| Improper Restriction of Rendered UI Layers or Frames | |
| Out-of-bounds Write | |
| Out-of-bounds Read | |
| Out-of-bounds Write | |
| Use After Free | |
| Use After Free | |
| Use After Free | |
| CVE-2022-22741 | |
| Information Exposure | |
| Use After Free | |
| Cleartext Transmission of Sensitive Information | |
| Out-of-bounds Write | |
| CVE-2022-26383 | |
| Information Exposure | |
| CVE-2022-22745 | |
| CVE-2022-28284 | |
| CVE-2022-22759 | |
| Out-of-bounds Write | |
| Time-of-check Time-of-use (TOCTOU) | |
| Out-of-bounds Write | |
| Out-of-bounds Read | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Use After Free | |
| Improper Certificate Validation | |
| Out-of-bounds Write | |
| CVE-2022-22750 | |
| XML Injection | |
| CVE-2022-22748 | |
| Information Exposure | |
| CVE-2022-22756 | |
| Out-of-bounds Write | |
| Out-of-bounds Write | |
| CVE-2022-28287 | |
| CVE-2022-28283 | |
| CVE-2022-22761 | |
| Use After Free | |
| CVE-2021-43540 | |
| Incorrect Type Conversion or Cast | |
| Race Condition | |
| Out-of-bounds Write | |
| Inefficient Regular Expression Complexity | |
| Use After Free | |
| Race Condition | |
| Race Condition | |
| Improper Restriction of Excessive Authentication Attempts | |
| CVE-2022-26384 | |
| Use After Free | |
| Missing Release of Resource after Effective Lifetime | |
| CVE-2021-43541 | |
| Information Exposure | |
| CVE-2022-22743 | |
| Operation on a Resource after Expiration or Release | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Origin Validation Error | |
| Use After Free | |
| Origin Validation Error | |
| Improper Encoding or Escaping of Output | |
| Cross-site Scripting (XSS) | |
| Improper Restriction of Rendered UI Layers or Frames | |
| CVE-2021-38510 | |
| CVE-2021-38494 | |
| Out-of-bounds Write | |
| Out-of-bounds Write | |
| CVE-2021-29974 | |
| Time-of-check Time-of-use (TOCTOU) | |
| CVE-2021-38501 | |
| Out-of-Bounds | |
| CVE-2022-22762 | |
| Uncontrolled Search Path Element | |
| CVE-2021-38499 | |
| CVE-2022-22739 | |
| Incorrect Authorization | |
| CVE-2022-22749 | |
| Externally Controlled Reference to a Resource in Another Sphere | |
| Improper Resource Shutdown or Release | |
| Arbitrary Argument Injection | |
| CVE-2021-38500 | |
| Origin Validation Error | |
| Incorrect Conversion between Numeric Types | |
| CVE-2021-29983 | |
| Use After Free | |
| CVE-2021-38492 | |
| Use After Free | |
| HTTP Request Smuggling | |
| Out-of-Bounds | |
| Interpretation Conflict | |
| Out-of-Bounds | |
| Missing Initialization of Resource | |
| Out-of-Bounds | |
| Race Condition | |
| CVE-2021-23996 | |
| Insufficient Verification of Data Authenticity | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Cross-site Scripting (XSS) | |
| Excessive Iteration | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Information Exposure | |
| Operation on a Resource after Expiration or Release | |
| Use After Free | |
| Incorrect Authorization | |
| Integer Overflow or Wraparound | |
| Use After Free | |
| Exposure of Resource to Wrong Sphere | |
| Exposure of Resource to Wrong Sphere | |
| Cross-site Scripting (XSS) | |
| Incorrect Authorization | |
| Out-of-Bounds | |
| Out-of-bounds Write | |
| Race Condition | |
| CVE-2021-23957 | |
| Out-of-Bounds | |
| Out-of-Bounds | |
| Race Condition | |
| CVE-2021-38491 | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Incorrect Calculation | |
| CVE-2021-23971 | |
| CVE-2021-29993 | |
| CVE-2021-29981 | |
| CVE-2021-24000 | |
| Out-of-Bounds | |
| CVE-2021-29975 | |
| Use After Free | |
| Missing Authorization | |
| CVE-2021-29984 | |
| Improper Privilege Management | |
| Missing Initialization of Resource | |
| Out-of-Bounds | |
| Information Exposure | |
| Out-of-bounds Write | |
| CVE-2020-26977 | |
| Insufficient Verification of Data Authenticity | |
| Incorrect Resource Transfer Between Spheres | |
| Missing Authorization | |
| CVE-2021-23969 | |
| Reachable Assertion | |
| Inadequate Encryption Strength | |
| Authentication Bypass | |
| CVE-2021-23974 | |
| Out-of-bounds Write | |
| CVE-2020-35111 | |
| Out-of-bounds Write | |
| Exposure of Resource to Wrong Sphere | |
| Improper Cross-boundary Removal of Sensitive Data | |
| Out-of-bounds Write | |
| Cross-site Scripting (XSS) | |
| Access of Resource Using Incompatible Type ('Type Confusion') | |
| CVE-2021-23962 | |
| Out-of-Bounds | |
| Out-of-Bounds | |
| CVE-2021-23961 | |
| Information Exposure | |
| Use After Free | |
| CVE-2021-23978 | |
| Out-of-Bounds | |
| Out-of-bounds Write | |
| Time-of-check Time-of-use (TOCTOU) | |
| Exposure of Resource to Wrong Sphere | |
| CVE-2020-26961 | |
| Out-of-bounds Write | |
| Open Redirect | |
| Origin Validation Error | |
| Improper Restriction of Rendered UI Layers or Frames | |
| CVE-2021-23956 | |
| CVE-2021-23972 | |
| CVE-2020-15665 | |
| Unrestricted Upload of File with Dangerous Type | |
| Out-of-bounds Write | |
| CVE-2020-26963 | |
| Improper Preservation of Permissions | |
| CVE-2020-16012 | |
| CVE-2020-26967 | |
| Cross-site Scripting (XSS) | |
| CVE-2020-26964 | |
| CVE-2021-23960 | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Use After Free | |
| CVE-2020-35112 | |
| Out-of-bounds Write | |
| CVE-2020-26966 | |
| Use After Free | |
| Cross-site Scripting (XSS) | |
| Reliance on Cookies without Validation and Integrity Checking | |
| CVE-2020-15680 | |
| Use After Free | |
| Loop with Unreachable Exit Condition ('Infinite Loop') | |
| CVE-2020-26978 | |
| Access of Resource Using Incompatible Type ('Type Confusion') | |
| CVE-2020-26954 | |
| CVE-2020-26976 | |
| Use After Free | |
| Use After Free | |
| Out-of-bounds Write | |
| Out-of-Bounds | |
| Open Redirect | |
| Cross-site Scripting (XSS) | |
| Use After Free | |
| Release of Invalid Pointer or Reference | |
| Incorrect Default Permissions | |
| CVE-2020-26973 | |
| Use of a Broken or Risky Cryptographic Algorithm | |
| Improper Privilege Management | |
| CVE-2020-26975 | |
| CVE-2020-15681 | |
| Improper Initialization | |
| Information Exposure | |
| Origin Validation Error | |
| Out-of-bounds Write | |
| CVE-2020-6829 | |
| CVE-2020-15653 | |
| Information Exposure | |
| Use After Free | |
| Out-of-Bounds | |
| Uncontrolled Search Path Element | |
| Incorrect Authorization | |
| CVE-2020-15684 | |
| CVE-2020-15683 | |
| Insufficient Verification of Data Authenticity | |
| Information Exposure | |
| Use After Free | |
| Buffer Overflow | |
| Out-of-bounds Read | |
| Release of Invalid Pointer or Reference | |
| Arbitrary Code Injection | |
| Out-of-bounds Write | |
| Incorrect Default Permissions | |
| Out-of-Bounds | |
| CVE-2020-6514 | |
| Improper Locking | |
| Release of Invalid Pointer or Reference | |
| Information Exposure | |
| CVE-2020-6813 | |
| Out-of-Bounds | |
| Access of Resource Using Incompatible Type ('Type Confusion') | |
| Cross-site Scripting (XSS) | |
| Deserialization of Untrusted Data | |
| Use After Free | |
| Use of a Broken or Risky Cryptographic Algorithm | |
| Out-of-Bounds | |
| Out-of-Bounds | |
| Cross-site Scripting (XSS) | |
| Improper Input Validation | |
| Improper Check for Unusual or Exceptional Conditions | |
| Arbitrary Code Injection | |
| Improper Certificate Validation | |
| Double Free | |
| Origin Validation Error | |
| Out-of-Bounds | |
| Information Exposure | |
| Use After Free | |
| Information Exposure | |
| Out-of-Bounds | |
| CVE-2020-12409 | |
| Buffer Overflow | |
| Use After Free | |
| Race Condition | |
| Uncontrolled Search Path Element | |
| Out-of-bounds Write | |
| Out-of-bounds Read | |
| Information Exposure | |
| Improper Input Validation | |
| Use After Free | |
| Improper Input Validation | |
| Out-of-Bounds | |
| Authentication Bypass | |
| Authentication Bypass | |
| Out-of-bounds Read | |
| Cross-site Scripting (XSS) | |
| Improper Input Validation | |
| Improper Authentication | |
| Information Exposure | |
| Session Fixation | |
| Out-of-bounds Write | |
| Use After Free | |
| Open Redirect | |
| CVE-2022-36317 | |
| Out-of-bounds Read | |
| Improper Privilege Management | |
| Out-of-bounds Write | |
| Access of Resource Using Incompatible Type ('Type Confusion') | |
| Buffer Overflow | |
| Out-of-bounds Write | |
| Improper Input Validation | |
| Improper Authentication | |
| Use After Free | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Race Condition | |
| Buffer Overflow | |
| Arbitrary Code Injection | |
| Out-of-Bounds | |
| Out-of-Bounds | |
| Use After Free | |
| Out-of-bounds Read | |
| CVE-2023-5723 | |
| CVE-2023-5725 | |
| Uncontrolled Search Path Element | |
| Improper Input Validation | |
| Integer Overflow or Wraparound | |
| Out-of-bounds Write | |
| Use After Free | |
| CVE-2022-34479 | |
| CVE-2023-5724 | |
| Access of Uninitialized Pointer | |
| Information Exposure | |
| Incorrect Default Permissions | |
| Out-of-bounds Write | |
| Origin Validation Error | |
| CVE-2023-5727 | |
| CVE-2022-31736 | |
| Out-of-bounds Write | |
| CVE-2023-5726 | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Out-of-bounds Write | |
| CVE-2022-29915 | |
| CVE-2023-5729 | |
| CVE-2023-5728 | |
| Out-of-bounds Write | |
| CVE-2022-36315 | |
| Race Condition | |
| Open Redirect | |
| Out-of-bounds Write | |
| CVE-2022-36319 | |
| CVE-2022-34468 | |
| Cross-site Scripting (XSS) | |
| CVE-2022-34471 | |
| Use of Uninitialized Resource | |
| Use After Free | |
| Use After Free | |
| CVE-2022-34478 | |
| CVE-2022-34482 | |
| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
| CVE-2022-34477 | |
| CVE-2022-34483 | |
| Use After Free | |
| Cross-site Scripting (XSS) | |
| CVE-2022-31740 | |
| CVE-2022-34472 | |
| CVE-2022-34476 | |
| Cross-site Scripting (XSS) | |
| Improper Certificate Validation | |
| Out-of-bounds Write | |
| CVE-2022-31742 | |
| Authentication Bypass | |
| Out-of-bounds Write | |
| Improper Validation of Array Index | |
| Out-of-bounds Read | |
| Cross-site Scripting (XSS) | |
| CVE-2022-31739 | |
| CVE-2022-29914 | |
| CVE-2022-29916 | |
| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
| CVE-2022-31748 | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Incorrect Default Permissions | |
| Open Redirect | |
| Open Redirect | |
