• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-416

CVE-2022-3198

February 23, 2023 by godfreyd94

Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)

CVE-2022-3176

February 23, 2023 by godfreyd94

There exists a use-after-free in io_uring in the Linux kernel. Signalfd_poll() and binder_poll() use a waitqueue whose lifetime is the current task. It will send a POLLFREE notification to all waiters before the queue is freed. Unfortunately, the io_uring poll doesn’t handle POLLFREE. This allows a use-after-free to occur if a signalfd or binder fd is polled with io_uring poll, and the waitqueue gets freed. We recommend upgrading past commit fc78b2fc21f10c4c9c4d5d659a685710ffa63659

CVE-2022-3134

February 23, 2023 by godfreyd94

Use After Free in GitHub repository vim/vim prior to 9.0.0389.

CVE-2022-31306

February 23, 2023 by godfreyd94

Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_array_convert_to_slow_array at src/njs_array.c.

CVE-2022-31307

February 23, 2023 by godfreyd94

Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_string_offset at src/njs_string.c.

CVE-2022-31146

February 23, 2023 by godfreyd94

Wasmtime is a standalone runtime for WebAssembly. There is a bug in the Wasmtime’s code generator, Cranelift, where functions using reference types may be incorrectly missing metadata required for runtime garbage collection. This means that if a GC happens at runtime then the GC pass will mistakenly think these functions do not have live references to GC’d values, reclaiming them and deallocating them. The function will then subsequently continue to use the values assuming they had not been GC’d, leading later to a use-after-free. This bug was introduced in the migration to the `regalloc2` register allocator that occurred in the Wasmtime 0.37.0 release on 2022-05-20. This bug has been patched and users should upgrade to Wasmtime version 0.38.2. Mitigations for this issue can be achieved by disabling the reference types proposal by passing `false` to `wasmtime::Config::wasm_reference_types` or downgrading to Wasmtime 0.36.0 or prior.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 360
  • Go to page 361
  • Go to page 362
  • Go to page 363
  • Go to page 364
  • Interim pages omitted …
  • Go to page 436
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE