Skip to main content

Use After Free

6128 CVEs technique

Monthly

CVE-2022-30648 HIGH PATCH This Week

Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Adobe Illustrator
NVD
CVSS 3.0
7.8
EPSS
2.4%
CVE-2022-30647 HIGH PATCH This Week

Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Adobe Illustrator
NVD
CVSS 3.0
7.8
EPSS
2.4%
CVE-2022-28849 HIGH PATCH This Week

Adobe Bridge version 12.0.1 (and earlier versions) is affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Adobe Bridge
NVD
CVSS 3.1
7.8
EPSS
2.6%
CVE-2022-28842 HIGH PATCH This Week

Adobe Bridge version 12.0.1 (and earlier versions) is affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Adobe Bridge
NVD
CVSS 3.0
7.8
EPSS
2.9%
CVE-2022-20185 MEDIUM This Month

In TBD of TBD, there is a possible use after free bug. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Privilege Escalation Google Use After Free Denial Of Service +1
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-21504 MEDIUM PATCH This Month

The code in UEK6 U3 was missing an appropiate file descriptor count to be missing. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Denial Of Service Memory Corruption Use After Free Linux
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-22090 HIGH This Week

Memory corruption in audio due to use after free while managing buffers from internal cache in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Qualcomm Buffer Overflow Use After Free Denial Of Service +23
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-22071 HIGH KEV PATCH THREAT This Week

Possible use after free when process shell memory is freed using IOCTL munmap call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Memory Corruption Qualcomm Use After Free Apq8053 Firmware +89
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-22068 HIGH PATCH This Week

kernel event may contain unexpected content which is not generated by NPU software in asynchronous execution mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Qualcomm Use After Free Information Disclosure Apq8053 Firmware +115
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-29522 HIGH This Week

Use after free vulnerability exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Memory Corruption RCE Use After Free V Server +1
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2022-2042 HIGH POC PATCH This Week

Use After Free in GitHub repository vim/vim prior to 8.2. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Memory Corruption Use After Free Vim macOS
NVD GitHub
CVSS 3.1
7.8
EPSS
1.4%
CVE-2022-29227 HIGH PATCH This Week

Envoy is a cloud-native high-performance edge/middle/service proxy. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Denial Of Service Memory Corruption Use After Free Envoy
NVD GitHub
CVSS 3.1
7.5
EPSS
1.1%
CVE-2022-1998 HIGH PATCH This Week

A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user(). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Memory Corruption Use After Free Linux Linux Kernel +7
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-21745 HIGH This Week

In WIFI Firmware, there is a possible memory corruption due to a use after free. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Memory Corruption Buffer Overflow Use After Free Denial Of Service +1
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2022-32250 HIGH POC PATCH This Week

net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Memory Corruption Use After Free Linux Linux Kernel +7
NVD GitHub
CVSS 3.1
7.8
EPSS
2.9%
CVE-2022-29692 HIGH POC This Week

Unicorn Engine v1.0.3 was discovered to contain a use-after-free vulnerability via the hook function. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Use After Free Information Disclosure Unicorn Engine
NVD GitHub
CVSS 3.1
7.8
EPSS
0.8%
CVE-2022-1968 HIGH POC PATCH This Week

Use After Free in GitHub repository vim/vim prior to 8.2. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Memory Corruption Use After Free Vim Debian Linux +1
NVD GitHub
CVSS 3.1
7.8
EPSS
1.4%
CVE-2022-1652 HIGH This Week

Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption RCE Linux Use After Free Denial Of Service +8
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-1419 HIGH This Week

The root cause of this vulnerability is that the ioctl$DRM_IOCTL_MODE_DESTROY_DUMB can decrease refcount of *drm_vgem_gem_object *(created in *vgem_gem_dumb_create*) concurrently, and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Use After Free Information Disclosure Linux Kernel Debian Linux
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-1934 HIGH POC PATCH This Week

Use After Free in GitHub repository mruby/mruby prior to 3.2. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Memory Corruption Use After Free Mruby
NVD GitHub
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-1898 HIGH POC PATCH This Week

Use After Free in GitHub repository vim/vim prior to 8.2. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Memory Corruption Use After Free Vim Fedora +2
NVD GitHub
CVSS 3.1
7.8
EPSS
1.4%
CVE-2022-26757 HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Apple Use After Free Denial Of Service +6
NVD
CVSS 3.1
7.8
EPSS
2.8%
CVE-2022-26702 HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Apple Use After Free Denial Of Service +4
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-1882 HIGH PATCH This Week

A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Denial Of Service Memory Corruption Use After Free Linux Linux Kernel +8
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-1796 HIGH POC PATCH This Week

Use After Free in GitHub repository vim/vim prior to 8.2.4979. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Memory Corruption Use After Free Vim
NVD GitHub
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-28350 CRITICAL Act Now

Arm Mali GPU Kernel Driver allows improper GPU operations in Valhall r29p0 through r36p0 before r37p0 to reach a use-after-free situation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Information Disclosure Valhall Gpu Kernel Driver
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2022-28349 CRITICAL Act Now

Arm Mali GPU Kernel Driver has a use-after-free: Midgard r28p0 through r29p0 before r30p0, Bifrost r17p0 through r23p0 before r24p0, and Valhall r19p0 through r23p0 before r24p0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Information Disclosure Bifrost Gpu Kernel Driver Midguard Gpu Kernel Driver +1
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2022-28348 CRITICAL Act Now

Arm Mali GPU Kernel Driver (Midgard r4p0 through r31p0, Bifrost r0p0 through r36p0 before r37p0, and Valhall r19p0 through r36p0 before r37p0) allows improper GPU memory operations to reach a. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Information Disclosure Bifrost Gpu Kernel Driver Midgard Gpu Kernel Driver +1
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2022-1734 HIGH POC PATCH This Week

A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware. Rated high severity (CVSS 7.0). Public exploit code available.

Denial Of Service Memory Corruption Use After Free Linux Linux Kernel +9
NVD GitHub
CVSS 3.1
7.0
EPSS
0.5%
CVE-2022-30065 HIGH POC This Week

A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Denial Of Service Memory Corruption RCE Busybox +6
NVD VulDB
CVSS 3.1
7.8
EPSS
1.2%
CVE-2022-1795 CRITICAL POC PATCH Act Now

Use After Free in GitHub repository gpac/gpac prior to v2.1.0-DEV. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Memory Corruption Use After Free Gpac
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-28192 MEDIUM PATCH This Month

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where it may lead to a use-after-free, which in turn may cause denial of service. Rated medium severity (CVSS 4.1). This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Denial Of Service Memory Corruption Nvidia Use After Free Virtual Gpu
NVD
CVSS 3.1
4.1
EPSS
0.2%
CVE-2022-1679 HIGH PATCH This Week

A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Denial Of Service Memory Corruption Use After Free Linux Linux Kernel +9
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2022-22252 HIGH This Week

The DFX module has a UAF vulnerability.Successful exploitation of this vulnerability may affect system stability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Information Disclosure Emui Harmonyos +1
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-29794 CRITICAL Act Now

The frame scheduling module has a Use After Free (UAF) vulnerability.Successful exploitation of this vulnerability will affect data integrity, availability, and confidentiality. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Memory Corruption Use After Free Emui Harmonyos
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2022-28824 HIGH This Week

Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by a Use-after-free vulnerability that could result in arbitrary code execution in the context of the current. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Framemaker
NVD
CVSS 3.0
7.8
EPSS
2.6%
CVE-2022-28823 HIGH This Week

Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by a Use-after-free vulnerability that could result in arbitrary code execution in the context of the current. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Framemaker
NVD
CVSS 3.0
7.8
EPSS
2.6%
CVE-2022-22260 CRITICAL Act Now

The kernel module has a UAF vulnerability.Successful exploitation of this vulnerability will affect data integrity and availability. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Information Disclosure Emui Harmonyos
NVD
CVSS 3.1
9.1
EPSS
0.6%
CVE-2022-28838 HIGH This Week

Acrobat Acrobat Pro DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.1
7.8
EPSS
2.6%
CVE-2022-28837 MEDIUM This Month

Acrobat Pro DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Adobe Information Disclosure Acrobat Dc +3
NVD
CVSS 3.1
5.5
EPSS
2.0%
CVE-2022-28269 LOW Monitor

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of Annotation objects. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Adobe Information Disclosure Acrobat Dc +3
NVD
CVSS 3.0
3.3
EPSS
10.7%
CVE-2022-28256 MEDIUM This Month

Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Adobe Information Disclosure Acrobat Dc +3
NVD
CVSS 3.1
5.5
EPSS
2.4%
CVE-2022-28250 MEDIUM This Month

Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Adobe Information Disclosure Acrobat Dc +3
NVD
CVSS 3.1
5.5
EPSS
1.9%
CVE-2022-28242 HIGH This Week

Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.1
7.8
EPSS
3.4%
CVE-2022-28240 HIGH This Week

Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.1
7.8
EPSS
12.5%
CVE-2022-28238 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
11.9%
CVE-2022-28237 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
3.7%
CVE-2022-28235 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
3.7%
CVE-2022-28233 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
12.5%
CVE-2022-28232 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the collab object. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
12.5%
CVE-2022-28230 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
12.5%
CVE-2022-27802 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
3.7%
CVE-2022-27801 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
3.7%
CVE-2022-27800 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
3.7%
CVE-2022-27799 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
17.2%
CVE-2022-27797 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
3.7%
CVE-2022-27796 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
12.5%
CVE-2022-27795 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
3.7%
CVE-2022-27790 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of fonts that could. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
11.9%
CVE-2022-27789 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
3.6%
CVE-2022-27786 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of fonts that could. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
12.1%
CVE-2022-27785 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of fonts that could. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
12.5%
CVE-2022-24104 HIGH This Week

Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
11.1%
CVE-2022-24103 HIGH This Week

Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
3.4%
CVE-2022-24102 HIGH This Week

Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.1
7.8
EPSS
12.6%
CVE-2022-24101 LOW Monitor

Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Adobe Information Disclosure Acrobat Dc +3
NVD
CVSS 3.0
3.3
EPSS
1.8%
CVE-2022-1616 HIGH POC PATCH This Week

Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Memory Corruption Use After Free Vim Fedora +2
NVD GitHub
CVSS 3.1
7.8
EPSS
2.6%
CVE-2022-28279 HIGH This Week

Adobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Photoshop
NVD
CVSS 3.0
7.8
EPSS
2.8%
CVE-2022-28271 HIGH This Week

Adobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Photoshop
NVD
CVSS 3.0
7.8
EPSS
3.2%
CVE-2022-1516 MEDIUM PATCH This Month

A NULL pointer dereference flaw was found in the Linux kernel’s X.25 set of standardized network protocols functionality in the way a user terminates their session using a simulated Ethernet card and. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Denial Of Service Memory Corruption Use After Free Linux Linux Kernel +1
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-1114 HIGH This Week

A heap-use-after-free flaw was found in ImageMagick's RelinquishDCMInfo() function of dcm.c file. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Memory Corruption Use After Free Information Disclosure Imagemagick
NVD
CVSS 3.1
7.1
EPSS
1.1%
CVE-2022-1048 HIGH PATCH This Week

A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. Rated high severity (CVSS 7.0). This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Denial Of Service Memory Corruption Use After Free Linux Linux Kernel +10
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2022-1444 MEDIUM POC PATCH This Month

heap-use-after-free in GitHub repository radareorg/radare2 prior to 5.7.0. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Memory Corruption Use After Free Radare2
NVD GitHub
CVSS 3.1
5.5
EPSS
0.8%
CVE-2022-28042 HIGH POC PATCH This Week

stb_image.h v2.27 was discovered to contain an heap-based use-after-free via the function stbi__jpeg_huff_decode. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Use After Free Information Disclosure Stb Image H Fedora +1
NVD GitHub
CVSS 3.1
8.8
EPSS
1.6%
CVE-2022-27007 CRITICAL POC PATCH Act Now

nginx njs 0.7.2 is affected suffers from Use-after-free in njs_function_frame_alloc() when it try to invoke from a restored frame saved with njs_function_frame_save(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Use After Free Nginx Information Disclosure Njs
NVD GitHub
CVSS 3.1
9.8
EPSS
1.6%
CVE-2022-27457 HIGH POC This Week

MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component my_mb_wc_latin1 at /strings/ctype-latin1.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Use After Free Information Disclosure MariaDB
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2022-27456 HIGH POC This Week

MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component VDec::VDec at /sql/sql_type.cc. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Use After Free Information Disclosure MariaDB Debian Linux
NVD
CVSS 3.1
7.5
EPSS
2.1%
CVE-2022-27455 HIGH POC This Week

MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component my_wildcmp_8bit_impl at /strings/ctype-simple.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Use After Free Information Disclosure MariaDB
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2022-27447 HIGH POC This Week

MariaDB Server v10.9 and below was discovered to contain a use-after-free via the component Binary_string::free_buffer() at /sql/sql_string.h. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Use After Free Information Disclosure MariaDB Debian Linux
NVD
CVSS 3.1
7.5
EPSS
2.2%
CVE-2022-1280 MEDIUM This Month

A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux kernel due to a race problem. Rated medium severity (CVSS 6.3). No vendor patch available.

Denial Of Service Memory Corruption Use After Free Linux Linux Kernel +1
NVD
CVSS 3.1
6.3
EPSS
0.3%
CVE-2022-27383 HIGH POC This Week

MariaDB Server v10.6 and below was discovered to contain an use-after-free in the component my_strcasecmp_8bit, which is exploited via specially crafted SQL statements. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Use After Free Information Disclosure MariaDB Debian Linux
NVD
CVSS 3.1
7.5
EPSS
2.1%
CVE-2022-27377 HIGH POC This Week

MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component Item_func_in::cleanup(), which is exploited via specially crafted SQL statements. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Use After Free Information Disclosure MariaDB Debian Linux
NVD
CVSS 3.1
7.5
EPSS
2.3%
CVE-2022-27376 HIGH POC This Week

MariaDB Server v10.6.5 and below was discovered to contain an use-after-free in the component Item_args::walk_arg, which is exploited via specially crafted SQL statements. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Use After Free Information Disclosure MariaDB Debian Linux
NVD
CVSS 3.1
7.5
EPSS
2.2%
CVE-2022-24070 HIGH This Week

Subversion's mod_dav_svn is vulnerable to memory corruption. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Buffer Overflow Subversion Debian Linux +2
NVD
CVSS 3.1
7.5
EPSS
9.3%
CVE-2022-27528 HIGH This Week

A maliciously crafted DWFX and SKP files in Autodesk Navisworks 2022 can be used to trigger use-after-free vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Navisworks
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-25789 HIGH This Week

A maliciously crafted DWF, 3DS and DWFX files in Autodesk AutoCAD 2022, 2021, 2020, 2019 can be used to trigger use-after-free vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Advance Steel Autocad +8
NVD
CVSS 3.1
7.8
EPSS
1.5%
CVE-2022-20062 MEDIUM This Month

In mdp, there is a possible memory corruption due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Memory Corruption Buffer Overflow Use After Free Denial Of Service +1
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-20052 MEDIUM This Month

In mdp, there is a possible memory corruption due to a use after free. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Memory Corruption Buffer Overflow Use After Free Denial Of Service +1
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2022-28893 HIGH PATCH This Week

The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Information Disclosure Memory Corruption Use After Free Linux Linux Kernel +12
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-1284 MEDIUM POC PATCH This Month

heap-use-after-free in GitHub repository radareorg/radare2 prior to 5.6.8. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Memory Corruption Use After Free Radare2
NVD GitHub
CVSS 3.1
5.5
EPSS
0.8%
EPSS 2% CVSS 7.8
HIGH PATCH This Week

Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free +2
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Week

Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free +2
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Adobe Bridge version 12.0.1 (and earlier versions) is affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free +2
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Adobe Bridge version 12.0.1 (and earlier versions) is affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In TBD of TBD, there is a possible use after free bug. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Privilege Escalation Google +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

The code in UEK6 U3 was missing an appropiate file descriptor count to be missing. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Denial Of Service Memory Corruption Use After Free +1
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in audio due to use after free while managing buffers from internal cache in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Qualcomm Buffer Overflow +25
NVD
EPSS 0% CVSS 7.8
HIGH KEV PATCH THREAT This Week

Possible use after free when process shell memory is freed using IOCTL munmap call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Memory Corruption Qualcomm +91
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

kernel event may contain unexpected content which is not generated by NPU software in asynchronous execution mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Qualcomm Use After Free +117
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Use after free vulnerability exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Memory Corruption RCE +3
NVD
EPSS 1% CVSS 7.8
HIGH POC PATCH This Week

Use After Free in GitHub repository vim/vim prior to 8.2. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Memory Corruption Use After Free +2
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Envoy is a cloud-native high-performance edge/middle/service proxy. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Denial Of Service Memory Corruption Use After Free +1
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user(). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Memory Corruption Use After Free +9
NVD
EPSS 0% CVSS 8.8
HIGH This Week

In WIFI Firmware, there is a possible memory corruption due to a use after free. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Memory Corruption Buffer Overflow +3
NVD
EPSS 3% CVSS 7.8
HIGH POC PATCH This Week

net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Memory Corruption Use After Free +9
NVD GitHub
EPSS 1% CVSS 7.8
HIGH POC This Week

Unicorn Engine v1.0.3 was discovered to contain a use-after-free vulnerability via the hook function. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Use After Free Information Disclosure +1
NVD GitHub
EPSS 1% CVSS 7.8
HIGH POC PATCH This Week

Use After Free in GitHub repository vim/vim prior to 8.2. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Memory Corruption Use After Free +3
NVD GitHub
EPSS 1% CVSS 7.8
HIGH This Week

Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption RCE Linux +10
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The root cause of this vulnerability is that the ioctl$DRM_IOCTL_MODE_DESTROY_DUMB can decrease refcount of *drm_vgem_gem_object *(created in *vgem_gem_dumb_create*) concurrently, and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Use After Free Information Disclosure +2
NVD
EPSS 0% CVSS 7.8
HIGH POC PATCH This Week

Use After Free in GitHub repository mruby/mruby prior to 3.2. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Memory Corruption Use After Free +1
NVD GitHub
EPSS 1% CVSS 7.8
HIGH POC PATCH This Week

Use After Free in GitHub repository vim/vim prior to 8.2. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Memory Corruption Use After Free +4
NVD GitHub
EPSS 3% CVSS 7.8
HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Apple +8
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Apple +6
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Denial Of Service Memory Corruption Use After Free +10
NVD
EPSS 1% CVSS 7.8
HIGH POC PATCH This Week

Use After Free in GitHub repository vim/vim prior to 8.2.4979. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Memory Corruption Use After Free +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

Arm Mali GPU Kernel Driver allows improper GPU operations in Valhall r29p0 through r36p0 before r37p0 to reach a use-after-free situation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Information Disclosure +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Arm Mali GPU Kernel Driver has a use-after-free: Midgard r28p0 through r29p0 before r30p0, Bifrost r17p0 through r23p0 before r24p0, and Valhall r19p0 through r23p0 before r24p0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Information Disclosure +3
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Arm Mali GPU Kernel Driver (Midgard r4p0 through r31p0, Bifrost r0p0 through r36p0 before r37p0, and Valhall r19p0 through r36p0 before r37p0) allows improper GPU memory operations to reach a. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Information Disclosure +3
NVD
EPSS 1% CVSS 7.0
HIGH POC PATCH This Week

A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware. Rated high severity (CVSS 7.0). Public exploit code available.

Denial Of Service Memory Corruption Use After Free +11
NVD GitHub
EPSS 1% CVSS 7.8
HIGH POC This Week

A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Denial Of Service Memory Corruption +8
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

Use After Free in GitHub repository gpac/gpac prior to v2.1.0-DEV. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Memory Corruption Use After Free +1
NVD GitHub
EPSS 0% CVSS 4.1
MEDIUM PATCH This Month

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where it may lead to a use-after-free, which in turn may cause denial of service. Rated medium severity (CVSS 4.1). This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Denial Of Service Memory Corruption Nvidia +2
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Denial Of Service Memory Corruption Use After Free +11
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The DFX module has a UAF vulnerability.Successful exploitation of this vulnerability may affect system stability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Information Disclosure +3
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

The frame scheduling module has a Use After Free (UAF) vulnerability.Successful exploitation of this vulnerability will affect data integrity, availability, and confidentiality. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Memory Corruption Use After Free +2
NVD
EPSS 3% CVSS 7.8
HIGH This Week

Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by a Use-after-free vulnerability that could result in arbitrary code execution in the context of the current. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free +2
NVD
EPSS 3% CVSS 7.8
HIGH This Week

Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by a Use-after-free vulnerability that could result in arbitrary code execution in the context of the current. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free +2
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

The kernel module has a UAF vulnerability.Successful exploitation of this vulnerability will affect data integrity and availability. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Information Disclosure +2
NVD
EPSS 3% CVSS 7.8
HIGH This Week

Acrobat Acrobat Pro DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free +5
NVD
EPSS 2% CVSS 5.5
MEDIUM This Month

Acrobat Pro DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Adobe +5
NVD
EPSS 11% CVSS 3.3
LOW Monitor

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of Annotation objects. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Adobe +5
NVD
EPSS 2% CVSS 5.5
MEDIUM This Month

Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Adobe +5
NVD
EPSS 2% CVSS 5.5
MEDIUM This Month

Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Adobe +5
NVD
EPSS 3% CVSS 7.8
HIGH This Week

Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free +5
NVD
EPSS 12% CVSS 7.8
HIGH This Week

Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free +5
NVD
EPSS 12% CVSS 7.8
HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free +5
NVD
EPSS 4% CVSS 7.8
HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free +5
NVD
EPSS 4% CVSS 7.8
HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free +5
NVD
EPSS 13% CVSS 7.8
HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free +5
NVD
EPSS 13% CVSS 7.8
HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the collab object. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free +5
NVD
EPSS 13% CVSS 7.8
HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free +5
NVD
EPSS 4% CVSS 7.8
HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free +5
NVD
EPSS 4% CVSS 7.8
HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free +5
NVD
EPSS 4% CVSS 7.8
HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free +5
NVD
EPSS 17% CVSS 7.8
HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free +5
NVD
EPSS 4% CVSS 7.8
HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free +5
NVD
EPSS 13% CVSS 7.8
HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free +5
NVD
EPSS 4% CVSS 7.8
HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free +5
NVD
EPSS 12% CVSS 7.8
HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of fonts that could. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free +5
NVD
EPSS 4% CVSS 7.8
HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free +5
NVD
EPSS 12% CVSS 7.8
HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of fonts that could. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free +5
NVD
EPSS 13% CVSS 7.8
HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of fonts that could. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free +5
NVD
EPSS 11% CVSS 7.8
HIGH This Week

Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free +5
NVD
EPSS 3% CVSS 7.8
HIGH This Week

Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free +5
NVD
EPSS 13% CVSS 7.8
HIGH This Week

Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free +5
NVD
EPSS 2% CVSS 3.3
LOW Monitor

Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Adobe +5
NVD
EPSS 3% CVSS 7.8
HIGH POC PATCH This Week

Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Memory Corruption Use After Free +4
NVD GitHub
EPSS 3% CVSS 7.8
HIGH This Week

Adobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free +2
NVD
EPSS 3% CVSS 7.8
HIGH This Week

Adobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free +2
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

A NULL pointer dereference flaw was found in the Linux kernel’s X.25 set of standardized network protocols functionality in the way a user terminates their session using a simulated Ethernet card and. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Denial Of Service Memory Corruption Use After Free +3
NVD
EPSS 1% CVSS 7.1
HIGH This Week

A heap-use-after-free flaw was found in ImageMagick's RelinquishDCMInfo() function of dcm.c file. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Memory Corruption Use After Free +2
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. Rated high severity (CVSS 7.0). This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Denial Of Service Memory Corruption Use After Free +12
NVD
EPSS 1% CVSS 5.5
MEDIUM POC PATCH This Month

heap-use-after-free in GitHub repository radareorg/radare2 prior to 5.7.0. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Memory Corruption Use After Free +1
NVD GitHub
EPSS 2% CVSS 8.8
HIGH POC PATCH This Week

stb_image.h v2.27 was discovered to contain an heap-based use-after-free via the function stbi__jpeg_huff_decode. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Use After Free Information Disclosure +3
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC PATCH Act Now

nginx njs 0.7.2 is affected suffers from Use-after-free in njs_function_frame_alloc() when it try to invoke from a restored frame saved with njs_function_frame_save(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Use After Free Nginx +2
NVD GitHub
EPSS 2% CVSS 7.5
HIGH POC This Week

MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component my_mb_wc_latin1 at /strings/ctype-latin1.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Use After Free Information Disclosure +1
NVD
EPSS 2% CVSS 7.5
HIGH POC This Week

MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component VDec::VDec at /sql/sql_type.cc. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Use After Free Information Disclosure +2
NVD
EPSS 2% CVSS 7.5
HIGH POC This Week

MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component my_wildcmp_8bit_impl at /strings/ctype-simple.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Use After Free Information Disclosure +1
NVD
EPSS 2% CVSS 7.5
HIGH POC This Week

MariaDB Server v10.9 and below was discovered to contain a use-after-free via the component Binary_string::free_buffer() at /sql/sql_string.h. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Use After Free Information Disclosure +2
NVD
EPSS 0% CVSS 6.3
MEDIUM This Month

A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux kernel due to a race problem. Rated medium severity (CVSS 6.3). No vendor patch available.

Denial Of Service Memory Corruption Use After Free +3
NVD
EPSS 2% CVSS 7.5
HIGH POC This Week

MariaDB Server v10.6 and below was discovered to contain an use-after-free in the component my_strcasecmp_8bit, which is exploited via specially crafted SQL statements. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Use After Free Information Disclosure +2
NVD
EPSS 2% CVSS 7.5
HIGH POC This Week

MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component Item_func_in::cleanup(), which is exploited via specially crafted SQL statements. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Use After Free Information Disclosure +2
NVD
EPSS 2% CVSS 7.5
HIGH POC This Week

MariaDB Server v10.6.5 and below was discovered to contain an use-after-free in the component Item_args::walk_arg, which is exploited via specially crafted SQL statements. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Use After Free Information Disclosure +2
NVD
EPSS 9% CVSS 7.5
HIGH This Week

Subversion's mod_dav_svn is vulnerable to memory corruption. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Buffer Overflow +4
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A maliciously crafted DWFX and SKP files in Autodesk Navisworks 2022 can be used to trigger use-after-free vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free +1
NVD
EPSS 2% CVSS 7.8
HIGH This Week

A maliciously crafted DWF, 3DS and DWFX files in Autodesk AutoCAD 2022, 2021, 2020, 2019 can be used to trigger use-after-free vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free +10
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In mdp, there is a possible memory corruption due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Memory Corruption Buffer Overflow +3
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

In mdp, there is a possible memory corruption due to a use after free. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Memory Corruption Buffer Overflow +3
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Information Disclosure Memory Corruption Use After Free +14
NVD
EPSS 1% CVSS 5.5
MEDIUM POC PATCH This Month

heap-use-after-free in GitHub repository radareorg/radare2 prior to 5.6.8. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Memory Corruption Use After Free +1
NVD GitHub
Prev Page 45 of 69 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy