Total
6021 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-50264 | 1 Linux | 1 Linux Kernel | 2025-10-15 | N/A | 7.8 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans During loopback communication, a dangling pointer can be created in vsk->trans, potentially leading to a Use-After-Free condition. This issue is resolved by initializing vsk->trans to NULL. | |||||
| CVE-2025-61864 | 2025-10-14 | N/A | 7.8 HIGH | ||
| A use after free vulnerability exists in VS6ComFile!load_link_inf of V-SFT v6.2.7.0 and earlier. Opening specially crafted V-SFT files may lead to information disclosure, affected system's abnormal end (ABEND), and arbitrary code execution. | |||||
| CVE-2025-23280 | 2025-10-14 | N/A | 7.0 HIGH | ||
| NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure. | |||||
| CVE-2025-52885 | 2025-10-14 | N/A | N/A | ||
| Poppler ia a library for rendering PDF files, and examining or modifying their structure. A use-after-free (write) vulnerability has been detected in versions Poppler prior to 25.10.0 within the StructTreeRoot class. The issue arises from the use of raw pointers to elements of a `std::vector`, which can lead to dangling pointers when the vector is resized. The vulnerability stems from the way that refToParentMap stores references to `std::vector` elements using raw pointers. These pointers may become invalid when the vector is resized. This vulnerability is a common security problem involving the use of raw pointers to `std::vectors`. Internally, `std::vector `stores its elements in a dynamically allocated array. When the array reaches its capacity and a new element is added, the vector reallocates a larger block of memory and moves all the existing elements to the new location. At this point if any pointers to elements are stored before a resize occurs, they become dangling pointers once the reallocation happens. Version 25.10.0 contains a patch for the issue. | |||||
| CVE-2025-55684 | 2025-10-14 | N/A | 7.0 HIGH | ||
| Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-55688 | 2025-10-14 | N/A | 7.0 HIGH | ||
| Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-58718 | 2025-10-14 | N/A | 8.8 HIGH | ||
| Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network. | |||||
| CVE-2025-58719 | 2025-10-14 | N/A | 4.7 MEDIUM | ||
| Use after free in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-59189 | 2025-10-14 | N/A | 7.4 HIGH | ||
| Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally. | |||||
| CVE-2025-59234 | 2025-10-14 | N/A | 7.8 HIGH | ||
| Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-55335 | 2025-10-14 | N/A | 7.4 HIGH | ||
| Use after free in Windows NTFS allows an unauthorized attacker to elevate privileges locally. | |||||
| CVE-2025-55693 | 2025-10-14 | N/A | 7.4 HIGH | ||
| Use after free in Windows Kernel allows an unauthorized attacker to elevate privileges locally. | |||||
| CVE-2025-55685 | 2025-10-14 | N/A | 7.0 HIGH | ||
| Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-59282 | 2025-10-14 | N/A | 7.0 HIGH | ||
| Concurrent execution using shared resource with improper synchronization ('race condition') in Inbox COM Objects allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-55326 | 2025-10-14 | N/A | 7.5 HIGH | ||
| Use after free in Connected Devices Platform Service (Cdpsvc) allows an unauthorized attacker to execute code over a network. | |||||
| CVE-2025-55687 | 2025-10-14 | N/A | 7.4 HIGH | ||
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Resilient File System (ReFS) allows an unauthorized attacker to elevate privileges locally. | |||||
| CVE-2025-59195 | 2025-10-14 | N/A | 7.0 HIGH | ||
| Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to deny service locally. | |||||
| CVE-2025-55331 | 2025-10-14 | N/A | 7.0 HIGH | ||
| Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-59236 | 2025-10-14 | N/A | 8.4 HIGH | ||
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-59196 | 2025-10-14 | N/A | 7.0 HIGH | ||
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an authorized attacker to elevate privileges locally. | |||||