Total
6241 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-30035 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2025-05-03 | 7.8 High |
Windows DWM Core Library Elevation of Privilege Vulnerability | ||||
CVE-2024-30032 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-05-03 | 7.8 High |
Windows DWM Core Library Elevation of Privilege Vulnerability | ||||
CVE-2024-30031 | 1 Microsoft | 16 Windows, Windows 10 1507, Windows 10 1607 and 13 more | 2025-05-03 | 7.8 High |
Windows CNG Key Isolation Service Elevation of Privilege Vulnerability | ||||
CVE-2024-30028 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-05-03 | 7.8 High |
Win32k Elevation of Privilege Vulnerability | ||||
CVE-2024-30006 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-05-03 | 8.8 High |
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | ||||
CVE-2022-45343 | 1 Gpac | 1 Gpac | 2025-05-02 | 7.8 High |
GPAC v2.1-DEV-rev478-g696e6f868-master was discovered to contain a heap use-after-free via the Q_IsTypeOn function at /gpac/src/bifs/unquantize.c. | ||||
CVE-2022-32607 | 2 Google, Mediatek | 49 Android, Mt6580, Mt6739 and 46 more | 2025-05-02 | 6.7 Medium |
In aee, there is a possible use after free due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07202891; Issue ID: ALPS07202891. | ||||
CVE-2021-39432 | 1 Diplib | 1 Diplib | 2025-05-02 | 6.5 Medium |
diplib v3.0.0 is vulnerable to Double Free. | ||||
CVE-2023-39434 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2025-05-02 | 8.8 High |
A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. Processing web content may lead to arbitrary code execution. | ||||
CVE-2025-27365 | 1 Ibm | 1 Mq Operator | 2025-05-02 | 6.5 Medium |
IBM MQ Operator LTS 2.0.0 through 2.0.29, MQ Operator CD 3.0.0, 3.0.1, 3.1.0 through 3.1.3, 3.3.0, 3.4.0, 3.4.1, 3.5.0, 3.5.1, and MQ Operator SC2 3.2.0 through 3.2.10 Client connecting to a MQ Queue Manager can cause a SIGSEGV in the AMQRMPPA channel process terminating it. | ||||
CVE-2023-5175 | 1 Mozilla | 1 Firefox | 2025-05-01 | 9.8 Critical |
During process shutdown, it was possible that an `ImageBitmap` was created that would later be used after being freed from a different codepath, leading to a potentially exploitable crash. This vulnerability affects Firefox < 118. | ||||
CVE-2023-5472 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2025-05-01 | 8.8 High |
Use after free in Profiles in Google Chrome prior to 118.0.5993.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
CVE-2023-5476 | 2 Debian, Google | 2 Debian Linux, Chrome | 2025-05-01 | 8.8 High |
Use after free in Blink History in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | ||||
CVE-2023-5172 | 1 Mozilla | 1 Firefox | 2025-05-01 | 9.8 Critical |
A hashtable in the Ion Engine could have been mutated while there was a live interior reference, leading to a potential use-after-free and exploitable crash. This vulnerability affects Firefox < 118. | ||||
CVE-2022-44547 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-01 | 7.5 High |
The Display Service module has a UAF vulnerability. Successful exploitation of this vulnerability may affect the display service availability. | ||||
CVE-2022-20447 | 1 Google | 1 Android | 2025-05-01 | 6.5 Medium |
In PAN_WriteBuf of pan_api.cc, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-233604485 | ||||
CVE-2022-44550 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-01 | 7.5 High |
The graphics display module has a UAF vulnerability when traversing graphic layers. Successful exploitation of this vulnerability may affect system availability. | ||||
CVE-2024-25767 | 1 Emqx | 1 Nanomq | 2025-05-01 | 6.5 Medium |
nanomq 0.21.2 contains a Use-After-Free vulnerability in /nanomq/nng/src/core/socket.c. | ||||
CVE-2024-36844 | 1 Libmodbus | 1 Libmodbus | 2025-05-01 | 7.5 High |
libmodbus v3.1.6 was discovered to contain a use-after-free via the ctx->backend pointer. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted message sent to the unit-test-server. | ||||
CVE-2025-24252 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-05-01 | 9.8 Critical |
A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, visionOS 2.4. An attacker on the local network may be able to corrupt process memory. |