Total
6312 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-20925 | 1 Google | 1 Android | 2025-04-02 | 7.8 High |
| In setUclampMinLocked of PowerSessionManager.cpp, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-236674672References: N/A | ||||
| CVE-2023-20920 | 1 Google | 1 Android | 2025-04-02 | 7.8 High |
| In queue of UsbRequest.java, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-204584366 | ||||
| CVE-2025-21372 | 1 Microsoft | 3 Windows 11 24h2, Windows Server 2022 23h2, Windows Server 2025 | 2025-04-02 | 7.8 High |
| Microsoft Brokering File System Elevation of Privilege Vulnerability | ||||
| CVE-2025-21307 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-04-02 | 9.8 Critical |
| Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability | ||||
| CVE-2025-21315 | 1 Microsoft | 3 Windows 11 24h2, Windows Server 2022 23h2, Windows Server 2025 | 2025-04-02 | 7.8 High |
| Microsoft Brokering File System Elevation of Privilege Vulnerability | ||||
| CVE-2025-21304 | 1 Microsoft | 6 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 3 more | 2025-04-02 | 7.8 High |
| Microsoft DWM Core Library Elevation of Privilege Vulnerability | ||||
| CVE-2025-21298 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-04-02 | 9.8 Critical |
| Windows OLE Remote Code Execution Vulnerability | ||||
| CVE-2025-21297 | 1 Microsoft | 7 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 4 more | 2025-04-02 | 8.1 High |
| Windows Remote Desktop Services Remote Code Execution Vulnerability | ||||
| CVE-2025-21296 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-04-02 | 7.5 High |
| BranchCache Remote Code Execution Vulnerability | ||||
| CVE-2025-21295 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-04-02 | 8.1 High |
| SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability | ||||
| CVE-2025-21281 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-04-02 | 7.8 High |
| Microsoft COM for Windows Elevation of Privilege Vulnerability | ||||
| CVE-2025-1916 | 1 Google | 1 Chrome | 2025-04-01 | 8.8 High |
| Use after free in Profiles in Google Chrome prior to 134.0.6998.35 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2025-2476 | 1 Google | 1 Chrome | 2025-04-01 | 8.8 High |
| Use after free in Lens in Google Chrome prior to 134.0.6998.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) | ||||
| CVE-2023-0416 | 1 Wireshark | 1 Wireshark | 2025-04-01 | 6.3 Medium |
| GNW dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file | ||||
| CVE-2024-4771 | 1 Mozilla | 1 Firefox | 2025-04-01 | 8.6 High |
| A memory allocation check was missing which would lead to a use-after-free if the allocation failed. This could have triggered a crash or potentially be leveraged to achieve code execution. This vulnerability affects Firefox < 126. | ||||
| CVE-2024-4770 | 2 Mozilla, Redhat | 7 Firefox, Thunderbird, Enterprise Linux and 4 more | 2025-04-01 | 8.8 High |
| When saving a page to PDF, certain font styles could have led to a potential use-after-free crash. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. | ||||
| CVE-2024-4764 | 1 Mozilla | 1 Firefox | 2025-04-01 | 9.8 Critical |
| Multiple WebRTC threads could have claimed a newly connected audio input leading to use-after-free. This vulnerability affects Firefox < 126. | ||||
| CVE-2024-27284 | 1 Cassandra-rs Project | 1 Cassandra-rs | 2025-04-01 | 7.5 High |
| cassandra-rs is a Cassandra (CQL) driver for Rust. Code that attempts to use an item (e.g., a row) returned by an iterator after the iterator has advanced to the next item will be accessing freed memory and experience undefined behaviour. The problem has been fixed in version 3.0.0. | ||||
| CVE-2023-0469 | 1 Linux | 1 Linux Kernel | 2025-04-01 | 5.5 Medium |
| A use-after-free flaw was found in io_uring/filetable.c in io_install_fixed_file in the io_uring subcomponent in the Linux Kernel during call cleanup. This flaw may lead to a denial of service. | ||||
| CVE-2023-0468 | 1 Linux | 1 Linux Kernel | 2025-04-01 | 4.7 Medium |
| A use-after-free flaw was found in io_uring/poll.c in io_poll_check_events in the io_uring subcomponent in the Linux Kernel due to a race condition of poll_refs. This flaw may cause a NULL pointer dereference. | ||||