Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-25358

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-02 Mar, 2023 | 00:00
Updated At-07 Mar, 2025 | 15:58
Rejected At-
Credits

A use-after-free vulnerability in WebCore::RenderLayer::addChild in WebKitGTK before 2.36.8 allows attackers to execute code remotely.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:02 Mar, 2023 | 00:00
Updated At:07 Mar, 2025 | 15:58
Rejected At:
▼CVE Numbering Authority (CNA)

A use-after-free vulnerability in WebCore::RenderLayer::addChild in WebKitGTK before 2.36.8 allows attackers to execute code remotely.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://bugs.webkit.org/show_bug.cgi?id=242683
N/A
http://www.openwall.com/lists/oss-security/2023/04/21/3
mailing-list
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QL5OGMSHRQ26FTYWZUXVNWB2VHOSVXK/
vendor-advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5OKKVEUQAAGH3NHMX3WHWKRPYU4QFKTQ/
vendor-advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KC7DMUX37BRCLAI4VPQYHDUVEGTNYN5A/
vendor-advisory
https://security.gentoo.org/glsa/202305-32
vendor-advisory
Hyperlink: https://bugs.webkit.org/show_bug.cgi?id=242683
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2023/04/21/3
Resource:
mailing-list
Hyperlink: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QL5OGMSHRQ26FTYWZUXVNWB2VHOSVXK/
Resource:
vendor-advisory
Hyperlink: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5OKKVEUQAAGH3NHMX3WHWKRPYU4QFKTQ/
Resource:
vendor-advisory
Hyperlink: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KC7DMUX37BRCLAI4VPQYHDUVEGTNYN5A/
Resource:
vendor-advisory
Hyperlink: https://security.gentoo.org/glsa/202305-32
Resource:
vendor-advisory
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://bugs.webkit.org/show_bug.cgi?id=242683
x_transferred
http://www.openwall.com/lists/oss-security/2023/04/21/3
mailing-list
x_transferred
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QL5OGMSHRQ26FTYWZUXVNWB2VHOSVXK/
vendor-advisory
x_transferred
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5OKKVEUQAAGH3NHMX3WHWKRPYU4QFKTQ/
vendor-advisory
x_transferred
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KC7DMUX37BRCLAI4VPQYHDUVEGTNYN5A/
vendor-advisory
x_transferred
https://security.gentoo.org/glsa/202305-32
vendor-advisory
x_transferred
Hyperlink: https://bugs.webkit.org/show_bug.cgi?id=242683
Resource:
x_transferred
Hyperlink: http://www.openwall.com/lists/oss-security/2023/04/21/3
Resource:
mailing-list
x_transferred
Hyperlink: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QL5OGMSHRQ26FTYWZUXVNWB2VHOSVXK/
Resource:
vendor-advisory
x_transferred
Hyperlink: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5OKKVEUQAAGH3NHMX3WHWKRPYU4QFKTQ/
Resource:
vendor-advisory
x_transferred
Hyperlink: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KC7DMUX37BRCLAI4VPQYHDUVEGTNYN5A/
Resource:
vendor-advisory
x_transferred
Hyperlink: https://security.gentoo.org/glsa/202305-32
Resource:
vendor-advisory
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-416CWE-416 Use After Free
Type: CWE
CWE ID: CWE-416
Description: CWE-416 Use After Free
Metrics
VersionBase scoreBase severityVector
3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:02 Mar, 2023 | 15:15
Updated At:07 Mar, 2025 | 16:15

A use-after-free vulnerability in WebCore::RenderLayer::addChild in WebKitGTK before 2.36.8 allows attackers to execute code remotely.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Secondary3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CPE Matches
webkitgtk
webkitgtk
>>webkitgtk>>Versions before 2.36.8(exclusive)
cpe:2.3:a:webkitgtk:webkitgtk:*:*:*:*:*:*:*:*
Fedora Project
fedoraproject
>>fedora>>38
cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-416Primarynvd@nist.gov
CWE-416Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-416
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-416
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.openwall.com/lists/oss-security/2023/04/21/3cve@mitre.org
Mailing List
https://bugs.webkit.org/show_bug.cgi?id=242683cve@mitre.org
Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5OKKVEUQAAGH3NHMX3WHWKRPYU4QFKTQ/cve@mitre.org
N/A
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QL5OGMSHRQ26FTYWZUXVNWB2VHOSVXK/cve@mitre.org
N/A
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KC7DMUX37BRCLAI4VPQYHDUVEGTNYN5A/cve@mitre.org
N/A
https://security.gentoo.org/glsa/202305-32cve@mitre.org
N/A
http://www.openwall.com/lists/oss-security/2023/04/21/3af854a3a-2127-422b-91ae-364da2661108
Mailing List
https://bugs.webkit.org/show_bug.cgi?id=242683af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5OKKVEUQAAGH3NHMX3WHWKRPYU4QFKTQ/af854a3a-2127-422b-91ae-364da2661108
N/A
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QL5OGMSHRQ26FTYWZUXVNWB2VHOSVXK/af854a3a-2127-422b-91ae-364da2661108
N/A
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KC7DMUX37BRCLAI4VPQYHDUVEGTNYN5A/af854a3a-2127-422b-91ae-364da2661108
N/A
https://security.gentoo.org/glsa/202305-32af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2023/04/21/3
Source: cve@mitre.org
Resource:
Mailing List
Hyperlink: https://bugs.webkit.org/show_bug.cgi?id=242683
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5OKKVEUQAAGH3NHMX3WHWKRPYU4QFKTQ/
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QL5OGMSHRQ26FTYWZUXVNWB2VHOSVXK/
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KC7DMUX37BRCLAI4VPQYHDUVEGTNYN5A/
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://security.gentoo.org/glsa/202305-32
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2023/04/21/3
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Hyperlink: https://bugs.webkit.org/show_bug.cgi?id=242683
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5OKKVEUQAAGH3NHMX3WHWKRPYU4QFKTQ/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QL5OGMSHRQ26FTYWZUXVNWB2VHOSVXK/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KC7DMUX37BRCLAI4VPQYHDUVEGTNYN5A/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://security.gentoo.org/glsa/202305-32
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

1505Records found
CVE-2020-6539
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.92% / 75.02%
||
7 Day CHG~0.00%
Published-21 Sep, 2020 | 19:06
Updated-04 Aug, 2024 | 09:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in CSS in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Fedora ProjectGoogle LLCDebian GNU/Linux
Product-chromedebian_linuxfedoraChrome
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-6551
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-22.64% / 95.64%
||
7 Day CHG~0.00%
Published-21 Sep, 2020 | 19:06
Updated-04 Aug, 2024 | 09:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in WebXR in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Fedora ProjectGoogle LLCDebian GNU/Linux
Product-chromedebian_linuxfedoraChrome
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-6552
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-1.58% / 80.83%
||
7 Day CHG~0.00%
Published-21 Sep, 2020 | 19:06
Updated-04 Aug, 2024 | 09:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Blink in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Fedora ProjectGoogle LLCDebian GNU/Linux
Product-chromedebian_linuxfedoraChrome
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-2722
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.20% / 42.71%
||
7 Day CHG-0.05%
Published-16 May, 2023 | 18:45
Updated-05 May, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Autofill UI in Google Chrome on Android prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Google LLCDebian GNU/LinuxFedora Project
Product-chromeandroiddebian_linuxfedoraChrome
CWE ID-CWE-416
Use After Free
CVE-2022-0106
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.61% / 68.81%
||
7 Day CHG~0.00%
Published-11 Feb, 2022 | 23:35
Updated-02 Aug, 2024 | 23:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gesture to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Fedora ProjectGoogle LLC
Product-chromefedoraChrome
CWE ID-CWE-416
Use After Free
CVE-2020-6543
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-1.04% / 76.48%
||
7 Day CHG~0.00%
Published-21 Sep, 2020 | 19:06
Updated-04 Aug, 2024 | 09:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in task scheduling in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Fedora ProjectGoogle LLCDebian GNU/Linux
Product-chromedebian_linuxfedoraChrome
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-6553
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-1.58% / 80.83%
||
7 Day CHG~0.00%
Published-21 Sep, 2020 | 19:06
Updated-04 Aug, 2024 | 09:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in offline mode in Google Chrome on iOS prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Google LLCApple Inc.Fedora ProjectDebian GNU/Linux
Product-chromeiphone_osdebian_linuxfedoraChrome
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-6423
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-1.90% / 82.46%
||
7 Day CHG~0.00%
Published-13 Apr, 2020 | 17:30
Updated-04 Aug, 2024 | 09:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in audio in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Google LLCopenSUSEFedora ProjectDebian GNU/Linux
Product-debian_linuxchromefedorabackports_sleleapChrome
CWE ID-CWE-416
Use After Free
CVE-2020-6436
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-1.49% / 80.23%
||
7 Day CHG~0.00%
Published-13 Apr, 2020 | 17:30
Updated-04 Aug, 2024 | 09:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in window management in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Google LLCopenSUSEFedora ProjectDebian GNU/Linux
Product-debian_linuxchromefedorabackports_sleleapChrome
CWE ID-CWE-416
Use After Free
CVE-2020-6424
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-2.61% / 85.07%
||
7 Day CHG~0.00%
Published-20 Mar, 2020 | 13:51
Updated-04 Aug, 2024 | 09:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in media in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Debian GNU/LinuxGoogle LLCFedora ProjectopenSUSESUSE
Product-debian_linuxchromefedorasuse_linux_enterprise_serversuse_linux_enterprise_desktopbackports_sleChrome
CWE ID-CWE-416
Use After Free
CVE-2020-6378
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.65% / 69.92%
||
7 Day CHG~0.00%
Published-11 Feb, 2020 | 14:42
Updated-04 Aug, 2024 | 09:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in speech in Google Chrome prior to 79.0.3945.130 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Fedora ProjectGoogle LLC
Product-chromefedoraChrome
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-6451
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.80% / 73.02%
||
7 Day CHG~0.00%
Published-13 Apr, 2020 | 17:31
Updated-04 Aug, 2024 | 09:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-openSUSEGoogle LLCFedora Project
Product-chromefedorabackports_sleleapChrome
CWE ID-CWE-416
Use After Free
CVE-2020-6474
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-2.07% / 83.25%
||
7 Day CHG~0.00%
Published-21 May, 2020 | 03:46
Updated-04 Aug, 2024 | 09:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Blink in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Google LLCopenSUSEFedora ProjectDebian GNU/Linux
Product-debian_linuxchromefedorabackports_sleleapChrome
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-5395
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.28% / 50.85%
||
7 Day CHG~0.00%
Published-03 Jan, 2020 | 00:00
Updated-04 Aug, 2024 | 08:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FontForge 20190801 has a use-after-free in SFD_GetFontMetaData in sfd.c.

Action-Not Available
Vendor-fontforgen/aopenSUSEFedora Project
Product-fedorafontforgeleapn/a
CWE ID-CWE-416
Use After Free
CVE-2020-6384
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.81% / 73.25%
||
7 Day CHG~0.00%
Published-27 Feb, 2020 | 22:55
Updated-04 Aug, 2024 | 09:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in WebAudio in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Google LLCRed Hat, Inc.Fedora ProjectDebian GNU/Linux
Product-enterprise_linux_serverdebian_linuxchromeenterprise_linux_workstationfedoraenterprise_linux_desktopChrome
CWE ID-CWE-416
Use After Free
CVE-2020-6386
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.84% / 73.83%
||
7 Day CHG~0.00%
Published-27 Feb, 2020 | 22:55
Updated-04 Aug, 2024 | 09:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in speech in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Google LLCRed Hat, Inc.Fedora ProjectDebian GNU/Linux
Product-enterprise_linux_serverdebian_linuxchromeenterprise_linux_workstationfedoraenterprise_linux_desktopChrome
CWE ID-CWE-416
Use After Free
CVE-2020-6467
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-2.04% / 83.12%
||
7 Day CHG~0.00%
Published-21 May, 2020 | 03:46
Updated-04 Aug, 2024 | 09:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in WebRTC in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Google LLCopenSUSEFedora ProjectDebian GNU/Linux
Product-debian_linuxchromefedorabackports_sleleapChrome
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-2723
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-11.55% / 93.36%
||
7 Day CHG-2.51%
Published-16 May, 2023 | 18:45
Updated-05 May, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in DevTools in Google Chrome prior to 113.0.5672.126 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Google LLCDebian GNU/LinuxFedora Project
Product-chromedebian_linuxfedoraChrome
CWE ID-CWE-416
Use After Free
CVE-2020-6454
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.78% / 72.79%
||
7 Day CHG~0.00%
Published-13 Apr, 2020 | 17:31
Updated-04 Aug, 2024 | 09:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.

Action-Not Available
Vendor-Google LLCopenSUSEFedora ProjectDebian GNU/Linux
Product-debian_linuxchromefedorabackports_sleleapChrome
CWE ID-CWE-416
Use After Free
CVE-2023-25362
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.17% / 39.11%
||
7 Day CHG~0.00%
Published-02 Mar, 2023 | 00:00
Updated-07 Mar, 2025 | 17:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use-after-free vulnerability in WebCore::RenderLayer::repaintBlockSelectionGaps in WebKitGTK before 2.36.8 allows attackers to execute code remotely.

Action-Not Available
Vendor-webkitgtkn/a
Product-webkitgtkn/a
CWE ID-CWE-416
Use After Free
CVE-2023-25363
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.17% / 39.11%
||
7 Day CHG~0.00%
Published-02 Mar, 2023 | 00:00
Updated-07 Mar, 2025 | 17:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use-after-free vulnerability in WebCore::RenderLayer::updateDescendantDependentFlags in WebKitGTK before 2.36.8 allows attackers to execute code remotely.

Action-Not Available
Vendor-webkitgtkn/a
Product-webkitgtkn/a
CWE ID-CWE-416
Use After Free
CVE-2021-37961
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.64% / 69.55%
||
7 Day CHG~0.00%
Published-08 Oct, 2021 | 21:30
Updated-04 Aug, 2024 | 01:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Tab Strip in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Fedora ProjectGoogle LLCDebian GNU/Linux
Product-chromedebian_linuxfedoraChrome
CWE ID-CWE-416
Use After Free
CVE-2023-25361
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.17% / 39.11%
||
7 Day CHG~0.00%
Published-02 Mar, 2023 | 00:00
Updated-07 Mar, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use-after-free vulnerability in WebCore::RenderLayer::setNextSibling in WebKitGTK before 2.36.8 allows attackers to execute code remotely.

Action-Not Available
Vendor-webkitgtkn/a
Product-webkitgtkn/a
CWE ID-CWE-416
Use After Free
CVE-2019-13729
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-3.55% / 87.22%
||
7 Day CHG~0.00%
Published-10 Dec, 2019 | 21:01
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Google LLCRed Hat, Inc.Fedora ProjectDebian GNU/Linux
Product-enterprise_linux_serverenterprise_linux_for_scientific_computingdebian_linuxchromeenterprise_linux_workstationfedoraenterprise_linux_desktopChrome
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-30586
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.30% / 53.07%
||
7 Day CHG~0.00%
Published-03 Aug, 2021 | 19:41
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in dialog box handling in Windows in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Fedora ProjectGoogle LLC
Product-chromefedoraChrome
CWE ID-CWE-416
Use After Free
CVE-2021-30519
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.25% / 48.41%
||
7 Day CHG~0.00%
Published-04 Jun, 2021 | 17:15
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Payments in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to install a malicious payments app to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Fedora ProjectGoogle LLC
Product-chromefedoraChrome
CWE ID-CWE-416
Use After Free
CVE-2021-30611
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.39% / 59.38%
||
7 Day CHG~0.00%
Published-03 Sep, 2021 | 19:25
Updated-03 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Chromium: CVE-2021-30611 Use after free in WebRTC

Action-Not Available
Vendor-Fedora ProjectMicrosoft Corporation
Product-edge_chromiumfedoraedgeMicrosoft Edge (Chromium-based)
CWE ID-CWE-416
Use After Free
CVE-2020-15991
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-1.43% / 79.84%
||
7 Day CHG~0.00%
Published-03 Nov, 2020 | 02:21
Updated-04 Aug, 2024 | 13:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in password manager in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

Action-Not Available
Vendor-Google LLCopenSUSEFedora ProjectDebian GNU/Linux
Product-chromebackports_sledebian_linuxfedoraChrome
CWE ID-CWE-416
Use After Free
CVE-2020-15972
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-3.50% / 87.12%
||
7 Day CHG~0.00%
Published-03 Nov, 2020 | 00:00
Updated-04 Aug, 2024 | 13:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in audio in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Google LLCopenSUSEFedora ProjectDebian GNU/Linux
Product-chromefedoradebian_linuxbackports_sleChrome
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-15971
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-1.43% / 79.84%
||
7 Day CHG~0.00%
Published-03 Nov, 2020 | 02:21
Updated-04 Aug, 2024 | 13:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in printing in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

Action-Not Available
Vendor-Google LLCopenSUSEFedora ProjectDebian GNU/Linux
Product-chromebackports_sledebian_linuxfedoraChrome
CWE ID-CWE-416
Use After Free
CVE-2020-15970
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-1.43% / 79.84%
||
7 Day CHG~0.00%
Published-03 Nov, 2020 | 02:21
Updated-04 Aug, 2024 | 13:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in NFC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

Action-Not Available
Vendor-Google LLCopenSUSEFedora ProjectDebian GNU/Linux
Product-chromebackports_sledebian_linuxfedoraChrome
CWE ID-CWE-416
Use After Free
CVE-2020-15990
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-1.43% / 79.84%
||
7 Day CHG~0.00%
Published-03 Nov, 2020 | 02:21
Updated-04 Aug, 2024 | 13:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in autofill in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

Action-Not Available
Vendor-Google LLCopenSUSEFedora ProjectDebian GNU/Linux
Product-chromefedoradebian_linuxbackports_sleChrome
CWE ID-CWE-416
Use After Free
CVE-2020-16003
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-1.91% / 82.53%
||
7 Day CHG~0.00%
Published-03 Nov, 2020 | 02:21
Updated-04 Aug, 2024 | 13:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in printing in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Google LLCopenSUSEFedora ProjectDebian GNU/Linux
Product-chromefedoradebian_linuxbackports_sleChrome
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-15969
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-3.16% / 86.39%
||
7 Day CHG~0.00%
Published-03 Nov, 2020 | 02:21
Updated-04 Aug, 2024 | 13:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Google LLCopenSUSEApple Inc.Fedora ProjectDebian GNU/Linux
Product-iphone_osdebian_linuxipadostvoschromewatchossafarifedoramacosbackports_sleChrome
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-15967
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-1.43% / 79.84%
||
7 Day CHG~0.00%
Published-03 Nov, 2020 | 02:21
Updated-04 Aug, 2024 | 13:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in payments in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.

Action-Not Available
Vendor-Google LLCopenSUSEFedora ProjectDebian GNU/Linux
Product-chromebackports_sledebian_linuxfedoraChrome
CWE ID-CWE-416
Use After Free
CVE-2020-16001
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-1.91% / 82.53%
||
7 Day CHG~0.00%
Published-03 Nov, 2020 | 02:21
Updated-04 Aug, 2024 | 13:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in media in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Google LLCopenSUSEFedora ProjectDebian GNU/Linux
Product-chromedebian_linuxfedorabackports_sleChrome
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-15976
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-1.65% / 81.24%
||
7 Day CHG~0.00%
Published-03 Nov, 2020 | 02:21
Updated-04 Aug, 2024 | 13:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in WebXR in Google Chrome on Android prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Google LLCopenSUSEFedora ProjectDebian GNU/Linux
Product-debian_linuxchromeandroidfedorabackports_sleChrome
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-15987
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-1.60% / 80.95%
||
7 Day CHG~0.00%
Published-03 Nov, 2020 | 02:21
Updated-04 Aug, 2024 | 13:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted WebRTC stream.

Action-Not Available
Vendor-Google LLCopenSUSEFedora ProjectDebian GNU/Linux
Product-chromebackports_sledebian_linuxfedoraChrome
CWE ID-CWE-416
Use After Free
CVE-2014-1531
Matching Score-10
Assigner-Mozilla Corporation
ShareView Details
Matching Score-10
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-1.72% / 81.64%
||
7 Day CHG~0.00%
Published-30 Apr, 2014 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving an imgLoader object that is not properly handled during an image-resize operation.

Action-Not Available
Vendor-n/aMozilla CorporationopenSUSESUSERed Hat, Inc.Fedora ProjectDebian GNU/LinuxCanonical Ltd.
Product-enterprise_linux_serverenterprise_linux_eusfirefoxenterprise_linux_server_eusthunderbirddebian_linuxenterprise_linux_server_ausfedoraseamonkeyfirefox_esrubuntu_linuxenterprise_linux_desktopopensusesuse_linux_enterprise_serverenterprise_linux_server_tusenterprise_linux_workstationn/a
CWE ID-CWE-416
Use After Free
CVE-2020-15968
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-1.49% / 80.23%
||
7 Day CHG~0.00%
Published-03 Nov, 2020 | 02:21
Updated-04 Aug, 2024 | 13:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Google LLCopenSUSEFedora ProjectDebian GNU/Linux
Product-chromefedoradebian_linuxbackports_sleChrome
CWE ID-CWE-416
Use After Free
CVE-2020-16002
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-1.43% / 79.88%
||
7 Day CHG~0.00%
Published-03 Nov, 2020 | 02:21
Updated-04 Aug, 2024 | 13:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in PDFium in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

Action-Not Available
Vendor-Google LLCopenSUSEFedora ProjectDebian GNU/Linux
Product-chromebackports_sledebian_linuxfedoraChrome
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-16004
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-1.24% / 78.43%
||
7 Day CHG~0.00%
Published-03 Nov, 2020 | 02:21
Updated-04 Aug, 2024 | 13:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in user interface in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Google LLCopenSUSEFedora ProjectDebian GNU/Linux
Product-debian_linuxchromefedorabackports_sleleapChrome
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-3197
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.73% / 71.87%
||
7 Day CHG~0.00%
Published-26 Sep, 2022 | 00:00
Updated-21 May, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)

Action-Not Available
Vendor-Fedora ProjectGoogle LLC
Product-fedorachromeChrome
CWE ID-CWE-416
Use After Free
CVE-2022-3196
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.73% / 71.87%
||
7 Day CHG~0.00%
Published-26 Sep, 2022 | 00:00
Updated-21 May, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)

Action-Not Available
Vendor-Fedora ProjectGoogle LLC
Product-fedorachromeChrome
CWE ID-CWE-416
Use After Free
CVE-2020-13558
Matching Score-10
Assigner-Talos
ShareView Details
Matching Score-10
Assigner-Talos
CVSS Score-8.8||HIGH
EPSS-0.55% / 66.96%
||
7 Day CHG~0.00%
Published-03 Mar, 2021 | 17:53
Updated-04 Aug, 2024 | 12:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A code execution vulnerability exists in the AudioSourceProviderGStreamer functionality of Webkit WebKitGTK 2.30.1. A specially crafted web page can lead to a use after free.

Action-Not Available
Vendor-webkitgtkn/a
Product-webkitgtkWebkit
CWE ID-CWE-416
Use After Free
CVE-2020-13543
Matching Score-10
Assigner-Talos
ShareView Details
Matching Score-10
Assigner-Talos
CVSS Score-8.8||HIGH
EPSS-1.50% / 80.36%
||
7 Day CHG~0.00%
Published-03 Dec, 2020 | 16:24
Updated-04 Aug, 2024 | 12:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A code execution vulnerability exists in the WebSocket functionality of Webkit WebKitGTK 2.30.0. A specially crafted web page can trigger a use-after-free vulnerability which can lead to remote code execution. An attacker can get a user to visit a webpage to trigger this vulnerability.

Action-Not Available
Vendor-webkitgtkn/a
Product-webkitgtkWebkit
CWE ID-CWE-416
Use After Free
CVE-2020-13584
Matching Score-10
Assigner-Talos
ShareView Details
Matching Score-10
Assigner-Talos
CVSS Score-8.8||HIGH
EPSS-1.36% / 79.35%
||
7 Day CHG~0.00%
Published-03 Dec, 2020 | 17:02
Updated-04 Aug, 2024 | 12:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.1 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in a remote code execution. The victim needs to visit a malicious web site to trigger this vulnerability.

Action-Not Available
Vendor-webkitgtkn/aFedora Project
Product-webkitgtkfedoraWebkit
CWE ID-CWE-416
Use After Free
CVE-2022-3199
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.88% / 74.43%
||
7 Day CHG~0.00%
Published-26 Sep, 2022 | 00:00
Updated-21 May, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Frames in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Fedora ProjectGoogle LLC
Product-fedorachromeChrome
CWE ID-CWE-416
Use After Free
CVE-2020-11793
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.79% / 72.94%
||
7 Day CHG~0.00%
Published-17 Apr, 2020 | 12:40
Updated-04 Aug, 2024 | 11:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web content that allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash).

Action-Not Available
Vendor-webkitgtkwpewebkitn/aCanonical Ltd.openSUSEFedora Project
Product-ubuntu_linuxfedorawebkitgtkwpe_webkitleapn/a
CWE ID-CWE-416
Use After Free
CVE-2022-3198
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.73% / 71.87%
||
7 Day CHG~0.00%
Published-26 Sep, 2022 | 00:00
Updated-21 May, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)

Action-Not Available
Vendor-Fedora ProjectGoogle LLC
Product-fedorachromeChrome
CWE ID-CWE-416
Use After Free
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 30
  • 31
  • Next
Details not found