Vulnerabilities (CVE)

Filtered by CWE-416
Total 5622 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-2603 2 Fedoraproject, Google 2 Fedora, Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in Omnibox in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2602 2 Canonical, Linux 2 Ubuntu Linux, Linux Kernel 2024-11-21 N/A 5.3 MEDIUM
io_uring UAF, Unix SCM garbage collection
CVE-2022-2588 2 Canonical, Linux 2 Ubuntu Linux, Linux Kernel 2024-11-21 N/A 5.3 MEDIUM
It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0.
CVE-2022-2585 2 Canonical, Linux 2 Ubuntu Linux, Linux Kernel 2024-11-21 N/A 5.3 MEDIUM
It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free.
CVE-2022-2526 2 Netapp, Systemd Project 10 Active Iq Unified Manager, H300s, H300s Firmware and 7 more 2024-11-21 N/A 9.8 CRITICAL
A use-after-free vulnerability was found in systemd. This issue occurs due to the on_stream_io() function and dns_stream_complete() function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream object. Therefore, other functions and callbacks called can dereference the DNSStream object, causing the use-after-free when the reference is still used later.
CVE-2022-2481 1 Google 1 Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in Views in Google Chrome prior to 103.0.5060.134 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via UI interaction.
CVE-2022-2480 1 Google 1 Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in Service Worker API in Google Chrome prior to 103.0.5060.134 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2478 1 Google 1 Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in PDF in Google Chrome prior to 103.0.5060.134 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2477 1 Google 1 Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in Guest View in Google Chrome prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2453 1 Gpac 1 Gpac 2024-11-21 N/A 7.8 HIGH
Use After Free in GitHub repository gpac/gpac prior to 2.1-DEV.
CVE-2022-2399 1 Google 1 Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in WebGPU in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2345 2 Fedoraproject, Vim 2 Fedora, Vim 2024-11-21 6.8 MEDIUM 7.8 HIGH
Use After Free in GitHub repository vim/vim prior to 9.0.0046.
CVE-2022-2327 1 Linux 1 Linux Kernel 2024-11-21 N/A 7.5 HIGH
io_uring use work_flags to determine which identity need to grab from the calling process to make sure it is consistent with the calling process when executing IORING_OP. Some operations are missing some types, which can lead to incorrect reference counts which can then lead to a double free. We recommend upgrading the kernel past commit df3f3bb5059d20ef094d6b2f0256c4bf4127a859
CVE-2022-2318 3 Debian, Linux, Netapp 12 Debian Linux, Linux Kernel, H300s and 9 more 2024-11-21 4.9 MEDIUM 5.5 MEDIUM
There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges.
CVE-2022-2296 2 Fedoraproject, Google 4 Extra Packages For Enterprise Linux, Fedora, Chrome and 1 more 2024-11-21 N/A 8.8 HIGH
Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 103.0.5060.114 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via direct UI interactions.
CVE-2022-2289 2 Fedoraproject, Vim 2 Fedora, Vim 2024-11-21 6.8 MEDIUM 7.8 HIGH
Use After Free in GitHub repository vim/vim prior to 9.0.
CVE-2022-2163 2 Fedoraproject, Google 3 Extra Packages For Enterprise Linux, Fedora, Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in Cast UI and Toolbar in Google Chrome prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via UI interaction.
CVE-2022-2161 2 Fedoraproject, Google 2 Fedora, Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in WebApp Provider in Google Chrome prior to 103.0.5060.53 allowed a remote attacker who convinced the user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions.
CVE-2022-2158 2 Fedoraproject, Google 3 Extra Packages For Enterprise Linux, Fedora, Chrome 2024-11-21 N/A 8.8 HIGH
Type confusion in V8 in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2157 2 Fedoraproject, Google 2 Fedora, Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in Interest groups in Google Chrome prior to 103.0.5060.53 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.