Total
6333 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-47075 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2024-11-21 | 7.8 High |
| Adobe Illustrator versions 28.0 (and earlier) and 27.9 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-47055 | 3 Adobe, Apple, Microsoft | 3 Premiere Pro, Macos, Windows | 2024-11-21 | 7.8 High |
| Adobe Premiere Pro version 24.0 (and earlier) and 23.6 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-46769 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.5 High |
| Use-After-Free (UAF) vulnerability in the dubai module. Successful exploitation of this vulnerability will affect availability. | ||||
| CVE-2023-46768 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.5 High |
| Multi-thread vulnerability in the idmap module. Successful exploitation of this vulnerability may cause features to perform abnormally. | ||||
| CVE-2023-46751 | 2 Artifex, Redhat | 2 Ghostscript, Enterprise Linux | 2024-11-21 | 7.5 High |
| An issue was discovered in the function gdev_prn_open_printer_seekable() in Artifex Ghostscript through 10.02.0 allows remote attackers to crash the application via a dangling pointer. | ||||
| CVE-2023-46362 | 1 Jbig2enc Project | 1 Jbig2enc | 2024-11-21 | 5.5 Medium |
| jbig2enc v0.28 was discovered to contain a heap-use-after-free via jbig2enc_auto_threshold_using_hash in src/jbig2enc.cc. | ||||
| CVE-2023-46156 | 1 Siemens | 145 Simatic Drive Controller Cpu 1504d Tf, Simatic Drive Controller Cpu 1504d Tf Firmware, Simatic Drive Controller Cpu 1507d Tf and 142 more | 2024-11-21 | 7.5 High |
| Affected devices improperly handle specially crafted packets sent to port 102/tcp. This could allow an attacker to create a denial of service condition. A restart is needed to restore normal operations. | ||||
| CVE-2023-45322 | 1 Xmlsoft | 1 Libxml2 | 2024-11-21 | 6.5 Medium |
| libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. NOTE: the vendor's position is "I don't think these issues are critical enough to warrant a CVE ID ... because an attacker typically can't control when memory allocations fail." | ||||
| CVE-2023-44361 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-11-21 | 5.5 Medium |
| Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-44336 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-11-21 | 7.8 High |
| Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-44328 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2024-11-21 | 5.5 Medium |
| Adobe Bridge versions 13.0.4 (and earlier) and 14.0.0 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-44323 | 1 Microsoft | 1 Edge Chromium | 2024-11-21 | 5.5 Medium |
| Adobe Acrobat for Edge version 118.0.2088.46 (and earlier) is affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-44095 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.5 High |
| Use-After-Free (UAF) vulnerability in the surfaceflinger module.Successful exploitation of this vulnerability can cause system crash. | ||||
| CVE-2023-42892 | 1 Apple | 1 Macos | 2024-11-21 | 7.8 High |
| A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.6.3, macOS Sonoma 14.2, macOS Monterey 12.7.2. A local attacker may be able to elevate their privileges. | ||||
| CVE-2023-42870 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-11-21 | 7.8 High |
| A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Sonoma 14, iOS 17 and iPadOS 17. An app may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2023-42722 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | 6.7 Medium |
| In camera service, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed | ||||
| CVE-2023-42482 | 1 Samsung | 2 Exynos 2200, Exynos 2200 Firmware | 2024-11-21 | 4.7 Medium |
| Samsung Mobile Processor Exynos 2200 allows a GPU Use After Free. | ||||
| CVE-2023-42365 | 1 Busybox | 1 Busybox | 2024-11-21 | 5.5 Medium |
| A use-after-free vulnerability was discovered in BusyBox v.1.36.1 via a crafted awk pattern in the awk.c copyvar function. | ||||
| CVE-2023-42364 | 1 Busybox | 1 Busybox | 2024-11-21 | 5.5 Medium |
| A use-after-free vulnerability in BusyBox v.1.36.1 allows attackers to cause a denial of service via a crafted awk pattern in the awk.c evaluate function. | ||||
| CVE-2023-42363 | 1 Busybox | 1 Busybox | 2024-11-21 | 5.5 Medium |
| A use-after-free vulnerability was discovered in xasprintf function in xfuncs_printf.c:344 in BusyBox v.1.36.1. | ||||