Total
5622 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-0971 | 3 Apple, Google, Linux | 4 Macos, Android, Chrome and 1 more | 2024-11-21 | N/A | 8.8 HIGH |
| Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-0934 | 2 Redhat, Thekelleys | 2 Enterprise Linux, Dnsmasq | 2024-11-21 | N/A | 7.5 HIGH |
| A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet processed by dnsmasq, potentially causing a denial of service. | |||||
| CVE-2022-0849 | 1 Radare | 1 Radare2 | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Use After Free in r_reg_get_name_idx in GitHub repository radareorg/radare2 prior to 5.6.6. | |||||
| CVE-2022-0808 | 1 Google | 1 Chrome | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in a series of user interaction to potentially exploit heap corruption via user interactions. | |||||
| CVE-2022-0805 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in Browser Switcher in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction. | |||||
| CVE-2022-0798 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in MediaStream in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. | |||||
| CVE-2022-0796 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in Media in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-0794 | 1 Google | 1 Chrome | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in WebShare in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-0793 | 1 Google | 1 Chrome | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in Cast in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinced a user to install a malicious extension and engage in specific user interaction to potentially exploit heap corruption via a crafted Chrome Extension. | |||||
| CVE-2022-0791 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in Omnibox in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via user interactions. | |||||
| CVE-2022-0790 | 1 Google | 1 Chrome | 2024-11-21 | 6.8 MEDIUM | 9.6 CRITICAL |
| Use after free in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially perform a sandbox escape via a crafted HTML page. | |||||
| CVE-2022-0699 | 1 Osgeo | 1 Shapelib | 2024-11-21 | N/A | 9.8 CRITICAL |
| A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0 and older releases. This issue may allow an attacker to cause a denial of service or have other unspecified impact via control over malloc. | |||||
| CVE-2022-0646 | 2 Linux, Netapp | 17 Linux Kernel, H300e, H300e Firmware and 14 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| A flaw use after free in the Linux kernel Management Component Transport Protocol (MCTP) subsystem was found in the way user triggers cancel_work_sync after the unregister_netdev during removing device. A local user could use this flaw to crash the system or escalate their privileges on the system. It is actual from Linux Kernel 5.17-rc1 (when mctp-serial.c introduced) till 5.17-rc5. | |||||
| CVE-2022-0615 | 1 Eset | 2 Endpoint Antivirus, Server Security | 2024-11-21 | 7.8 HIGH | 5.9 MEDIUM |
| Use-after-free in eset_rtp kernel module used in ESET products for Linux allows potential attacker to trigger denial-of-service condition on the system. | |||||
| CVE-2022-0607 | 1 Google | 1 Chrome | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in GPU in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-0606 | 1 Google | 1 Chrome | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in ANGLE in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-0605 | 1 Google | 1 Chrome | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in Webstore API in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and convinced a user to enage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-0603 | 1 Google | 2 Chrome, Chrome Os | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in File Manager in Google Chrome on Chrome OS prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-0581 | 3 Debian, Fedoraproject, Wireshark | 3 Debian Linux, Fedora, Wireshark | 2024-11-21 | 5.0 MEDIUM | 6.3 MEDIUM |
| Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file | |||||
| CVE-2022-0559 | 2 Fedoraproject, Radare | 2 Fedora, Radare2 | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2. | |||||