Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2017-0727

Summary
Assigner-google_android
Assigner Org ID-baff130e-b8d5-4e15-b3d3-c3cf5d5545c6
Published At-09 Aug, 2017 | 21:00
Updated At-17 Sep, 2024 | 01:01
Rejected At-
Credits

A elevation of privilege vulnerability in the Android media framework (libgui). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-33004354.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:google_android
Assigner Org ID:baff130e-b8d5-4e15-b3d3-c3cf5d5545c6
Published At:09 Aug, 2017 | 21:00
Updated At:17 Sep, 2024 | 01:01
Rejected At:
▼CVE Numbering Authority (CNA)

A elevation of privilege vulnerability in the Android media framework (libgui). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-33004354.

Affected Products
Vendor
Google LLCGoogle Inc.
Product
Android
Versions
Affected
  • 7.0
  • 7.1.1
  • 7.1.2
Problem Types
TypeCWE IDDescription
textN/AElevation of privilege
Type: text
CWE ID: N/A
Description: Elevation of privilege
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/bid/100204
vdb-entry
x_refsource_BID
https://source.android.com/security/bulletin/2017-08-01
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/bid/100204
Resource:
vdb-entry
x_refsource_BID
Hyperlink: https://source.android.com/security/bulletin/2017-08-01
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/bid/100204
vdb-entry
x_refsource_BID
x_transferred
https://source.android.com/security/bulletin/2017-08-01
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/bid/100204
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: https://source.android.com/security/bulletin/2017-08-01
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security@android.com
Published At:09 Aug, 2017 | 21:29
Updated At:20 Apr, 2025 | 01:37

A elevation of privilege vulnerability in the Android media framework (libgui). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-33004354.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.07.8HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary2.06.8MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.0
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 6.8
Base severity: MEDIUM
Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P
CPE Matches
Google LLC
google
>>android>>7.0
cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*
Google LLC
google
>>android>>7.1.0
cpe:2.3:o:google:android:7.1.0:*:*:*:*:*:*:*
Google LLC
google
>>android>>7.1.1
cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:*
Google LLC
google
>>android>>7.1.2
cpe:2.3:o:google:android:7.1.2:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-362Primarynvd@nist.gov
CWE-416Primarynvd@nist.gov
CWE ID: CWE-362
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-416
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.securityfocus.com/bid/100204security@android.com
Third Party Advisory
VDB Entry
https://source.android.com/security/bulletin/2017-08-01security@android.com
Patch
Vendor Advisory
http://www.securityfocus.com/bid/100204af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
https://source.android.com/security/bulletin/2017-08-01af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/100204
Source: security@android.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://source.android.com/security/bulletin/2017-08-01
Source: security@android.com
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/100204
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://source.android.com/security/bulletin/2017-08-01
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

3947Records found
CVE-2011-1440
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-2.48% / 84.67%
||
7 Day CHG~0.00%
Published-03 May, 2011 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the ruby element and Cascading Style Sheets (CSS) token sequences.

Action-Not Available
Vendor-n/aApple Inc.Debian GNU/LinuxGoogle LLC
Product-debian_linuxitunessafarichromen/a
CWE ID-CWE-416
Use After Free
CVE-2011-1449
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-2.34% / 84.23%
||
7 Day CHG~0.00%
Published-03 May, 2011 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in the WebSockets implementation in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Action-Not Available
Vendor-n/aGoogle LLCApple Inc.
Product-iphone_ositunessafarichromen/a
CWE ID-CWE-416
Use After Free
CVE-2011-0784
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-1.72% / 81.64%
||
7 Day CHG~0.00%
Published-04 Feb, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition in Google Chrome before 9.0.597.84 allows remote attackers to execute arbitrary code via vectors related to audio.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2011-1444
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.69% / 70.88%
||
7 Day CHG~0.00%
Published-03 May, 2011 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition in the sandbox launcher implementation in Google Chrome before 11.0.696.57 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxGoogle LLC
Product-linux_kerneldebian_linuxchromen/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2011-1305
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.32% / 53.97%
||
7 Day CHG~0.00%
Published-03 May, 2011 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition in Google Chrome before 11.0.696.57 on Linux and Mac OS X allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to linked lists and a database.

Action-Not Available
Vendor-n/aApple Inc.Linux Kernel Organization, IncGoogle LLC
Product-linux_kernelmacoschromen/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2017-15849
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.10% / 27.53%
||
7 Day CHG~0.00%
Published-10 Jan, 2018 | 19:00
Updated-17 Sep, 2024 | 02:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a LayerStack can be destroyed in between Validate and Commit by the application resulting in a Use After Free condition.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-416
Use After Free
CVE-2017-15410
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.94% / 75.24%
||
7 Day CHG~0.00%
Published-28 Aug, 2018 | 19:00
Updated-05 Aug, 2024 | 19:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in PDFium in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

Action-Not Available
Vendor-n/aRed Hat, Inc.Google LLCDebian GNU/Linux
Product-enterprise_linux_serverdebian_linuxchromeenterprise_linux_workstationenterprise_linux_desktopGoogle Chrome prior to 63.0.3239.84 unknown
CWE ID-CWE-416
Use After Free
CVE-2017-15411
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.94% / 75.24%
||
7 Day CHG~0.00%
Published-28 Aug, 2018 | 19:00
Updated-05 Aug, 2024 | 19:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in PDFium in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

Action-Not Available
Vendor-n/aRed Hat, Inc.Google LLCDebian GNU/Linux
Product-enterprise_linux_serverdebian_linuxchromeenterprise_linux_workstationenterprise_linux_desktopGoogle Chrome prior to 63.0.3239.84 unknown
CWE ID-CWE-416
Use After Free
CVE-2019-13686
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.36% / 57.10%
||
7 Day CHG~0.00%
Published-25 Nov, 2019 | 14:22
Updated-04 Aug, 2024 | 23:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in offline mode in Google Chrome prior to 77.0.3865.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Google LLC
Product-chromeChrome
CWE ID-CWE-416
Use After Free
CVE-2010-1772
Matching Score-10
Assigner-Apple Inc.
ShareView Details
Matching Score-10
Assigner-Apple Inc.
CVSS Score-8.8||HIGH
EPSS-1.99% / 82.88%
||
7 Day CHG~0.00%
Published-24 Sep, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in page/Geolocation.cpp in WebCore in WebKit before r59859, as used in Google Chrome before 5.0.375.70, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site, related to failure to stop timers associated with geolocation upon deletion of a document.

Action-Not Available
Vendor-n/aCanonical Ltd.Google LLCFedora ProjectRed Hat, Inc.openSUSE
Product-ubuntu_linuxenterprise_linuxopensusefedorachromen/a
CWE ID-CWE-416
Use After Free
CVE-2021-4102
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-3.86% / 87.75%
||
7 Day CHG~0.00%
Published-11 Feb, 2022 | 22:55
Updated-30 Jul, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2021-12-29||Apply updates per vendor instructions.

Use after free in V8 in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Google LLC
Product-chromeChromeChromium V8
CWE ID-CWE-416
Use After Free
CVE-2021-4099
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.78% / 72.83%
||
7 Day CHG~0.00%
Published-11 Feb, 2022 | 22:55
Updated-03 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Google LLC
Product-chromeChrome
CWE ID-CWE-416
Use After Free
CVE-2021-4067
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-1.96% / 82.74%
||
7 Day CHG~0.00%
Published-23 Dec, 2021 | 00:45
Updated-03 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in window manager in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Fedora ProjectGoogle LLCDebian GNU/Linux
Product-chromedebian_linuxfedoraChrome
CWE ID-CWE-416
Use After Free
CVE-2018-6085
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-2.54% / 84.88%
||
7 Day CHG~0.00%
Published-04 Dec, 2018 | 17:00
Updated-05 Aug, 2024 | 05:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Re-entry of a destructor in Networking Disk Cache in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page.

Action-Not Available
Vendor-Red Hat, Inc.Google LLCDebian GNU/Linux
Product-debian_linuxchromelinux_workstationlinux_serverlinux_desktopChrome
CWE ID-CWE-416
Use After Free
CVE-2020-0303
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-8.8||HIGH
EPSS-0.37% / 58.16%
||
7 Day CHG~0.00%
Published-17 Sep, 2020 | 20:51
Updated-04 Aug, 2024 | 05:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Media extractor, there is a possible use after free due to improper locking. This could lead to remote code execution in the media extractor with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-148223229

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-667
Improper Locking
CVE-2018-20066
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.38% / 58.47%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 19:00
Updated-05 Aug, 2024 | 11:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect object lifecycle in Extensions in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Google LLC
Product-chromeChrome
CWE ID-CWE-416
Use After Free
CVE-2021-37973
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-9.6||CRITICAL
EPSS-19.20% / 95.13%
||
7 Day CHG~0.00%
Published-08 Oct, 2021 | 21:40
Updated-30 Jul, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2021-11-17||Apply updates per vendor instructions.

Use after free in Portals in Google Chrome prior to 94.0.4606.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

Action-Not Available
Vendor-Fedora ProjectDebian GNU/LinuxGoogle LLC
Product-fedoradebian_linuxchromeChromeChromium Portals
CWE ID-CWE-416
Use After Free
CVE-2021-37961
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.64% / 69.55%
||
7 Day CHG~0.00%
Published-08 Oct, 2021 | 21:30
Updated-04 Aug, 2024 | 01:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Tab Strip in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Fedora ProjectGoogle LLCDebian GNU/Linux
Product-chromedebian_linuxfedoraChrome
CWE ID-CWE-416
Use After Free
CVE-2021-37987
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-1.41% / 79.73%
||
7 Day CHG~0.00%
Published-02 Nov, 2021 | 21:05
Updated-04 Aug, 2024 | 01:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Network APIs in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Google LLCDebian GNU/Linux
Product-chromedebian_linuxChrome
CWE ID-CWE-416
Use After Free
CVE-2021-38006
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-1.21% / 78.15%
||
7 Day CHG~0.00%
Published-23 Dec, 2021 | 00:05
Updated-04 Aug, 2024 | 01:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Fedora ProjectGoogle LLCDebian GNU/Linux
Product-chromedebian_linuxfedoraChrome
CWE ID-CWE-416
Use After Free
CVE-2021-37962
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.59% / 68.14%
||
7 Day CHG~0.00%
Published-08 Oct, 2021 | 21:30
Updated-04 Aug, 2024 | 01:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Performance Manager in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Fedora ProjectGoogle LLCDebian GNU/Linux
Product-chromedebian_linuxfedoraChrome
CWE ID-CWE-416
Use After Free
CVE-2021-38005
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-1.42% / 79.79%
||
7 Day CHG~0.00%
Published-23 Dec, 2021 | 00:05
Updated-04 Aug, 2024 | 01:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in loader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Fedora ProjectGoogle LLCDebian GNU/Linux
Product-chromedebian_linuxfedoraChrome
CWE ID-CWE-416
Use After Free
CVE-2021-37977
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.77% / 72.50%
||
7 Day CHG~0.00%
Published-02 Nov, 2021 | 20:25
Updated-04 Aug, 2024 | 01:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Garbage Collection in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Fedora ProjectGoogle LLCDebian GNU/Linux
Product-chromedebian_linuxfedoraChrome
CWE ID-CWE-416
Use After Free
CVE-2021-37983
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-1.31% / 78.97%
||
7 Day CHG~0.00%
Published-02 Nov, 2021 | 21:05
Updated-04 Aug, 2024 | 01:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Dev Tools in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Google LLCDebian GNU/Linux
Product-chromedebian_linuxChrome
CWE ID-CWE-416
Use After Free
CVE-2021-38008
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-1.98% / 82.86%
||
7 Day CHG~0.00%
Published-23 Dec, 2021 | 00:05
Updated-04 Aug, 2024 | 01:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in media in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Fedora ProjectGoogle LLCDebian GNU/Linux
Product-chromedebian_linuxfedoraChrome
CWE ID-CWE-416
Use After Free
CVE-2021-37975
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-56.10% / 98.01%
||
7 Day CHG~0.00%
Published-08 Oct, 2021 | 00:00
Updated-30 Jul, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2021-11-17||Apply updates per vendor instructions.

Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Fedora ProjectDebian GNU/LinuxGoogle LLC
Product-chromedebian_linuxfedoraChromeChromium V8
CWE ID-CWE-416
Use After Free
CVE-2021-37993
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-1.41% / 79.73%
||
7 Day CHG~0.00%
Published-02 Nov, 2021 | 21:05
Updated-04 Aug, 2024 | 01:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in PDF Accessibility in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Google LLCDebian GNU/Linux
Product-chromedebian_linuxChrome
CWE ID-CWE-416
Use After Free
CVE-2019-13720
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-90.36% / 99.58%
||
7 Day CHG~0.00%
Published-25 Nov, 2019 | 14:22
Updated-30 Jul, 2025 | 01:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-06-13||Apply updates per vendor instructions.

Use after free in WebAudio in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-openSUSEGoogle LLC
Product-leapchromeChromeChrome WebAudio
CWE ID-CWE-416
Use After Free
CVE-2020-15993
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-9.8||CRITICAL
EPSS-0.97% / 75.66%
||
7 Day CHG~0.00%
Published-03 Nov, 2020 | 02:21
Updated-04 Aug, 2024 | 13:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in printing in Google Chrome prior to 86.0.4240.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Google LLC
Product-chromeandroidChrome
CWE ID-CWE-416
Use After Free
CVE-2020-16001
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-1.91% / 82.53%
||
7 Day CHG~0.00%
Published-03 Nov, 2020 | 02:21
Updated-04 Aug, 2024 | 13:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in media in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Google LLCopenSUSEFedora ProjectDebian GNU/Linux
Product-chromedebian_linuxfedorabackports_sleChrome
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-11092
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 26.03%
||
7 Day CHG~0.00%
Published-16 Nov, 2017 | 22:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the KGSL driver function kgsl_ioctl_gpu_command, a Use After Free condition can potentially occur.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-416
Use After Free
CVE-2017-0794
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.95%
||
7 Day CHG~0.00%
Published-08 Sep, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A elevation of privilege vulnerability in the Upstream kernel scsi driver. Product: Android. Versions: Android kernel. Android ID: A-35644812.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2016-7872
Matching Score-10
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-10
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-3.81% / 87.65%
||
7 Day CHG~0.00%
Published-15 Dec, 2016 | 06:31
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class related to objects at multiple presentation levels. Successful exploitation could lead to arbitrary code execution.

Action-Not Available
Vendor-n/aAdobe Inc.Linux Kernel Organization, IncGoogle LLCApple Inc.Microsoft Corporation
Product-flash_playerchrome_oslinux_kernelflash_player_desktop_runtimewindowswindows_8.1mac_os_xwindows_10Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier
CWE ID-CWE-416
Use After Free
CVE-2016-7879
Matching Score-10
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-10
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-3.81% / 87.65%
||
7 Day CHG~0.00%
Published-15 Dec, 2016 | 06:31
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the NetConnection class when handling an attached script object. Successful exploitation could lead to arbitrary code execution.

Action-Not Available
Vendor-n/aAdobe Inc.Linux Kernel Organization, IncGoogle LLCApple Inc.Microsoft Corporation
Product-flash_playerchrome_oslinux_kernelflash_player_desktop_runtimewindowswindows_8.1mac_os_xwindows_10Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier
CWE ID-CWE-416
Use After Free
CVE-2016-7878
Matching Score-10
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-10
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-3.81% / 87.65%
||
7 Day CHG~0.00%
Published-15 Dec, 2016 | 06:31
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the PSDK's MediaPlayer class. Successful exploitation could lead to arbitrary code execution.

Action-Not Available
Vendor-n/aAdobe Inc.Linux Kernel Organization, IncGoogle LLCApple Inc.Microsoft Corporation
Product-flash_playerchrome_oslinux_kernelflash_player_desktop_runtimewindowswindows_8.1mac_os_xwindows_10Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier
CWE ID-CWE-416
Use After Free
CVE-2016-5211
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.54% / 66.73%
||
7 Day CHG~0.00%
Published-19 Jan, 2017 | 05:43
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use after free in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromeGoogle Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android
CWE ID-CWE-416
Use After Free
CVE-2016-5203
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.54% / 66.73%
||
7 Day CHG~0.00%
Published-19 Jan, 2017 | 05:43
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use after free in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromeGoogle Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android
CWE ID-CWE-416
Use After Free
CVE-2016-5219
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-6.3||MEDIUM
EPSS-0.53% / 66.40%
||
7 Day CHG~0.00%
Published-19 Jan, 2017 | 05:43
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A heap use after free in V8 in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromeGoogle Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android
CWE ID-CWE-416
Use After Free
CVE-2022-0609
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-64.27% / 98.37%
||
7 Day CHG~0.00%
Published-04 Apr, 2022 | 23:55
Updated-30 Jul, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-01||Apply updates per vendor instructions.

Use after free in Animation in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Google LLC
Product-chromeChromeChromium Animation
CWE ID-CWE-416
Use After Free
CVE-2016-5216
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-6.3||MEDIUM
EPSS-0.49% / 64.62%
||
7 Day CHG~0.00%
Published-19 Jan, 2017 | 05:43
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use after free in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromeGoogle Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android
CWE ID-CWE-416
Use After Free
CVE-2022-0794
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.62% / 69.19%
||
7 Day CHG~0.00%
Published-05 Apr, 2022 | 00:25
Updated-02 Aug, 2024 | 23:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in WebShare in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Google LLC
Product-chromeChrome
CWE ID-CWE-416
Use After Free
CVE-2022-0464
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.31% / 53.85%
||
7 Day CHG~0.00%
Published-05 Apr, 2022 | 00:51
Updated-02 Aug, 2024 | 23:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Accessibility in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction.

Action-Not Available
Vendor-Google LLC
Product-chromeChrome
CWE ID-CWE-416
Use After Free
CVE-2022-0452
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-9.6||CRITICAL
EPSS-0.32% / 53.98%
||
7 Day CHG~0.00%
Published-05 Apr, 2022 | 00:50
Updated-02 Aug, 2024 | 23:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Safe Browsing in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.

Action-Not Available
Vendor-Google LLC
Product-chromeChrome
CWE ID-CWE-416
Use After Free
CVE-2022-0798
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.21% / 44.09%
||
7 Day CHG~0.00%
Published-05 Apr, 2022 | 00:25
Updated-02 Aug, 2024 | 23:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in MediaStream in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.

Action-Not Available
Vendor-Linux Kernel Organization, IncGoogle LLCApple Inc.Microsoft Corporation
Product-chromewindowsmacoslinux_kernelChrome
CWE ID-CWE-416
Use After Free
CVE-2022-0808
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.75% / 72.17%
||
7 Day CHG~0.00%
Published-05 Apr, 2022 | 00:26
Updated-02 Aug, 2024 | 23:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in a series of user interaction to potentially exploit heap corruption via user interactions.

Action-Not Available
Vendor-Google LLC
Product-chromeChrome
CWE ID-CWE-416
Use After Free
CVE-2016-5215
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-6.3||MEDIUM
EPSS-0.49% / 64.62%
||
7 Day CHG~0.00%
Published-19 Jan, 2017 | 05:43
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use after free in webaudio in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromeGoogle Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android
CWE ID-CWE-416
Use After Free
CVE-2016-5136
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-1.96% / 82.75%
||
7 Day CHG~0.00%
Published-23 Jul, 2016 | 19:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in extensions/renderer/user_script_injector.cc in the Extensions subsystem in Google Chrome before 52.0.2743.82 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to script deletion.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CWE ID-CWE-416
Use After Free
CVE-2016-5127
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-2.31% / 84.12%
||
7 Day CHG~0.00%
Published-23 Jul, 2016 | 19:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in WebKit/Source/core/editing/VisibleUnits.cpp in Blink, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code involving an @import at-rule in a Cascading Style Sheets (CSS) token sequence in conjunction with a rel=import attribute of a LINK element.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CWE ID-CWE-416
Use After Free
CVE-2022-0458
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.29% / 52.30%
||
7 Day CHG~0.00%
Published-05 Apr, 2022 | 00:51
Updated-02 Aug, 2024 | 23:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Thumbnail Tab Strip in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Google LLC
Product-chromeChrome
CWE ID-CWE-416
Use After Free
CVE-2022-0459
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.54% / 66.59%
||
7 Day CHG~0.00%
Published-05 Apr, 2022 | 00:51
Updated-02 Aug, 2024 | 23:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Screen Capture in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who had compromised the renderer process and convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Google LLC
Product-chromeChrome
CWE ID-CWE-416
Use After Free
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 78
  • 79
  • Next
Details not found