Total
7141 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-27969 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-01-29 | 7.8 High |
| A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4, watchOS 9.4. An app may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2023-31974 | 1 Tortall | 1 Yasm | 2025-01-28 | 5.5 Medium |
| yasm v1.3.0 was discovered to contain a use after free via the function error at /nasm/nasm-pp.c. Note: Multiple third parties dispute this as a bug and not a vulnerability according to the YASM security policy. | ||||
| CVE-2022-48386 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-01-28 | 4.4 Medium |
| the apipe driver, there is a possible use after free due to a logic error. This could lead to local denial of service with System execution privileges needed. | ||||
| CVE-2023-43543 | 1 Qualcomm | 32 Qam8255p, Qam8255p Firmware, Qam8775p and 29 more | 2025-01-27 | 6.7 Medium |
| Memory corruption in Audio during a playback or a recording due to race condition between allocation and deallocation of graph object. | ||||
| CVE-2023-43544 | 1 Qualcomm | 54 Ar8035, Ar8035 Firmware, Fastconnect 7800 and 51 more | 2025-01-27 | 6.7 Medium |
| Memory corruption when IPC callback handle is used after it has been released during register callback by another thread. | ||||
| CVE-2022-30539 | 1 Intel | 106 Xeon Gold 5315y, Xeon Gold 5315y Firmware, Xeon Gold 5317 and 103 more | 2025-01-27 | 7.5 High |
| Use after free in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-31566 | 1 Podofo Project | 1 Podofo | 2025-01-27 | 8.8 High |
| Podofo v0.10.0 was discovered to contain a heap-use-after-free via the component PoDoFo::PdfEncrypt::IsMetadataEncrypted(). | ||||
| CVE-2022-29919 | 1 Intel | 1 Virtual Raid On Cpu | 2025-01-27 | 7.8 High |
| Use after free in the Intel(R) VROC software before version 7.7.6.1003 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2024-22180 | 1 Openatom | 1 Openharmony | 2025-01-27 | 3.3 Low |
| in OpenHarmony v4.0.0 and prior versions allow a local attacker cause DOS through use after free. | ||||
| CVE-2023-25006 | 1 Autodesk | 1 3ds Max Usd | 2025-01-24 | 7.8 High |
| A malicious actor may convince a user to open a malicious USD file that may trigger a use-after-free vulnerability which could result in code execution. | ||||
| CVE-2024-28951 | 1 Openatom | 1 Openharmony | 2025-01-24 | 5.5 Medium |
| in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. | ||||
| CVE-2023-28308 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2025-01-23 | 6.6 Medium |
| Windows DNS Server Remote Code Execution Vulnerability | ||||
| CVE-2023-28307 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2025-01-23 | 6.6 Medium |
| Windows DNS Server Remote Code Execution Vulnerability | ||||
| CVE-2023-28306 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2025-01-23 | 6.6 Medium |
| Windows DNS Server Remote Code Execution Vulnerability | ||||
| CVE-2023-28223 | 1 Microsoft | 4 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 1 more | 2025-01-23 | 6.6 Medium |
| Windows Domain Name Service Remote Code Execution Vulnerability | ||||
| CVE-2023-28305 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2025-01-23 | 6.6 Medium |
| Windows DNS Server Remote Code Execution Vulnerability | ||||
| CVE-2023-28297 | 1 Microsoft | 10 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 7 more | 2025-01-23 | 8.8 High |
| Windows Remote Procedure Call Service (RPCSS) Elevation of Privilege Vulnerability | ||||
| CVE-2023-24914 | 1 Microsoft | 1 Windows 11 22h2 | 2025-01-23 | 7 High |
| Win32k Elevation of Privilege Vulnerability | ||||
| CVE-2023-2203 | 2 Redhat, Webkitgtk | 5 Enterprise Linux, Enterprise Linux Eus, Enterprise Linux Server Aus and 2 more | 2025-01-22 | 8.8 High |
| A flaw was found in the WebKitGTK package. An improper input validation issue may lead to a use-after-free vulnerability. This flaw allows attackers with network access to pass specially crafted web content files, causing a denial of service or arbitrary code execution. This CVE exists because of a CVE-2023-28205 security regression for the WebKitGTK package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2. | ||||
| CVE-2023-31725 | 1 Yasm Project | 1 Yasm | 2025-01-22 | 5.5 Medium |
| yasm 1.3.0.55.g101bc was discovered to contain a heap-use-after-free via the function expand_mmac_params at yasm/modules/preprocs/nasm/nasm-pp.c. | ||||