Total
6346 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-22615 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2024-11-21 | 7.8 High |
| A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, Security Update 2022-003 Catalina, watchOS 8.5, macOS Monterey 12.3. An application may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2022-22614 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2024-11-21 | 7.8 High |
| A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, Security Update 2022-003 Catalina, watchOS 8.5, macOS Monterey 12.3. An application may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2022-22590 | 3 Apple, Redhat, Webkitgtk | 9 Ipados, Iphone Os, Macos and 6 more | 2024-11-21 | 8.8 High |
| A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2022-22533 | 1 Sap | 1 Netweaver Application Server Java | 2024-11-21 | 7.5 High |
| Due to improper error handling in SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, an attacker could submit multiple HTTP server requests resulting in errors, such that it consumes the memory buffer. This could result in system shutdown rendering the system unavailable. | ||||
| CVE-2022-22260 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 9.1 Critical |
| The kernel module has a UAF vulnerability.Successful exploitation of this vulnerability will affect data integrity and availability. | ||||
| CVE-2022-22252 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 7.5 High |
| The DFX module has a UAF vulnerability.Successful exploitation of this vulnerability may affect system stability. | ||||
| CVE-2022-22207 | 1 Juniper | 18 Junos, Mx10, Mx10000 and 15 more | 2024-11-21 | 7.5 High |
| A Use After Free vulnerability in the Advanced Forwarding Toolkit (AFT) manager process (aftmand) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a kernel crash due to intensive polling of Abstracted Fabric (AF) interface statistics and thereby a Denial of Service (DoS). Continued gathering of AF interface statistics will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS on MX Series: 20.1 versions later than 20.1R1; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S4; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2; 21.2 versions prior to 21.2R2. | ||||
| CVE-2022-22097 | 1 Qualcomm | 16 Qcs410, Qcs410 Firmware, Qcs610 and 13 more | 2024-11-21 | 8.4 High |
| Memory corruption in graphic driver due to use after free while calling multiple threads application to driver. in Snapdragon Consumer IOT | ||||
| CVE-2022-22095 | 1 Qualcomm | 98 Apq8053, Apq8053 Firmware, Msm8953 and 95 more | 2024-11-21 | 8.4 High |
| Memory corruption in synx driver due to use-after-free condition in the synx driver due to accessing object handles without acquiring lock in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | ||||
| CVE-2022-22092 | 1 Qualcomm | 105 Ar8035, Ar8035 Firmware, Qca6390 and 102 more | 2024-11-21 | 7.8 High |
| Memory corruption in kernel due to use after free issue in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | ||||
| CVE-2022-22090 | 1 Qualcomm | 45 Sd865 5g, Sd865 5g Firmware, Sd888 5g and 42 more | 2024-11-21 | 8.4 High |
| Memory corruption in audio due to use after free while managing buffers from internal cache in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile | ||||
| CVE-2022-22068 | 1 Qualcomm | 232 Apq8053, Apq8053 Firmware, Aqt1000 and 229 more | 2024-11-21 | 8.4 High |
| kernel event may contain unexpected content which is not generated by NPU software in asynchronous execution mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | ||||
| CVE-2022-21745 | 2 Google, Mediatek | 44 Android, Mt6761, Mt6762 and 41 more | 2024-11-21 | 8.8 High |
| In WIFI Firmware, there is a possible memory corruption due to a use after free. This could lead to remote escalation of privilege, when devices are connecting to the attacker-controllable Wi-Fi hotspot, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06468872; Issue ID: ALPS06468872. | ||||
| CVE-2022-21504 | 1 Oracle | 1 Linux | 2024-11-21 | 5.5 Medium |
| The code in UEK6 U3 was missing an appropiate file descriptor count to be missing. This resulted in a use count error that allowed a file descriptor to a socket to be closed and freed while it was still in use by another portion of the kernel. An attack with local access can operate on the socket, and cause a denial of service. CVSS 3.1 Base Score 5.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). | ||||
| CVE-2022-20421 | 2 Debian, Google | 2 Debian Linux, Android | 2024-11-21 | 7.8 High |
| In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239630375References: Upstream kernel | ||||
| CVE-2022-20409 | 1 Google | 1 Android | 2024-11-21 | 6.7 Medium |
| In io_identity_cow of io_uring.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238177383References: Upstream kernel | ||||
| CVE-2022-20379 | 1 Google | 1 Android | 2024-11-21 | 6.7 Medium |
| In lwis_buffer_alloc of lwis_buffer.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-209436980References: N/A | ||||
| CVE-2022-20372 | 1 Google | 1 Android | 2024-11-21 | 6.7 Medium |
| In exynos5_i2c_irq of (TBD), there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-195480799References: N/A | ||||
| CVE-2022-20325 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In Media, there is a possible code execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-186473060 | ||||
| CVE-2022-20306 | 1 Google | 1 Android | 2024-11-21 | 6.7 Medium |
| In Camera Provider HAL, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-199680794 | ||||