Total
6117 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-45567 | 1 Qualcomm | 28 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 25 more | 2025-05-09 | 7.8 High |
| Memory corruption while encoding JPEG format. | ||||
| CVE-2024-45566 | 1 Qualcomm | 46 Fastconnect 6800, Fastconnect 6800 Firmware, Fastconnect 6900 and 43 more | 2025-05-09 | 7.8 High |
| Memory corruption during concurrent buffer access due to modification of the reference count. | ||||
| CVE-2024-45564 | 1 Qualcomm | 126 C-v2x 9150, C-v2x 9150 Firmware, Fastconnect 6800 and 123 more | 2025-05-09 | 7.8 High |
| Memory corruption during concurrent access to server info object due to incorrect reference count update. | ||||
| CVE-2024-45562 | 1 Qualcomm | 160 C-v2x 9150, C-v2x 9150 Firmware, Fastconnect 6800 and 157 more | 2025-05-09 | 6.6 Medium |
| Memory corruption during concurrent access to server info object due to unprotected critical field. | ||||
| CVE-2024-45554 | 1 Qualcomm | 42 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 39 more | 2025-05-09 | 7.8 High |
| Memory corruption during concurrent SSR execution due to race condition on the global maps list. | ||||
| CVE-2024-45583 | 1 Qualcomm | 14 Fastconnect 7800, Fastconnect 7800 Firmware, Snapdragon 8 Gen 3 Mobile and 11 more | 2025-05-09 | 6.6 Medium |
| Memory corruption while handling multiple IOCTL calls from userspace to operate DMA operations. | ||||
| CVE-2025-21453 | 1 Qualcomm | 532 205 Mobile, 205 Mobile Firmware, 215 Mobile and 529 more | 2025-05-09 | 7.8 High |
| Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur. | ||||
| CVE-2024-21384 | 1 Microsoft | 2 365 Apps, Office Long Term Servicing Channel | 2025-05-09 | 7.8 High |
| Microsoft Office OneNote Remote Code Execution Vulnerability | ||||
| CVE-2024-21339 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2025-05-09 | 6.4 Medium |
| Windows USB Generic Parent Driver Remote Code Execution Vulnerability | ||||
| CVE-2024-38193 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-05-09 | 7.8 High |
| Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | ||||
| CVE-2024-25062 | 2 Redhat, Xmlsoft | 4 Enterprise Linux, Jboss Core Services, Rhel Eus and 1 more | 2025-05-09 | 7.5 High |
| An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free. | ||||
| CVE-2022-3586 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-05-09 | 5.5 Medium |
| A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service. | ||||
| CVE-2022-25666 | 1 Qualcomm | 296 Apq8096au, Apq8096au Firmware, Aqt1000 and 293 more | 2025-05-09 | 6.7 Medium |
| Memory corruption due to use after free in service while trying to access maps by different threads in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | ||||
| CVE-2025-27578 | 2025-05-09 | 7.5 High | ||
| Pixmeo OsiriX MD is vulnerable to a use after free scenario, which could allow an attacker to upload a crafted DICOM file and cause memory corruption leading to a denial-of-service condition. | ||||
| CVE-2025-31946 | 2025-05-09 | 6.2 Medium | ||
| Pixmeo OsiriX MD is vulnerable to a local use after free scenario, which could allow an attacker to locally import a crafted DICOM file and cause memory corruption or a system crash. | ||||
| CVE-2024-26739 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Eus | 2025-05-09 | 7.8 High |
| In the Linux kernel, the following vulnerability has been resolved: net/sched: act_mirred: don't override retval if we already lost the skb If we're redirecting the skb, and haven't called tcf_mirred_forward(), yet, we need to tell the core to drop the skb by setting the retcode to SHOT. If we have called tcf_mirred_forward(), however, the skb is out of our hands and returning SHOT will lead to UaF. Move the retval override to the error path which actually need it. | ||||
| CVE-2022-43033 | 1 Axiosys | 1 Bento4 | 2025-05-08 | 6.5 Medium |
| An issue was discovered in Bento4 1.6.0-639. There is a bad free in the component AP4_HdlrAtom::~AP4_HdlrAtom() which allows attackers to cause a Denial of Service (DoS) via a crafted input. | ||||
| CVE-2022-39823 | 1 Softing | 2 Opc, Opc Ua C\+\+ Software Development Kit | 2025-05-08 | 7.5 High |
| An issue was discovered in Softing OPC UA C++ SDK 5.66 through 6.x before 6.10. An OPC/UA browse request exceeding the server limit on continuation points may cause a use-after-free error | ||||
| CVE-2025-1290 | 2025-05-08 | 8.1 High | ||
| A race condition Use-After-Free vulnerability exists in the virtio_transport_space_update function within the Kernel 5.4 on ChromeOS. Concurrent allocation and freeing of the virtio_vsock_sock structure during an AF_VSOCK connect syscall can occur before a worker thread accesses it resulting in a dangling pointer and potential kernel code execution. | ||||
| CVE-2025-1704 | 2025-05-08 | 6.5 Medium | ||
| ComponentInstaller Modification in ComponentInstaller in Google ChromeOS 15823.23.0 on Chromebooks allows enrolled users with local access to unenroll devices and intercept device management requests via loading components from the unencrypted stateful partition. | ||||