Vulnerabilities (CVE)

Filtered by CWE-416
Total 5639 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-6705 1 Google 1 Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in WebRTC in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-6704 1 Google 1 Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in libavif in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted image file. (Chromium security severity: High)
CVE-2023-6703 1 Google 1 Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in Blink in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-6510 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in Media Capture in Google Chrome prior to 120.0.6099.62 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: Medium)
CVE-2023-6509 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in Side Panel Search in Google Chrome prior to 120.0.6099.62 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: High)
CVE-2023-6508 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in Media Stream in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-6351 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in libavif in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted avif file. (Chromium security severity: High)
CVE-2023-6350 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in libavif in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted avif file. (Chromium security severity: High)
CVE-2023-6346 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in WebAudio in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-6207 2 Debian, Mozilla 4 Debian Linux, Firefox, Firefox Esr and 1 more 2024-11-21 N/A 8.8 HIGH
Ownership mismanagement led to a use-after-free in ReadableByteStreams This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.
CVE-2023-6205 2 Debian, Mozilla 4 Debian Linux, Firefox, Firefox Esr and 1 more 2024-11-21 N/A 6.5 MEDIUM
It was possible to cause the use of a MessagePort after it had already been freed, which could potentially have led to an exploitable crash. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.
CVE-2023-6112 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in Navigation in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-6039 1 Linux 1 Linux Kernel 2024-11-21 N/A 5.5 MEDIUM
A use-after-free flaw was found in lan78xx_disconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the Linux Kernel. This flaw allows a local attacker to crash the system when the LAN78XX USB device detaches.
CVE-2023-5997 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in Garbage Collection in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-5996 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in WebAudio in Google Chrome prior to 119.0.6045.123 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-5728 2 Debian, Mozilla 4 Debian Linux, Firefox, Firefox Esr and 1 more 2024-11-21 N/A 7.5 HIGH
During garbage collection extra operations were performed on a object that should not be. This could have led to a potentially exploitable crash. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.
CVE-2023-5633 2 Linux, Redhat 22 Linux Kernel, Codeready Linux Builder, Codeready Linux Builder Eus and 19 more 2024-11-21 N/A 7.8 HIGH
The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user could potentially use this flaw to escalate their privileges.
CVE-2023-5574 2 Redhat, X.org 2 Enterprise Linux, X Server 2024-11-21 N/A 7.0 HIGH
A use-after-free flaw was found in xorg-x11-server-Xvfb. This issue occurs in Xvfb with a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode). If the pointer is warped from a screen 1 to a screen 0, a use-after-free issue may be triggered during shutdown or reset of the Xvfb server, allowing for possible escalation of privileges or denial of service.
CVE-2023-5535 2 Fedoraproject, Vim 2 Fedora, Vim 2024-11-21 N/A 7.8 HIGH
Use After Free in GitHub repository vim/vim prior to v9.0.2010.
CVE-2023-5473 2 Debian, Google 2 Debian Linux, Chrome 2024-11-21 N/A 6.3 MEDIUM
Use after free in Cast in Google Chrome prior to 118.0.5993.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)