Total
6052 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-58719 | 2025-10-14 | N/A | 4.7 MEDIUM | ||
| Use after free in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-59189 | 2025-10-14 | N/A | 7.4 HIGH | ||
| Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally. | |||||
| CVE-2025-58728 | 2025-10-14 | N/A | 7.8 HIGH | ||
| Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-47354 | 2025-10-09 | N/A | 7.8 HIGH | ||
| Memory corruption while allocating buffers in DSP service. | |||||
| CVE-2025-5100 | 1 Dynamixsoftware | 1 Printershare | 2025-10-08 | N/A | 8.0 HIGH |
| A double-free condition occurs during the cleanup of temporary image files, which can be exploited to achieve memory corruption and potentially arbitrary code execution. | |||||
| CVE-2024-42326 | 1 Zabbix | 1 Zabbix | 2025-10-08 | N/A | 4.4 MEDIUM |
| There was discovered a use after free bug in browser.c in the es_browser_get_variant function | |||||
| CVE-2024-42112 | 1 Linux | 1 Linux Kernel | 2025-10-07 | N/A | 7.8 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: net: txgbe: free isb resources at the right time When using MSI/INTx interrupt, the shared interrupts are still being handled in the device remove routine, before free IRQs. So isb memory is still read after it is freed. Thus move wx_free_isb_resources() from txgbe_close() to txgbe_remove(). And fix the improper isb free action in txgbe_open() error handling path. | |||||
| CVE-2025-61692 | 1 Keyence | 1 Vt Studio | 2025-10-07 | N/A | 7.8 HIGH |
| VT STUDIO versions 8.53 and prior contain a use after free vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on the affected product. | |||||
| CVE-2024-45544 | 1 Qualcomm | 88 C-v2x 9150, C-v2x 9150 Firmware, Fastconnect 6800 and 85 more | 2025-10-06 | N/A | 6.6 MEDIUM |
| Memory corruption while processing IOCTL calls to add route entry in the HW. | |||||
| CVE-2024-45540 | 1 Qualcomm | 136 C-v2x 9150, C-v2x 9150 Firmware, Fastconnect 6200 and 133 more | 2025-10-06 | N/A | 6.6 MEDIUM |
| Memory corruption while invoking IOCTL map buffer request from userspace. | |||||
| CVE-2024-43066 | 1 Qualcomm | 196 Csrb31024, Csrb31024 Firmware, Fastconnect 6200 and 193 more | 2025-10-06 | N/A | 7.8 HIGH |
| Memory corruption while handling file descriptor during listener registration/de-registration. | |||||
| CVE-2024-49848 | 1 Qualcomm | 294 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 291 more | 2025-10-06 | N/A | 6.7 MEDIUM |
| Memory corruption while processing multiple IOCTL calls from HLOS to DSP. | |||||
| CVE-2025-9385 | 1 Broadcom | 1 Tcpreplay | 2025-10-06 | 4.3 MEDIUM | 5.3 MEDIUM |
| A flaw has been found in appneta tcpreplay up to 4.5.1. The affected element is the function fix_ipv6_checksums of the file edit_packet.c of the component tcprewrite. This manipulation causes use after free. The attack is restricted to local execution. The exploit has been published and may be used. Upgrading to version 4.5.2-beta3 is sufficient to fix this issue. It is advisable to upgrade the affected component. | |||||
| CVE-2025-9386 | 1 Broadcom | 1 Tcpreplay | 2025-10-06 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability has been found in appneta tcpreplay up to 4.5.1. The impacted element is the function get_l2len_protocol of the file get.c of the component tcprewrite. Such manipulation leads to use after free. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. Upgrading to version 4.5.2-beta3 is sufficient to resolve this issue. You should upgrade the affected component. | |||||
| CVE-2025-11234 | 2025-10-06 | N/A | 7.5 HIGH | ||
| A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can lead to the callback firing later on and triggering a use-after-free in the use of the channel. This can be abused by a malicious client with network access to the VNC WebSocket port to cause a denial of service during the WebSocket handshake prior to the VNC client authentication. | |||||
| CVE-2025-10729 | 2025-10-06 | N/A | N/A | ||
| The module will parse a <pattern> node which is not a child of a structural node. The node will be deleted after creation but might be accessed later leading to a use after free. | |||||
| CVE-2024-23365 | 1 Qualcomm | 96 Fastconnect 7800, Fastconnect 7800 Firmware, Qam8255p and 93 more | 2025-10-03 | N/A | 8.4 HIGH |
| Memory corruption while releasing shared resources in MinkSocket listener thread. | |||||
| CVE-2024-38629 | 1 Linux | 1 Linux Kernel | 2025-10-03 | N/A | 7.8 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Avoid unnecessary destruction of file_ida file_ida is allocated during cdev open and is freed accordingly during cdev release. This sequence is guaranteed by driver file operations. Therefore, there is no need to destroy an already empty file_ida when the WQ cdev is removed. Worse, ida_free() in cdev release may happen after destruction of file_ida per WQ cdev. This can lead to accessing an id in file_ida after it has been destroyed, resulting in a kernel panic. Remove ida_destroy(&file_ida) to address these issues. | |||||
| CVE-2024-45434 | 1 Opensynergy | 1 Blue Sdk | 2025-10-02 | N/A | 9.8 CRITICAL |
| OpenSynergy BlueSDK (aka Blue SDK) through 6.x has a Use-After-Free. The specific flaw exists within the BlueSDK Bluetooth stack. The issue results from the lack of validating the existence of an object before performing operations on the object (aka use after free). An attacker can leverage this to achieve remote code execution in the context of a user account under which the Bluetooth process runs. | |||||
| CVE-2025-53802 | 1 Microsoft | 8 Windows 10 21h2, Windows 10 22h2, Windows 11 22h2 and 5 more | 2025-10-02 | N/A | 7.0 HIGH |
| Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally. | |||||