Total
5965 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-4921 | 3 Debian, Linux, Redhat | 10 Debian Linux, Linux Kernel, Enterprise Linux and 7 more | 2025-02-13 | 7.8 High |
| A use-after-free vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. When the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfq_dequeue() due to the incorrect .peek handler of sch_plug and lack of error checking in agg_dequeue(). We recommend upgrading past commit 8fc134fee27f2263988ae38920bc03da416b03d8. | ||||
| CVE-2023-4622 | 3 Debian, Linux, Redhat | 9 Debian Linux, Linux Kernel, Enterprise Linux and 6 more | 2025-02-13 | 7.8 High |
| A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation. The unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. Thus there is a race where unix_stream_sendpage() could access an skb locklessly that is being released by garbage collection, resulting in use-after-free. We recommend upgrading past commit 790c2f9d15b594350ae9bca7b236f2b1859de02c. | ||||
| CVE-2023-46246 | 1 Vim | 1 Vim | 2025-02-13 | 4 Medium |
| Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function `ga_grow_inner` in in the file `src/alloc.c` at line 748, which is freed in the file `src/ex_docmd.c` in the function `do_cmdline` at line 1010 and then used again in `src/cmdhist.c` at line 759. When using the `:history` command, it's possible that the provided argument overflows the accepted value. Causing an Integer Overflow and potentially later an use-after-free. This vulnerability has been patched in version 9.0.2068. | ||||
| CVE-2024-6293 | 3 Fedoraproject, Google, Microsoft | 3 Fedora, Chrome, Windows | 2025-02-13 | 7.5 High |
| Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-6292 | 3 Fedoraproject, Google, Microsoft | 3 Fedora, Chrome, Windows | 2025-02-13 | 8.8 High |
| Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-6291 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-02-13 | 7.5 High |
| Use after free in Swiftshader in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-6290 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-02-13 | 7.5 High |
| Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-6103 | 1 Google | 1 Chrome | 2025-02-13 | 8.8 High |
| Use after free in Dawn in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-5847 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-02-13 | 8.8 High |
| Use after free in PDFium in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium) | ||||
| CVE-2024-5846 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-02-13 | 8.8 High |
| Use after free in PDFium in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium) | ||||
| CVE-2024-5845 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-02-13 | 8.8 High |
| Use after free in Audio in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium) | ||||
| CVE-2024-5842 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-02-13 | 7.5 High |
| Use after free in Browser UI in Google Chrome prior to 126.0.6478.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2024-5841 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-02-13 | 8.8 High |
| Use after free in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2024-5832 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-02-13 | 8.8 High |
| Use after free in Dawn in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-5831 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-02-13 | 8.8 High |
| Use after free in Dawn in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-5498 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-02-13 | 5.4 Medium |
| Use after free in Presentation API in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-5496 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-02-13 | 8.8 High |
| Use after free in Media Session in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-5495 | 3 Fedoraproject, Google, Microsoft | 3 Fedora, Chrome, Windows | 2025-02-13 | 7.5 High |
| Use after free in Dawn in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-5494 | 3 Fedoraproject, Google, Microsoft | 3 Fedora, Chrome, Windows | 2025-02-13 | 8.8 High |
| Use after free in Dawn in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-5157 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-02-13 | 8.8 High |
| Use after free in Scheduling in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||||