Export limit exceeded: 336643 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (7030 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-2135 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2025-02-13 | 7.5 High |
| Use after free in DevTools in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who convinced a user to enable specific preconditions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2023-20893 | 1 Vmware | 1 Vcenter Server | 2025-02-13 | 8.1 High |
| The VMware vCenter Server contains a use-after-free vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may exploit this issue to execute arbitrary code on the underlying operating system that hosts vCenter Server. | ||||
| CVE-2023-1818 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2025-02-13 | 8.8 High |
| Use after free in Vulkan in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2023-1815 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2025-02-13 | 8.8 High |
| Use after free in Networking APIs in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2023-1811 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2025-02-13 | 8.8 High |
| Use after free in Frames in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2023-1533 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-02-13 | 8.8 High |
| Use after free in WebProtect in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2023-1531 | 3 Chromium, Fedoraproject, Google | 3 Chromium, Fedora, Chrome | 2025-02-13 | 8.8 High |
| Use after free in ANGLE in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2023-1528 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-02-13 | 8.8 High |
| Use after free in Passwords in Google Chrome prior to 111.0.5563.110 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2023-0941 | 1 Google | 1 Chrome | 2025-02-13 | 8.8 High |
| Use after free in Prompts in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) | ||||
| CVE-2023-0932 | 2 Google, Microsoft | 2 Chrome, Windows | 2025-02-13 | 8.8 High |
| Use after free in WebRTC in Google Chrome on Windows prior to 110.0.5481.177 allowed a remote attacker who convinced the user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2023-0931 | 1 Google | 1 Chrome | 2025-02-13 | 8.8 High |
| Use after free in Video in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2023-0929 | 1 Google | 1 Chrome | 2025-02-13 | 8.8 High |
| Use after free in Vulkan in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2023-0928 | 1 Google | 1 Chrome | 2025-02-13 | 8.8 High |
| Use after free in SwiftShader in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2023-0927 | 1 Google | 2 Android, Chrome | 2025-02-13 | 8.8 High |
| Use after free in Web Payments API in Google Chrome on Android prior to 110.0.5481.177 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2023-0461 | 2 Linux, Redhat | 7 Linux Kernel, Enterprise Linux, Rhel Aus and 4 more | 2025-02-13 | 7.8 High |
| There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS or CONFIG_XFRM_ESPINTCP has to be configured, but the operation does not require any privilege. There is a use-after-free bug of icsk_ulp_data of a struct inet_connection_sock. When CONFIG_TLS is enabled, user can install a tls context (struct tls_context) on a connected tcp socket. The context is not cleared if this socket is disconnected and reused as a listener. If a new socket is created from the listener, the context is inherited and vulnerable. The setsockopt TCP_ULP operation does not require any privilege. We recommend upgrading past commit 2c02d41d71f90a5168391b6a5f2954112ba2307c | ||||
| CVE-2022-4924 | 1 Google | 1 Chrome | 2025-02-13 | 9.6 Critical |
| Use after free in WebRTC in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2022-4921 | 1 Google | 1 Chrome | 2025-02-13 | 8.8 High |
| Use after free in Accessibility in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2022-4919 | 1 Google | 1 Chrome | 2025-02-13 | 8.8 High |
| Use after free in Base Internals in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2022-4918 | 1 Google | 1 Chrome | 2025-02-13 | 8.8 High |
| Use after free in UI in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2022-4916 | 1 Google | 1 Chrome | 2025-02-13 | 8.8 High |
| Use after free in Media in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High) | ||||