CVE-2022-22628

HIGH Year: 2022
CVSS v3 Score
8.8
High
Weakness Type
CWE-416
View all →

Vulnerability Description

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iOS 15.4 and iPadOS 15.4, tvOS 15.4. Processing maliciously crafted web content may lead to arbitrary code execution.

Related Vulnerabilities

CVE-2008-0077

HIGH
CVSS:8.8(High)

Use-after-free vulnerability in Microsoft Internet Explorer 6 SP1, 6 SP2, and and 7 allows remote attackers to execute arbitrary code by assigning malformed values to certain properties, as demonstrat...

CWE-4162008

CVE-2009-3658

HIGH
CVSS:8.8(High)

Use-after-free vulnerability in the Sb.SuperBuddy.1 ActiveX control (sb.dll) in America Online (AOL) 9.5.0.1 allows remote attackers to trigger memory corruption or possibly execute arbitrary code via...

CWE-4162009

CVE-2010-0050

HIGH
CVSS:8.8(High)

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML document with imprope...

CWE-4162010

CVE-2010-0249

HIGH
CVSS:8.8(High)

Use-after-free vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 on Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1, and SP2; Windows Server 20...

CWE-4162010

CVE-2010-0378

HIGH
CVSS:8.8(High)

Use-after-free vulnerability in Adobe Flash Player 6.0.79, as distributed in Microsoft Windows XP SP2 and SP3, allows remote attackers to execute arbitrary code by unloading a Flash object that is cur...

CWE-4162010

CVE-2010-1208

HIGH
CVSS:8.8(High)

Use-after-free vulnerability in the attribute-cloning functionality in the DOM implementation in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote a...

CWE-4162010