Total
5657 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-44323 | 1 Microsoft | 1 Edge Chromium | 2024-11-21 | N/A | 5.5 MEDIUM |
| Adobe Acrobat for Edge version 118.0.2088.46 (and earlier) is affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-44095 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | N/A | 7.5 HIGH |
| Use-After-Free (UAF) vulnerability in the surfaceflinger module.Successful exploitation of this vulnerability can cause system crash. | |||||
| CVE-2023-43514 | 1 Qualcomm | 166 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 163 more | 2024-11-21 | N/A | 8.4 HIGH |
| Memory corruption while invoking IOCTLs calls from user space for internal mem MAP and internal mem UNMAP. | |||||
| CVE-2023-42950 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2024-11-21 | N/A | 8.8 HIGH |
| A use after free issue was addressed with improved memory management. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2, watchOS 10.2, macOS Sonoma 14.2. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2023-42892 | 1 Apple | 1 Macos | 2024-11-21 | N/A | 7.8 HIGH |
| A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.6.3, macOS Sonoma 14.2, macOS Monterey 12.7.2. A local attacker may be able to elevate their privileges. | |||||
| CVE-2023-42870 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-11-21 | N/A | 7.8 HIGH |
| A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Sonoma 14, iOS 17 and iPadOS 17. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2023-42722 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 6.7 MEDIUM |
| In camera service, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed | |||||
| CVE-2023-42482 | 1 Samsung | 2 Exynos 2200, Exynos 2200 Firmware | 2024-11-21 | N/A | 4.7 MEDIUM |
| Samsung Mobile Processor Exynos 2200 allows a GPU Use After Free. | |||||
| CVE-2023-42365 | 1 Busybox | 1 Busybox | 2024-11-21 | N/A | 5.5 MEDIUM |
| A use-after-free vulnerability was discovered in BusyBox v.1.36.1 via a crafted awk pattern in the awk.c copyvar function. | |||||
| CVE-2023-42364 | 1 Busybox | 1 Busybox | 2024-11-21 | N/A | 5.5 MEDIUM |
| A use-after-free vulnerability in BusyBox v.1.36.1 allows attackers to cause a denial of service via a crafted awk pattern in the awk.c evaluate function. | |||||
| CVE-2023-42363 | 1 Busybox | 1 Busybox | 2024-11-21 | N/A | 5.5 MEDIUM |
| A use-after-free vulnerability was discovered in xasprintf function in xfuncs_printf.c:344 in BusyBox v.1.36.1. | |||||
| CVE-2023-42104 | 2024-11-21 | N/A | 7.8 HIGH | ||
| Ashlar-Vellum Cobalt AR File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of AR files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. . Was ZDI-CAN-20630. | |||||
| CVE-2023-42103 | 2024-11-21 | N/A | 7.8 HIGH | ||
| Ashlar-Vellum Cobalt AR File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of AR files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. . Was ZDI-CAN-20660. | |||||
| CVE-2023-42098 | 2024-11-21 | N/A | 3.3 LOW | ||
| Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22037. | |||||
| CVE-2023-42097 | 1 Foxit | 2 Pdf Editor, Pdf Reader | 2024-11-21 | N/A | 7.8 HIGH |
| Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21902. | |||||
| CVE-2023-42096 | 1 Foxit | 2 Pdf Editor, Pdf Reader | 2024-11-21 | N/A | 7.8 HIGH |
| Foxit PDF Reader PDF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21880. | |||||
| CVE-2023-42094 | 1 Foxit | 2 Pdf Editor, Pdf Reader | 2024-11-21 | N/A | 7.8 HIGH |
| Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21873. | |||||
| CVE-2023-42093 | 1 Foxit | 2 Pdf Editor, Pdf Reader | 2024-11-21 | N/A | 3.3 LOW |
| Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-21869. | |||||
| CVE-2023-42092 | 1 Foxit | 2 Pdf Editor, Pdf Reader | 2024-11-21 | N/A | 7.8 HIGH |
| Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21676. | |||||
| CVE-2023-42091 | 1 Foxit | 2 Pdf Editor, Pdf Reader | 2024-11-21 | N/A | 7.8 HIGH |
| Foxit PDF Reader XFA Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21601. | |||||