
NVD
EPSS 0% CVSS 7.8
HIGH POC PATCH This Week

Use After Free in GitHub repository vim/vim prior to 9.0.0614. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Denial Of Service Use After Free +3
NVD GitHub VulDB
EPSS 1% CVSS 7.5
HIGH POC This Week

An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Samsung Denial Of Service +2
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

There is a use-after-free issue in JBIG2Stream::close() located in JBIG2Stream.cc in Xpdf 4.04. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Denial Of Service Use After Free +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption due to use after free issue in kernel while processing ION handles in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Buffer Overflow Memory Corruption +81
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Use after free in Frames in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service +3
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service +3
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service +3
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service +3
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Use after free in Sign-In Flow in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Memory Corruption Google Denial Of Service +3
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Use after free in Passwords in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Memory Corruption Google Denial Of Service +3
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Use after free in Browser Tag in Google Chrome prior to 105.0.5195.52 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service +3
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Use after free in WebSQL in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service +3
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Use after free in WebSQL in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service +3
NVD
EPSS 25% CVSS 8.8
HIGH POC KEV THREAT This Week

Use after free in Network Service in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Google Denial Of Service +3
NVD
EPSS 30% CVSS 8.8
HIGH This Week

Use after free in Browser Creation in Google Chrome prior to 104.0.5112.101 allowed a remote attacker who had convinced a user to engage in a specific UI interaction to potentially exploit heap. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service +2
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Use after free in Chrome OS Shell in Google Chrome prior to 104.0.5112.101 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Memory Corruption Google Denial Of Service +3
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Use after free in Sign-In Flow in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via specific UI interaction. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Memory Corruption Google Denial Of Service +3
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Use after free in ANGLE in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Memory Corruption Google Denial Of Service +3
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Use after free in FedCM in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service +3
NVD
EPSS 0% CVSS 7.8
HIGH POC PATCH This Week

Use After Free in GitHub repository vim/vim prior to 9.0.0579. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Denial Of Service Use After Free +2
NVD GitHub
EPSS 1% CVSS 8.8
HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Denial Of Service Memory Corruption +8
NVD
EPSS 1% CVSS 8.8
HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Denial Of Service Memory Corruption +6
NVD
EPSS 0% CVSS 7.8
HIGH POC PATCH This Week

Use After Free in GitHub repository vim/vim prior to 9.0.0530. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Denial Of Service Use After Free +3
NVD GitHub
EPSS 0% CVSS 7.0
HIGH POC PATCH This Week

mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move. Rated high severity (CVSS 7.0). Public exploit code available.

Memory Corruption Information Disclosure Linux +5
NVD
EPSS 1% CVSS 5.5
MEDIUM POC This Month

In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Information Disclosure Linux +3
NVD
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

SWFTools commit 772e55a was discovered to contain a heap-use-after-free via the function grow_unicode at /lib/ttf.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Information Disclosure Use After Free +1
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A flaw use after free in the Linux kernel video4linux driver was found in the way user triggers em28xx_usb_probe() for the Empia 28xx based TV cards. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Memory Corruption Linux Denial Of Service +2
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Memory Corruption Denial Of Service Adobe +2
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Memory Corruption Denial Of Service Adobe +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Memory Corruption RCE +3
NVD
EPSS 0% CVSS 7.8
HIGH POC PATCH This Week

Use After Free in GitHub repository vim/vim prior to 9.0.0490. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Denial Of Service Use After Free +3
NVD GitHub
EPSS 1% CVSS 7.8
HIGH This Week

Adobe Photoshop versions 22.5.8 (and earlier) and 23.4.2 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Memory Corruption RCE +3
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Adobe Photoshop versions 22.5.8 (and earlier) and 23.4.2 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service Adobe +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

There exists a use-after-free in io_uring in the Linux kernel. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Information Disclosure Linux +3
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in graphics due to use-after-free while graphics profiling in Snapdragon Connectivity, Snapdragon Mobile. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Buffer Overflow Qualcomm +16
NVD
Prev Page 42 of 69 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy