Export limit exceeded: 10609 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (8207 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-33027 | 1 Gnu | 1 Libredwg | 2024-11-21 | 7.8 High |
| LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the function dwg_add_handleref at dwg.c. | ||||
| CVE-2022-33025 | 1 Gnu | 1 Libredwg | 2024-11-21 | 7.8 High |
| LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the function decode_preR13_section at decode_r11.c. | ||||
| CVE-2022-32962 | 1 Hinet | 1 Hicos Natural Person Credential Component Client | 2024-11-21 | 6.8 Medium |
| HiCOS’ client-side citizen certificate component has a double free vulnerability. An unauthenticated physical attacker can exploit this vulnerability to corrupt memory and execute arbitrary code, manipulate system data or terminate service. | ||||
| CVE-2022-32746 | 2 Redhat, Samba | 2 Enterprise Linux, Samba | 2024-11-21 | 5.4 Medium |
| A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module, resulting in a use-after-free issue. This issue is only possible when modifying certain privileged attributes, such as userAccountControl. | ||||
| CVE-2022-32414 | 1 F5 | 1 Njs | 2024-11-21 | 5.5 Medium |
| Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_vmcode_interpreter at src/njs_vmcode.c. | ||||
| CVE-2022-32317 | 1 Mplayerhq | 1 Mplayer | 2024-11-21 | 5.5 Medium |
| The MPlayer Project v1.5 was discovered to contain a heap use-after-free resulting in a double free in the preinit function at libvo/vo_v4l2.c. This vulnerability can lead to a Denial of Service (DoS) via a crafted file. The device=strdup statement is not executed on every call. Note: This has been disputed by third parties as invalid and not reproduceable. | ||||
| CVE-2022-32293 | 2 Debian, Intel | 2 Debian Linux, Connman | 2024-11-21 | 8.1 High |
| In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a use-after-free in WISPR handling, leading to crashes or code execution. | ||||
| CVE-2022-32250 | 5 Debian, Fedoraproject, Linux and 2 more | 20 Debian Linux, Fedora, Linux Kernel and 17 more | 2024-11-21 | 7.8 High |
| net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free. | ||||
| CVE-2022-32091 | 4 Debian, Fedoraproject, Mariadb and 1 more | 5 Debian Linux, Fedora, Mariadb and 2 more | 2024-11-21 | 7.5 High |
| MariaDB v10.7 was discovered to contain an use-after-poison in in __interceptor_memset at /libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc. | ||||
| CVE-2022-32081 | 3 Fedoraproject, Mariadb, Redhat | 4 Fedora, Mariadb, Enterprise Linux and 1 more | 2024-11-21 | 7.5 High |
| MariaDB v10.4 to v10.7 was discovered to contain an use-after-poison in prepare_inplace_add_virtual at /storage/innobase/handler/handler0alter.cc. | ||||
| CVE-2022-31614 | 1 Nvidia | 1 Virtual Gpu | 2024-11-21 | 7 High |
| NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin) where it may double-free some resources. An attacker may exploit this vulnerability with other vulnerabilities to cause denial of service, code execution, and information disclosure. | ||||
| CVE-2022-31307 | 1 F5 | 1 Njs | 2024-11-21 | 5.5 Medium |
| Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_string_offset at src/njs_string.c. | ||||
| CVE-2022-31306 | 1 F5 | 1 Njs | 2024-11-21 | 5.5 Medium |
| Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_array_convert_to_slow_array at src/njs_array.c. | ||||
| CVE-2022-31291 | 2 Debian, Genivi | 2 Debian Linux, Diagnostic Log And Trace | 2024-11-21 | 7.5 High |
| An issue in dlt_config_file_parser.c of dlt-daemon v2.18.8 allows attackers to cause a double free via crafted TCP packets. | ||||
| CVE-2022-30065 | 2 Busybox, Siemens | 13 Busybox, Scalance Sc622-2c, Scalance Sc622-2c Firmware and 10 more | 2024-11-21 | 7.8 High |
| A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function. | ||||
| CVE-2022-2982 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2024-11-21 | 7.8 High |
| Use After Free in GitHub repository vim/vim prior to 9.0.0260. | ||||
| CVE-2022-2978 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-11-21 | 7.8 High |
| A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentially escalate their privileges on the system. | ||||
| CVE-2022-2977 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 7.8 High |
| A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after-free and create a situation where it may be possible to escalate privileges on the system. | ||||
| CVE-2022-2961 | 3 Fedoraproject, Linux, Netapp | 12 Fedora, Linux Kernel, H300s and 9 more | 2024-11-21 | 7.0 High |
| A use-after-free flaw was found in the Linux kernel’s PLP Rose functionality in the way a user triggers a race condition by calling bind while simultaneously triggering the rose_bind() function. This flaw allows a local user to crash or potentially escalate their privileges on the system. | ||||
| CVE-2022-2959 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Eus | 2024-11-21 | 7.0 High |
| A race condition was found in the Linux kernel's watch queue due to a missing lock in pipe_resize_ring(). The specific flaw exists within the handling of pipe buffers. The issue results from the lack of proper locking when performing operations on an object. This flaw allows a local user to crash the system or escalate their privileges on the system. | ||||