Vulnerabilities > Use After Free
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-09 | CVE-2022-43552 | Use After Free vulnerability in multiple products A use after free vulnerability exists in curl <7.87.0. | 5.9 |
| 2023-02-08 | CVE-2023-0215 | Use After Free vulnerability in multiple products The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. | 7.5 |
| 2023-02-07 | CVE-2023-0699 | Use After Free vulnerability in Google Chrome Use after free in GPU in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page and browser shutdown. | 8.8 |
| 2023-02-06 | CVE-2023-20608 | Use After Free vulnerability in Google Android 11.0/12.0/13.0 In display drm, there is a possible use after free due to a race condition. | 6.4 |
| 2023-02-02 | CVE-2023-25012 | Use After Free vulnerability in Linux Kernel The Linux kernel through 6.1.9 has a Use-After-Free in bigben_remove in drivers/hid/hid-bigbenff.c via a crafted USB device because the LED controllers remain registered for too long. | 4.6 |
| 2023-01-30 | CVE-2023-0240 | Use After Free vulnerability in Linux Kernel There is a logic error in io_uring's implementation which can be used to trigger a use-after-free vulnerability leading to privilege escalation. In the io_prep_async_work function the assumption that the last io_grab_identity call cannot return false is not true, and in this case the function will use the init_cred or the previous linked requests identity to do operations instead of using the current identity. | 7.8 |
| 2023-01-30 | CVE-2023-0266 | Use After Free vulnerability in Linux Kernel A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. | 7.8 |
| 2023-01-30 | CVE-2023-0471 | Use After Free vulnerability in Google Chrome Use after free in WebTransport in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2023-01-30 | CVE-2023-0472 | Use After Free vulnerability in Google Chrome Use after free in WebRTC in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2023-01-30 | CVE-2023-0474 | Use After Free vulnerability in Google Chrome Use after free in GuestView in Google Chrome prior to 109.0.5414.119 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a Chrome web app. | 8.8 |