CVEs from 2023
Total
6,107
critical
critical 240
high
high 1,530
medium
medium 1,393
low
low 32
% Critical
3.9%
% with KEV
2.7%
% with exploit
3.5%
Top products
- office 29
- office_long_term_servicing_channel 15
- 365_apps 14
- ftmg-esr50sxx 8
- ftmg-esn40sxx 8
- ftmg-esd25axx 8
- ftmg-esr40sxx 8
- ftmg-esd15axx 8
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-0927 | unknown | — | — | — | Use after free in Web Payments API in Google Chrome on Android prior to 110.0.5481.177 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a … | |||
| CVE-2023-1215 | unknown | — | — | — | Type confusion in CSS in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2023-1222 | unknown | — | — | — | Heap buffer overflow in Web Audio API in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Me… | |||
| CVE-2023-53214 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential memory corruption in __update_iostat_latency() Add iotype sanity check to avoid potential memory cor… | |||
| CVE-2023-53217 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: nubus: Partially revert proc_create_single_data() conversion The conversion to proc_create_single_data() introduced a regression … | |||
| CVE-2023-1233 | unknown | — | — | — | Insufficient policy enforcement in Resource Timing in Google Chrome prior to 111.0.5563.64 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive in… | |||
| CVE-2023-1216 | unknown | — | — | — | Use after free in DevTools in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had convienced the user to engage in direct UI interaction to potentially exploit heap corruption via … | |||
| CVE-2023-53219 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: netup_unidvb: fix use-after-free at del_timer() When Universal DVB card is detaching, netup_unidvb_dma_fini() uses del_tim… | |||
| CVE-2023-53222 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: jfs: jfs_dmap: Validate db_l2nbperpage while mounting In jfs_dmap.c at line 381, BLKTODMAP is used to get a logical block number … | |||
| CVE-2023-53223 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/msm/dsi: Add missing check for alloc_ordered_workqueue Add check for the return value of alloc_ordered_workqueue as it may re… | |||
| CVE-2023-53251 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: pcie: fix NULL pointer dereference in iwl_pcie_irq_rx_msix_handler() rxq can be NULL only when trans_pcie->rxq is … | |||
| CVE-2023-53225 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: spi: imx: Don't skip cleanup in remove's error path Returning early in a platform driver's remove callback is wrong. In this case… | |||
| CVE-2023-1231 | unknown | — | — | — | Inappropriate implementation in Autofill in Google Chrome on Android prior to 111.0.5563.64 allowed a remote attacker to potentially spoof the contents of the omnibox via a crafted HTML page. (Chromi… | |||
| CVE-2023-53234 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: watchdog: Fix kmemleak in watchdog_cdev_register kmemleak reports memory leaks in watchdog_dev_register, as follows: unreferenced… | |||
| CVE-2023-53239 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Add check for kzalloc As kzalloc may fail and return NULL pointer, it should be better to check the return value in… | |||
| CVE-2023-53244 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: pci: tw68: Fix null-ptr-deref bug in buf prepare and finish When the driver calls tw68_risc_buffer() to prepare the buffer… | |||
| CVE-2023-1530 | unknown | — | — | — | Use after free in PDF in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2023-53242 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/hisi: Drop second sensor hi3660 The commit 74c8e6bffbe1 ("driver core: Add __alloc_size hint to devm allocators")… | |||
| CVE-2023-53265 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ubi: ensure that VID header offset + VID header size <= alloc, size Ensure that the VID header offset + VID header size does not … | |||
| CVE-2023-1812 | unknown | — | — | — | Out of bounds memory access in DOM Bindings in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severi… | |||
| CVE-2023-2134 | unknown | — | — | — | Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security… | |||
| CVE-2023-2459 | unknown | — | — | — | Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to bypass permission restrictions via a crafted HTML page. (Chromium security severity: Mediu… | |||
| CVE-2023-53250 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: firmware: dmi-sysfs: Fix null-ptr-deref in dmi_sysfs_register_handle KASAN reported a null-ptr-deref error: KASAN: null-ptr-dere… | |||
| CVE-2023-53255 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: firmware: stratix10-svc: Fix a potential resource leak in svc_create_memory_pool() svc_create_memory_pool() is only called from s… | |||
| CVE-2023-2314 | unknown | — | — | — | Insufficient data validation in DevTools in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low) | |||
| CVE-2023-2461 | unknown | — | — | — | Use after free in OS Inputs in Google Chrome on ChromeOS prior to 113.0.5672.63 allowed a remote attacker who convinced a user to enage in specific UI interaction to potentially exploit heap corrupti… | |||
| CVE-2023-2939 | unknown | — | — | — | Insufficient data validation in Installer in Google Chrome on Windows prior to 114.0.5735.90 allowed a local attacker to perform privilege escalation via crafted symbolic link. (Chromium security sev… | |||
| CVE-2023-2464 | unknown | — | — | — | Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed an attacker who convinced a user to install a malicious extension to perform an origin spoof in the se… | |||
| CVE-2023-2724 | unknown | — | — | — | Type confusion in V8 in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2023-2929 | unknown | — | — | — | Out of bounds write in Swiftshader in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2023-2938 | unknown | — | — | — | Inappropriate implementation in Picture In Picture in Google Chrome prior to 114.0.5735.90 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox (URL… | |||
| CVE-2023-3215 | unknown | — | — | — | Use after free in WebRTC in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2023-53276 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ubifs: Free memory for tmpfile name When opening a ubifs tmpfile on an encrypted directory, function fscrypt_setup_filename alloc… | |||
| CVE-2023-53267 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: driver: soc: xilinx: fix memory leak in xlnx_add_cb_for_notify_event() The kfree() should be called when memory fails to be alloc… | |||
| CVE-2023-4073 | unknown | — | — | — | Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security sever… | |||
| CVE-2023-3216 | unknown | — | — | — | Type confusion in V8 in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2023-53269 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: block: ublk: make sure that block size is set correctly block size is one very key setting for block layer, and bad block size co… | |||
| CVE-2023-3421 | unknown | — | — | — | Use after free in Media in Google Chrome prior to 114.0.5735.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2023-53271 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ubi: Fix unreferenced object reported by kmemleak in ubi_resize_volume() There is a memory leaks problem reported by kmemleak: u… | |||
| CVE-2023-4077 | unknown | — | — | — | Insufficient data validation in Extensions in Google Chrome prior to 115.0.5790.170 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileg… | |||
| CVE-2023-4349 | unknown | — | — | — | Use after free in Device Trust Connectors in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity… | |||
| CVE-2023-53277 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: wifi: iwl3945: Add missing check for create_singlethread_workqueue Add the check for the return value of the create_singlethread_… | |||
| CVE-2023-4362 | unknown | — | — | — | Heap buffer overflow in Mojom IDL in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process and gained control of a WebUI process to potentially explo… | |||
| CVE-2023-53278 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix memory leak in ubifs_sysfs_init() When insmod ubifs.ko, a kmemleak reported as below: unreferenced object 0xffff8881… | |||
| CVE-2023-53279 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: misc: vmw_balloon: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called o… | |||
| CVE-2023-4070 | unknown | — | — | — | Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2023-53281 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drivers: staging: rtl8723bs: Fix locking in _rtw_join_timeout_handler() Commit 041879b12ddb ("drivers: staging: rtl8192bs: Fix de… | |||
| CVE-2023-4074 | unknown | — | — | — | Use after free in Blink Task Scheduling in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity:… | |||
| CVE-2023-4075 | unknown | — | — | — | Use after free in Cast in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2023-53282 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write During the sysfs firmware write process, a use-after-… | |||
| CVE-2023-4076 | unknown | — | — | — | Use after free in WebRTC in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted WebRTC session. (Chromium security severity: High) | |||
| CVE-2023-53284 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: check for null return of devm_kzalloc() in dpu_writeback_init() Because of the possilble failure of devm_kzalloc(), … | |||
| CVE-2023-4352 | unknown | — | — | — | Type confusion in V8 in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2023-4078 | unknown | — | — | — | Inappropriate implementation in Extensions in Google Chrome prior to 115.0.5790.170 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileg… | |||
| CVE-2023-4350 | unknown | — | — | — | Inappropriate implementation in Fullscreen in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML p… | |||
| CVE-2023-4368 | unknown | — | — | — | Insufficient policy enforcement in Extensions API in Google Chrome prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via … | |||
| CVE-2023-4357 | unknown | — | — | — | Insufficient validation of untrusted input in XML in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to bypass file access restrictions via a crafted HTML page. (Chromium security seve… | |||
| CVE-2023-4358 | unknown | — | — | — | Use after free in DNS in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | |||
| CVE-2023-53289 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: bdisp: Add missing check for create_workqueue Add the check for the return value of the create_workqueue in order to avoid… | |||
| CVE-2023-4364 | unknown | — | — | — | Inappropriate implementation in Permission Prompts in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Med… | |||
| CVE-2023-4366 | unknown | — | — | — | Use after free in Extensions in Google Chrome prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTM… | |||
| CVE-2023-4367 | unknown | — | — | — | Insufficient policy enforcement in Extensions API in Google Chrome prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via … | |||
| CVE-2023-4427 | unknown | — | — | — | Out of bounds memory access in V8 in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2023-53300 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: hi846: Fix memleak in hi846_init_controls() hi846_init_controls doesn't clean the allocated ctrl_hdlr in case there is a f… | |||
| CVE-2023-53302 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: wifi: iwl4965: Add missing check for create_singlethread_workqueue() Add the check for the return value of the create_singlethrea… | |||
| CVE-2023-4908 | unknown | — | — | — | Inappropriate implementation in Picture in Picture in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Low) | |||
| CVE-2023-4761 | unknown | — | — | — | Out of bounds memory access in FedCM in Google Chrome prior to 116.0.5845.179 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a crafted … | |||
| CVE-2023-4763 | unknown | — | — | — | Use after free in Networks in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2023-5857 | unknown | — | — | — | Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially execute arbitrary code via a malicious file. (Chromium security severity: M… | |||
| CVE-2023-53294 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix null-ptr-deref on inode->i_op in ntfs_lookup() Syzbot reported a null-ptr-deref bug: ntfs3: loop0: Different NTFS'… | |||
| CVE-2023-5186 | unknown | — | — | — | Use after free in Passwords in Google Chrome prior to 117.0.5938.132 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via cra… | |||
| CVE-2023-4902 | unknown | — | — | — | Inappropriate implementation in Input in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium) | |||
| CVE-2023-4903 | unknown | — | — | — | Inappropriate implementation in Custom Mobile Tabs in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severi… | |||
| CVE-2023-4905 | unknown | — | — | — | Inappropriate implementation in Prompts in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium) | |||
| CVE-2023-53295 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: udf: Do not update file length for failed writes to inline files When write to inline file fails (or happens only partly), we sti… | |||
| CVE-2023-4907 | unknown | — | — | — | Inappropriate implementation in Intents in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low) | |||
| CVE-2023-5187 | unknown | — | — | — | Use after free in Extensions in Google Chrome prior to 117.0.5938.132 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HT… | |||
| CVE-2023-5346 | unknown | — | — | — | Type confusion in V8 in Google Chrome prior to 117.0.5938.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2023-5475 | unknown | — | — | — | Inappropriate implementation in DevTools in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control via a… | |||
| CVE-2023-53298 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: nfc: fix memory leak of se_io context in nfc_genl_se_io The callback context for sending/receiving APDUs to/from the selected sec… | |||
| CVE-2023-5474 | unknown | — | — | — | Heap buffer overflow in PDF in Google Chrome prior to 118.0.5993.70 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a… | |||
| CVE-2023-5476 | unknown | — | — | — | Use after free in Blink History in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | |||
| CVE-2023-5477 | unknown | — | — | — | Inappropriate implementation in Installer in Google Chrome prior to 118.0.5993.70 allowed a local attacker to bypass discretionary access control via a crafted command. (Chromium security severity: L… | |||
| CVE-2023-5479 | unknown | — | — | — | Inappropriate implementation in Extensions API in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a c… | |||
| CVE-2023-53301 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: f2fs: fix kernel crash due to null io->bio We should return when io->bio is null before doing anything. Otherwise, panic. BUG: k… | |||
| CVE-2023-53303 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: microchip: vcap api: Fix possible memory leak for vcap_dup_rule() Inject fault When select CONFIG_VCAP_KUNIT_TEST, the below… | |||
| CVE-2023-5483 | unknown | — | — | — | Inappropriate implementation in Intents in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Mediu… | |||
| CVE-2023-5856 | unknown | — | — | — | Use after free in Side Panel in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a cra… | |||
| CVE-2023-5485 | unknown | — | — | — | Inappropriate implementation in Autofill in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to bypass autofill restrictions via a crafted HTML page. (Chromium security severity: Low) | |||
| CVE-2023-53306 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: fsdax: force clear dirty mark if CoW XFS allows CoW on non-shared extents to combat fragmentation[1]. The old non-shared extent … | |||
| CVE-2023-53307 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: rbd: avoid use-after-free in do_rbd_add() when rbd_dev_create() fails If getting an ID or setting up a work queue in rbd_dev_crea… | |||
| CVE-2023-53308 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: fec: Better handle pm_runtime_get() failing in .remove() In the (unlikely) event that pm_runtime_get() (disguised as pm_runt… | |||
| CVE-2023-53311 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput During unmount process of nilfs2, nothing holds nilfs_root s… | |||
| CVE-2023-6509 | unknown | — | — | — | Use after free in Side Panel Search in Google Chrome prior to 120.0.6099.62 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption … | |||
| CVE-2023-53310 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: power: supply: axp288_fuel_gauge: Fix external_power_changed race fuel_gauge_external_power_changed() dereferences info->bat, whi… | |||
| CVE-2023-7282 | unknown | — | — | — | Inappropriate implementation in Navigation in Google Chrome prior to 113.0.5672.63 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing via a cr… | |||
| CVE-2023-7281 | unknown | — | — | — | Inappropriate implementation in Compositing in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | |||
| CVE-2023-53313 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix wrong setting of max_corr_read_errors There is no input check when echo md/max_read_errors and overflow might occu… | |||
| CVE-2023-53314 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: fbdev/ep93xx-fb: Do not assign to struct fb_info.dev Do not assing the Linux device to struct fb_info.dev. The call to register_f… | |||
| CVE-2023-53315 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Fix SKB corruption in REO destination ring While running traffics for a long time, randomly an RX descriptor filled… |