Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2022-49470

Summary
Assigner-Linux
Assigner Org ID-416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At-26 Feb, 2025 | 02:13
Updated At-04 May, 2025 | 08:38
Rejected At-
Credits

Bluetooth: btmtksdio: fix use-after-free at btmtksdio_recv_event

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btmtksdio: fix use-after-free at btmtksdio_recv_event We should not access skb buffer data anymore after hci_recv_frame was called. [ 39.634809] BUG: KASAN: use-after-free in btmtksdio_recv_event+0x1b0 [ 39.634855] Read of size 1 at addr ffffff80cf28a60d by task kworker [ 39.634962] Call trace: [ 39.634974] dump_backtrace+0x0/0x3b8 [ 39.634999] show_stack+0x20/0x2c [ 39.635016] dump_stack_lvl+0x60/0x78 [ 39.635040] print_address_description+0x70/0x2f0 [ 39.635062] kasan_report+0x154/0x194 [ 39.635079] __asan_report_load1_noabort+0x44/0x50 [ 39.635099] btmtksdio_recv_event+0x1b0/0x1c4 [ 39.635129] btmtksdio_txrx_work+0x6cc/0xac4 [ 39.635157] process_one_work+0x560/0xc5c [ 39.635177] worker_thread+0x7ec/0xcc0 [ 39.635195] kthread+0x2d0/0x3d0 [ 39.635215] ret_from_fork+0x10/0x20 [ 39.635247] Allocated by task 0: [ 39.635260] (stack is not available) [ 39.635281] Freed by task 2392: [ 39.635295] kasan_save_stack+0x38/0x68 [ 39.635319] kasan_set_track+0x28/0x3c [ 39.635338] kasan_set_free_info+0x28/0x4c [ 39.635357] ____kasan_slab_free+0x104/0x150 [ 39.635374] __kasan_slab_free+0x18/0x28 [ 39.635391] slab_free_freelist_hook+0x114/0x248 [ 39.635410] kfree+0xf8/0x2b4 [ 39.635427] skb_free_head+0x58/0x98 [ 39.635447] skb_release_data+0x2f4/0x410 [ 39.635464] skb_release_all+0x50/0x60 [ 39.635481] kfree_skb+0xc8/0x25c [ 39.635498] hci_event_packet+0x894/0xca4 [bluetooth] [ 39.635721] hci_rx_work+0x1c8/0x68c [bluetooth] [ 39.635925] process_one_work+0x560/0xc5c [ 39.635951] worker_thread+0x7ec/0xcc0 [ 39.635970] kthread+0x2d0/0x3d0 [ 39.635990] ret_from_fork+0x10/0x20 [ 39.636021] The buggy address belongs to the object at ffffff80cf28a600 which belongs to the cache kmalloc-512 of size 512 [ 39.636039] The buggy address is located 13 bytes inside of 512-byte region [ffffff80cf28a600, ffffff80cf28a800)

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Linux
Assigner Org ID:416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At:26 Feb, 2025 | 02:13
Updated At:04 May, 2025 | 08:38
Rejected At:
▼CVE Numbering Authority (CNA)
Bluetooth: btmtksdio: fix use-after-free at btmtksdio_recv_event

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btmtksdio: fix use-after-free at btmtksdio_recv_event We should not access skb buffer data anymore after hci_recv_frame was called. [ 39.634809] BUG: KASAN: use-after-free in btmtksdio_recv_event+0x1b0 [ 39.634855] Read of size 1 at addr ffffff80cf28a60d by task kworker [ 39.634962] Call trace: [ 39.634974] dump_backtrace+0x0/0x3b8 [ 39.634999] show_stack+0x20/0x2c [ 39.635016] dump_stack_lvl+0x60/0x78 [ 39.635040] print_address_description+0x70/0x2f0 [ 39.635062] kasan_report+0x154/0x194 [ 39.635079] __asan_report_load1_noabort+0x44/0x50 [ 39.635099] btmtksdio_recv_event+0x1b0/0x1c4 [ 39.635129] btmtksdio_txrx_work+0x6cc/0xac4 [ 39.635157] process_one_work+0x560/0xc5c [ 39.635177] worker_thread+0x7ec/0xcc0 [ 39.635195] kthread+0x2d0/0x3d0 [ 39.635215] ret_from_fork+0x10/0x20 [ 39.635247] Allocated by task 0: [ 39.635260] (stack is not available) [ 39.635281] Freed by task 2392: [ 39.635295] kasan_save_stack+0x38/0x68 [ 39.635319] kasan_set_track+0x28/0x3c [ 39.635338] kasan_set_free_info+0x28/0x4c [ 39.635357] ____kasan_slab_free+0x104/0x150 [ 39.635374] __kasan_slab_free+0x18/0x28 [ 39.635391] slab_free_freelist_hook+0x114/0x248 [ 39.635410] kfree+0xf8/0x2b4 [ 39.635427] skb_free_head+0x58/0x98 [ 39.635447] skb_release_data+0x2f4/0x410 [ 39.635464] skb_release_all+0x50/0x60 [ 39.635481] kfree_skb+0xc8/0x25c [ 39.635498] hci_event_packet+0x894/0xca4 [bluetooth] [ 39.635721] hci_rx_work+0x1c8/0x68c [bluetooth] [ 39.635925] process_one_work+0x560/0xc5c [ 39.635951] worker_thread+0x7ec/0xcc0 [ 39.635970] kthread+0x2d0/0x3d0 [ 39.635990] ret_from_fork+0x10/0x20 [ 39.636021] The buggy address belongs to the object at ffffff80cf28a600 which belongs to the cache kmalloc-512 of size 512 [ 39.636039] The buggy address is located 13 bytes inside of 512-byte region [ffffff80cf28a600, ffffff80cf28a800)

Affected Products
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • drivers/bluetooth/btmtksdio.c
Default Status
unaffected
Versions
Affected
  • From 9aebfd4a2200ab8075e44379c758bccefdc589bb before b3cec8a42fcd11d05313c724f27e01b1db77522c (git)
  • From 9aebfd4a2200ab8075e44379c758bccefdc589bb before 02ba31e09a26e8cd4582ac8e6163d80284997727 (git)
  • From 9aebfd4a2200ab8075e44379c758bccefdc589bb before 01c6a899fa6be4f4cbf60c4f44f0f6691155415f (git)
  • From 9aebfd4a2200ab8075e44379c758bccefdc589bb before 0fab6361c4ba17d1b43a991bef4238a3c1754d35 (git)
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • drivers/bluetooth/btmtksdio.c
Default Status
affected
Versions
Affected
  • 5.2
Unaffected
  • From 0 before 5.2 (semver)
  • From 5.15.54 through 5.15.* (semver)
  • From 5.17.14 through 5.17.* (semver)
  • From 5.18.3 through 5.18.* (semver)
  • From 5.19 through * (original_commit_for_fix)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://git.kernel.org/stable/c/b3cec8a42fcd11d05313c724f27e01b1db77522c
N/A
https://git.kernel.org/stable/c/02ba31e09a26e8cd4582ac8e6163d80284997727
N/A
https://git.kernel.org/stable/c/01c6a899fa6be4f4cbf60c4f44f0f6691155415f
N/A
https://git.kernel.org/stable/c/0fab6361c4ba17d1b43a991bef4238a3c1754d35
N/A
Hyperlink: https://git.kernel.org/stable/c/b3cec8a42fcd11d05313c724f27e01b1db77522c
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/02ba31e09a26e8cd4582ac8e6163d80284997727
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/01c6a899fa6be4f4cbf60c4f44f0f6691155415f
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/0fab6361c4ba17d1b43a991bef4238a3c1754d35
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-416CWE-416 Use After Free
Type: CWE
CWE ID: CWE-416
Description: CWE-416 Use After Free
Metrics
VersionBase scoreBase severityVector
3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At:26 Feb, 2025 | 07:01
Updated At:24 Mar, 2025 | 19:58

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btmtksdio: fix use-after-free at btmtksdio_recv_event We should not access skb buffer data anymore after hci_recv_frame was called. [ 39.634809] BUG: KASAN: use-after-free in btmtksdio_recv_event+0x1b0 [ 39.634855] Read of size 1 at addr ffffff80cf28a60d by task kworker [ 39.634962] Call trace: [ 39.634974] dump_backtrace+0x0/0x3b8 [ 39.634999] show_stack+0x20/0x2c [ 39.635016] dump_stack_lvl+0x60/0x78 [ 39.635040] print_address_description+0x70/0x2f0 [ 39.635062] kasan_report+0x154/0x194 [ 39.635079] __asan_report_load1_noabort+0x44/0x50 [ 39.635099] btmtksdio_recv_event+0x1b0/0x1c4 [ 39.635129] btmtksdio_txrx_work+0x6cc/0xac4 [ 39.635157] process_one_work+0x560/0xc5c [ 39.635177] worker_thread+0x7ec/0xcc0 [ 39.635195] kthread+0x2d0/0x3d0 [ 39.635215] ret_from_fork+0x10/0x20 [ 39.635247] Allocated by task 0: [ 39.635260] (stack is not available) [ 39.635281] Freed by task 2392: [ 39.635295] kasan_save_stack+0x38/0x68 [ 39.635319] kasan_set_track+0x28/0x3c [ 39.635338] kasan_set_free_info+0x28/0x4c [ 39.635357] ____kasan_slab_free+0x104/0x150 [ 39.635374] __kasan_slab_free+0x18/0x28 [ 39.635391] slab_free_freelist_hook+0x114/0x248 [ 39.635410] kfree+0xf8/0x2b4 [ 39.635427] skb_free_head+0x58/0x98 [ 39.635447] skb_release_data+0x2f4/0x410 [ 39.635464] skb_release_all+0x50/0x60 [ 39.635481] kfree_skb+0xc8/0x25c [ 39.635498] hci_event_packet+0x894/0xca4 [bluetooth] [ 39.635721] hci_rx_work+0x1c8/0x68c [bluetooth] [ 39.635925] process_one_work+0x560/0xc5c [ 39.635951] worker_thread+0x7ec/0xcc0 [ 39.635970] kthread+0x2d0/0x3d0 [ 39.635990] ret_from_fork+0x10/0x20 [ 39.636021] The buggy address belongs to the object at ffffff80cf28a600 which belongs to the cache kmalloc-512 of size 512 [ 39.636039] The buggy address is located 13 bytes inside of 512-byte region [ffffff80cf28a600, ffffff80cf28a800)

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 5.2(inclusive) to 5.15.54(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 5.16(inclusive) to 5.17.14(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 5.18(inclusive) to 5.18.3(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-416Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-416
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://git.kernel.org/stable/c/01c6a899fa6be4f4cbf60c4f44f0f6691155415f416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/02ba31e09a26e8cd4582ac8e6163d80284997727416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/0fab6361c4ba17d1b43a991bef4238a3c1754d35416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/b3cec8a42fcd11d05313c724f27e01b1db77522c416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
Hyperlink: https://git.kernel.org/stable/c/01c6a899fa6be4f4cbf60c4f44f0f6691155415f
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/02ba31e09a26e8cd4582ac8e6163d80284997727
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/0fab6361c4ba17d1b43a991bef4238a3c1754d35
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/b3cec8a42fcd11d05313c724f27e01b1db77522c
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch

Change History

0
Information is not available yet

Similar CVEs

3188Records found
CVE-2023-23421
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.33% / 55.31%
||
7 Day CHG~0.00%
Published-14 Mar, 2023 | 16:55
Updated-01 Jan, 2025 | 00:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_11_21h2windows_10_22h2windows_server_2022windows_10windows_10_20h2windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows 10 Version 1607Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server 2012 (Server Core installation)Windows 10 Version 20H2Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2
CWE ID-CWE-416
Use After Free
CVE-2023-22383
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 12.10%
||
7 Day CHG~0.00%
Published-05 Dec, 2023 | 03:03
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Camera

Memory Corruption in camera while installing a fd for a particular DMA buffer.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sw5100pqcs410_firmwaresa6150p_firmwaresd865_5gsnapdragon_865_5g_mobile_platform_firmwareqcs8155_firmwarec-v2x_9150_firmwaresa6155p_firmwareqam8295p_firmwaresd855qcs610_firmwaresxr2130_firmwarewcd9370wsa8830_firmwareqca6696snapdragon_870_5g_mobile_platform_firmwareqca6436_firmwarewcd9341_firmwaresnapdragon_wear_4100\+_platform_firmwaresnapdragon_w5\+_gen_1_wearable_platform_firmwarewcn3610_firmwareqca6426snapdragon_855\+\/860_mobile_platform_firmwarefastconnect_6700wcn3610qca6420snapdragon_865\+_5g_mobile_platform_firmwareqcn9074qca6430wsa8815_firmwaresa8195p_firmwarewcd9370_firmwareqca8337_firmwaresdx55_firmwareqca8337qca6426_firmwaresnapdragon_x55_5g_modem-rf_system_firmwarewcn3660bsxr2130qca6574au_firmwaresa8195pqam8295pwcd9341qca6574ausnapdragon_855_mobile_platformwcn3950wsa8810_firmwaresnapdragon_xr2_5g_platformsnapdragon_855_mobile_platform_firmwareqca6420_firmwareaqt1000_firmwarewcn3988qcs6490_firmwaresd855_firmwarewcn3980_firmwarewcn3660b_firmwareqca6436wsa8835qca6391_firmwareqca6430_firmwaresnapdragon_870_5g_mobile_platformsw5100p_firmwarefastconnect_6800_firmwaresa8295p_firmwareqca6696_firmwaresnapdragon_865_5g_mobile_platformwcd9380_firmwaresa6150pqcs410sa8155p_firmwarewsa8815wcn3680b_firmwarevideo_collaboration_vc1_platform_firmwaresa8155pwsa8830c-v2x_9150sa6145pqcn9074_firmwaresw5100_firmwaresdx55qsm8250_firmwarefastconnect_6800fastconnect_6900qca6391video_collaboration_vc1_platformwcn3950_firmwaresnapdragon_x55_5g_modem-rf_systemfastconnect_6900_firmwaresa8295pwcd9380sa6145p_firmwarefastconnect_6200wcn3680bsa8145p_firmwaresnapdragon_xr2_5g_platform_firmwaresd865_5g_firmwaresa8150pqcs8155sa8150p_firmwaresnapdragon_855\+\/860_mobile_platformsnapdragon_w5\+_gen_1_wearable_platformwcn3988_firmwaresa6155pfastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwaresa8145psnapdragon_wear_4100\+_platformwsa8835_firmwarewsa8810qcs6490wcn3980snapdragon_865\+_5g_mobile_platformqsm8250fastconnect_6200_firmwaresw5100video_collaboration_vc3_platformaqt1000qcs610Snapdragon
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-21724
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.21% / 43.47%
||
7 Day CHG~0.00%
Published-10 Jan, 2023 | 00:00
Updated-01 Jan, 2025 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft DWM Core Library Elevation of Privilege Vulnerability

Microsoft DWM Core Library Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_11_22h2windows_11_21h2windows_10_22h2windows_10_20h2windows_server_2022Windows Server 2022Windows 10 Version 21H2Windows 11 version 22H2Windows 11 version 21H2Windows 10 Version 22H2Windows 10 Version 20H2
CWE ID-CWE-416
Use After Free
CVE-2023-21822
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.93% / 75.92%
||
7 Day CHG~0.00%
Published-14 Feb, 2023 | 19:33
Updated-28 Feb, 2025 | 21:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Graphics Component Elevation of Privilege Vulnerability

Windows Graphics Component Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_11_21h2windows_10_22h2windows_server_2022windows_10windows_10_20h2windows_11_22h2windows_server_2019windows_10_1607Windows 10 Version 22H2Windows 10 Version 21H2Windows Server 2016 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows 11 version 22H2Windows Server 2019Windows Server 2008 Service Pack 2Windows Server 2012Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2008 R2 Service Pack 1Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 11 version 21H2Windows Server 2022Windows Server 2012 R2Windows 10 Version 1507Windows Server 2012 (Server Core installation)Windows Server 2016Windows 10 Version 20H2Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2 (Server Core installation)Windows 10 Version 1607
CWE ID-CWE-416
Use After Free
CVE-2023-21773
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-2.01% / 83.53%
||
7 Day CHG~0.00%
Published-10 Jan, 2023 | 00:00
Updated-01 Jan, 2025 | 00:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_8.1windows_rt_8.1windows_11_21h2windows_7windows_10_22h2windows_server_2022windows_10_20h2windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows 10 Version 1607Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows 8.1Windows 7Windows Server 2012 (Server Core installation)Windows 7 Service Pack 1Windows 10 Version 20H2Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2
CWE ID-CWE-416
Use After Free
CWE ID-CWE-269
Improper Privilege Management
CVE-2026-20971
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-7.3||HIGH
EPSS-0.01% / 0.62%
||
7 Day CHG~0.00%
Published-09 Jan, 2026 | 06:16
Updated-26 Feb, 2026 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use After Free in PROCA driver prior to SMR Jan-2026 Release 1 allows local attackers to potentially execute arbitrary code.

Action-Not Available
Vendor-Samsung ElectronicsSamsung
Product-androidSamsung Mobile Devices
CWE ID-CWE-416
Use After Free
CVE-2026-20859
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.29%
||
7 Day CHG~0.00%
Published-13 Jan, 2026 | 17:56
Updated-26 Feb, 2026 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2025windows_11_25h2windows_11_24h2Windows Server 2025Windows 11 Version 25H2Windows Server 2025 (Server Core installation)Windows 11 Version 24H2
CWE ID-CWE-416
Use After Free
CVE-2026-20871
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.03% / 10.04%
||
7 Day CHG~0.00%
Published-13 Jan, 2026 | 17:57
Updated-26 Feb, 2026 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Desktop Window Manager Elevation of Privilege Vulnerability

Use after free in Desktop Windows Manager allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_22h2windows_server_2022_23h2windows_server_2025windows_server_2022windows_11_24h2windows_11_23h2windows_11_25h2Windows 11 Version 25H2Windows 10 Version 21H2Windows 11 version 22H3Windows 10 Version 22H2Windows 11 Version 23H2Windows Server 2022Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2025Windows 11 Version 24H2Windows Server 2025 (Server Core installation)
CWE ID-CWE-416
Use After Free
CVE-2022-42332
Matching Score-4
Assigner-Xen Project
ShareView Details
Matching Score-4
Assigner-Xen Project
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.61%
||
7 Day CHG~0.00%
Published-21 Mar, 2023 | 00:00
Updated-13 Feb, 2025 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

x86 shadow plus log-dirty mode use-after-free In environments where host assisted address translation is necessary but Hardware Assisted Paging (HAP) is unavailable, Xen will run guests in so called shadow mode. Shadow mode maintains a pool of memory used for both shadow page tables as well as auxiliary data structures. To migrate or snapshot guests, Xen additionally runs them in so called log-dirty mode. The data structures needed by the log-dirty tracking are part of aformentioned auxiliary data. In order to keep error handling efforts within reasonable bounds, for operations which may require memory allocations shadow mode logic ensures up front that enough memory is available for the worst case requirements. Unfortunately, while page table memory is properly accounted for on the code path requiring the potential establishing of new shadows, demands by the log-dirty infrastructure were not taken into consideration. As a result, just established shadow page tables could be freed again immediately, while other code is still accessing them on the assumption that they would remain allocated.

Action-Not Available
Vendor-Debian GNU/LinuxXen ProjectFedora Project
Product-xendebian_linuxfedoraxen
CWE ID-CWE-416
Use After Free
CVE-2026-20920
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.29%
||
7 Day CHG~0.00%
Published-13 Jan, 2026 | 17:56
Updated-26 Feb, 2026 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Win32k Elevation of Privilege Vulnerability

Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2022_23h2windows_11_23h2windows_server_2022Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2Windows 11 version 22H3Windows Server 2022
CWE ID-CWE-416
Use After Free
CVE-2026-20870
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.29%
||
7 Day CHG~0.00%
Published-13 Jan, 2026 | 17:56
Updated-26 Feb, 2026 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2025windows_11_25h2windows_11_24h2Windows Server 2025Windows 11 Version 25H2Windows Server 2025 (Server Core installation)Windows 11 Version 24H2
CWE ID-CWE-416
Use After Free
CVE-2026-20411
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-7.8||HIGH
EPSS-0.00% / 0.06%
||
7 Day CHG~0.00%
Published-02 Feb, 2026 | 08:15
Updated-26 Feb, 2026 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In cameraisp, there is a possible escalation of privilege due to use after free. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10351676; Issue ID: MSV-5737.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt8365mt8793mt6895mt6897mt8195mt8390mt6989androidmt6881mt8395mt6991mt8188mt6983mt6993mt6878mt8666mt8370mt6985mt8168mt6886mt8673mt8676mt6879mt8667mt6899MT6878, MT6879, MT6881, MT6886, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT6993, MT8168, MT8188, MT8195, MT8365, MT8370, MT8390, MT8395, MT8666, MT8667, MT8673, MT8676, MT8793
CWE ID-CWE-416
Use After Free
CVE-2023-21756
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.10% / 28.50%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 17:02
Updated-01 Jan, 2025 | 01:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Win32k Elevation of Privilege Vulnerability

Windows Win32k Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows 10 Version 1607Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server 2012 (Server Core installation)Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2012 R2Windows Server 2012Windows Server 2019Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2
CWE ID-CWE-416
Use After Free
CVE-2016-1573
Matching Score-4
Assigner-Canonical Ltd.
ShareView Details
Matching Score-4
Assigner-Canonical Ltd.
CVSS Score-4.8||MEDIUM
EPSS-0.09% / 24.89%
||
7 Day CHG~0.00%
Published-22 Apr, 2019 | 15:35
Updated-16 Sep, 2024 | 18:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Using a specially crafted fallback art property, scopes can execute arbitrary QML code in context of unity8-dash

Versions of Unity8 before 8.11+16.04.20160122-0ubuntu1 file plugins/Dash/CardCreator.js will execute any code found in place of a fallback image supplied by a scope.

Action-Not Available
Vendor-ubportsUbuntu
Product-unity8Unity8
CWE ID-CWE-416
Use After Free
CVE-2023-22436
Matching Score-4
Assigner-OpenHarmony
ShareView Details
Matching Score-4
Assigner-OpenHarmony
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.37%
||
7 Day CHG~0.00%
Published-10 Mar, 2023 | 10:44
Updated-04 Mar, 2025 | 21:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
The kernel subsystem function check_permission_for_set_tokenid has an UAF vulnerability.

The kernel subsystem function check_permission_for_set_tokenid within OpenHarmony-v3.1.5 and prior versions has an UAF vulnerability which local attackers can exploit this vulnerability to escalate the privilege to root.

Action-Not Available
Vendor-OpenAtom FoundationOpenHarmony (OpenAtom Foundation)
Product-openharmonyOpenHarmony
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-416
Use After Free
CVE-2024-47892
Matching Score-4
Assigner-Imagination Technologies
ShareView Details
Matching Score-4
Assigner-Imagination Technologies
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.50%
||
7 Day CHG~0.00%
Published-13 Dec, 2024 | 17:35
Updated-16 Dec, 2024 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GPU DDK - UAF of kernel memory in PMRUnlockPhysAddressesOSMem for on-demand non-4KB PMRs in system memory (UMA)

Software installed and run as a non-privileged user may conduct GPU system calls to read and write freed physical memory from the GPU.

Action-Not Available
Vendor-Imagination Technologies Limited
Product-Graphics DDK
CWE ID-CWE-416
Use After Free
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2024-49074
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.12% / 30.82%
||
7 Day CHG~0.00%
Published-10 Dec, 2024 | 17:49
Updated-13 May, 2025 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2019windows_10_22h2Windows 10 Version 22H2Windows 10 Version 1809Windows Server 2019Windows Server 2019 (Server Core installation)Windows 10 Version 21H2
CWE ID-CWE-416
Use After Free
CVE-2021-40449
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-91.30% / 99.65%
||
7 Day CHG~0.00%
Published-13 Oct, 2021 | 00:26
Updated-30 Oct, 2025 | 19:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2021-12-01||Apply updates per vendor instructions.
Win32k Elevation of Privilege Vulnerability

Win32k Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_7windows_11_21h2windows_server_2012windows_11windows_server_2022windows_rt_8.1windows_8.1windows_10_2004windows_server_20h2windows_10_1507windows_10_1909windows_server_2008windows_10_21h1windows_server_2004windows_10_1607windows_10_1809windows_server_2019windows_10_20h2windows_server_2016Windows 11 version 21H2Windows 10 Version 2004Windows Server 2016 (Server Core installation)Windows Server 2012Windows 8.1Windows Server 2008 Service Pack 2Windows Server 2019 (Server Core installation)Windows 7Windows 10 Version 21H1Windows Server 2008 Service Pack 2 (Server Core installation)Windows 10 Version 1909Windows Server 2012 (Server Core installation)Windows Server 2022Windows Server 2019Windows 10 Version 1507Windows 10 Version 1607Windows Server 2008 Service Pack 2Windows 7 Service Pack 1Windows Server 2012 R2Windows 10 Version 1809Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows 10 Version 20H2Windows Server 2008 R2 Service Pack 1Windows Server 2016Windows Server version 20H2Windows Server version 2004Windows
CWE ID-CWE-416
Use After Free
CVE-2024-47899
Matching Score-4
Assigner-Imagination Technologies
ShareView Details
Matching Score-4
Assigner-Imagination Technologies
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.30%
||
7 Day CHG~0.00%
Published-31 Jan, 2025 | 03:17
Updated-18 Mar, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GPU DDK - PVRSRVDeviceServicesOpen use-after-free condition

Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.

Action-Not Available
Vendor-Imagination Technologies Limited
Product-Graphics DDK
CWE ID-CWE-416
Use After Free
CVE-2024-47898
Matching Score-4
Assigner-Imagination Technologies
ShareView Details
Matching Score-4
Assigner-Imagination Technologies
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.30%
||
7 Day CHG~0.00%
Published-31 Jan, 2025 | 03:14
Updated-20 Mar, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GPU DDK - PVRSRVDeviceSyncOpen use-after-free condition

Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.

Action-Not Available
Vendor-Imagination Technologies Limited
Product-Graphics DDK
CWE ID-CWE-416
Use After Free
CVE-2024-47891
Matching Score-4
Assigner-Imagination Technologies
ShareView Details
Matching Score-4
Assigner-Imagination Technologies
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.17%
||
7 Day CHG~0.00%
Published-31 Jan, 2025 | 03:11
Updated-18 Mar, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GPU DDK - Exploitable double free on PTL_STREAM_DESC object in the kernel function TLServerCloseStreamKM due to a race condition

Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.

Action-Not Available
Vendor-Imagination Technologies Limited
Product-Graphics DDK
CWE ID-CWE-416
Use After Free
CVE-2023-21747
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.41% / 61.22%
||
7 Day CHG~0.00%
Published-10 Jan, 2023 | 00:00
Updated-01 Jan, 2025 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_8.1windows_rt_8.1windows_11_21h2windows_7windows_10_22h2windows_server_2022windows_10_20h2windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows 10 Version 1607Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows 8.1Windows 7Windows Server 2012 (Server Core installation)Windows 7 Service Pack 1Windows 10 Version 20H2Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2
CWE ID-CWE-416
Use After Free
CVE-2020-12303
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.84%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:07
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in DAL subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE 3.1.80, 4.0.30 may allow an authenticated user to potentially enable escalation of privileges via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-converged_security_and_manageability_enginetrusted_execution_technologyIntel(R) CSME, Intel(R) TXE
CWE ID-CWE-416
Use After Free
CVE-2024-46973
Matching Score-4
Assigner-Imagination Technologies
ShareView Details
Matching Score-4
Assigner-Imagination Technologies
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.70%
||
7 Day CHG~0.00%
Published-28 Dec, 2024 | 04:56
Updated-28 Dec, 2024 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Exploitable kernel use-after-free on psServerMMUContext due to reference count mismanagement

Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.

Action-Not Available
Vendor-Imagination Technologies Limited
Product-Graphics DDK
CWE ID-CWE-416
Use After Free
CVE-2024-47033
Matching Score-4
Assigner-Google Devices
ShareView Details
Matching Score-4
Assigner-Google Devices
CVSS Score-7.4||HIGH
EPSS-0.03% / 10.06%
||
7 Day CHG~0.00%
Published-25 Oct, 2024 | 10:34
Updated-28 Oct, 2024 | 17:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In lwis_allocator_free of lwis_allocator.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroidpixel
CWE ID-CWE-416
Use After Free
CVE-2024-45566
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.86%
||
7 Day CHG+0.04%
Published-06 May, 2025 | 08:31
Updated-26 Feb, 2026 | 18:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Camera Driver

Memory corruption during concurrent buffer access due to modification of the reference count.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwaresd865_5g_firmwaresnapdragon_429_mobile_firmwarefastconnect_7800_firmwarewsa8835wsa8810snapdragon_xr2_5g_firmwaresnapdragon_865\+_5g_mobileqca6426sdm429w_firmwarewsa8830wsa8835_firmwaresnapdragon_8_gen_1_mobile_firmwarewsa8815_firmwaresnapdragon_865_5g_mobilesd865_5gsnapdragon_x55_5g_modem-rf_system_firmwaresxr2130wcn3620_firmwarewsa8810_firmwarefastconnect_6800qca6426_firmwareqca6391snapdragon_870_5g_mobilewcn3620snapdragon_x55_5g_modem-rf_systemwsa8830_firmwarewcd9380snapdragon_865_5g_mobile_firmwarefastconnect_6800_firmwaresnapdragon_429_mobilewsa8815qca6436_firmwareqca6436snapdragon_xr2_5gfastconnect_6900sdm429wsnapdragon_865\+_5g_mobile_firmwarefastconnect_6900_firmwaresnapdragon_8_gen_1_mobilesnapdragon_870_5g_mobile_firmwarefastconnect_7800wcn3660b_firmwaresxr2130_firmwareqca6391_firmwarewcn3660bSnapdragon
CWE ID-CWE-416
Use After Free
CVE-2024-45567
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.86%
||
7 Day CHG+0.04%
Published-06 May, 2025 | 08:32
Updated-26 Feb, 2026 | 18:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Camera Driver

Memory corruption while encoding JPEG format.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwaresnapdragon_429_mobile_firmwarefastconnect_7800_firmwarewcn3620_firmwarewcd9385wsa8835sxr2230p_firmwarewcn3660bwcd9385_firmwaresxr2230pwcn3620sdm429w_firmwarewsa8830wsa8830_firmwarewsa8835_firmwaresxr2250p_firmwarewcd9380snapdragon_8_gen_1_mobile_firmwaresnapdragon_429_mobilefastconnect_6900sdm429wfastconnect_6900_firmwaresnapdragon_8_gen_1_mobilewsa8832_firmwarewsa8832wcn3660b_firmwarefastconnect_7800sxr2250pSnapdragon
CWE ID-CWE-416
Use After Free
CVE-2024-45562
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.6||MEDIUM
EPSS-0.07% / 20.86%
||
7 Day CHG+0.04%
Published-06 May, 2025 | 08:31
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in HLOS

Memory corruption during concurrent access to server info object due to unprotected critical field.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6678aq_firmwareqcs410_firmwaresa6150p_firmwaresd865_5gsdm429w_firmwaresw5100pqcs610_firmwarewcd9335sxr2130_firmwarewcd9370qca6678aqqca6696wcd9340_firmwaresa8530pwcd9341_firmwareqca6320sa4150p_firmwareqca6426qca6564auqcn9074sa4150pwsa8815_firmwaresa8195p_firmwareqca6426_firmwareqca9377_firmwareqca6574au_firmwareqam8295pwcd9341qca6574ausnapdragon_820_automotivesnapdragon_888\+_5g_mobile_firmwarewcn3950wsa8810_firmwaresnapdragon_870_5g_mobile_firmwaresa9000p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwarewcn3660b_firmwaresnapdragon_820_automotive_firmwarefastconnect_6800_firmwaresa8295p_firmwaresnapdragon_870_5g_mobilesd835_firmwaresa4155p_firmwarevideo_collaboration_vc1_platform_firmwaresa4155pc-v2x_9150qca6320_firmwaresnapdragon_xr2_5g_firmwaresw5100_firmwaresa8540pqca6310_firmwareqsm8250_firmwarefastconnect_6800fastconnect_7800_firmwarefastconnect_6900snapdragon_w5\+_gen_1_wearable_firmwarevideo_collaboration_vc1_platformsnapdragon_865_5g_mobile_firmwarewcd9385_firmwaresnapdragon_x55_5g_modem-rf_systemfastconnect_6900_firmwareqca6310wcd9380sa6145p_firmwaresnapdragon_xr2_5gsnapdragon_8_gen_1_mobile_firmwaresa8150pmsm8996au_firmwaresa6155pqca6564au_firmwaresnapdragon_429_mobile_firmwarewsa8810qsm8250sa9000psw5100snapdragon_888_5g_mobile_firmwarevideo_collaboration_vc3_platformqca6595ausnapdragon_888_5g_mobilec-v2x_9150_firmwaresa6155p_firmwareqca6688aqqam8295p_firmwaresd835wcn3990_firmwareqca6564a_firmwareqca6436_firmwareqca6698aq_firmwaresnapdragon_888\+_5g_mobilewcd9385mdm9650_firmwaresnapdragon_8_gen_1_mobileqca9367_firmwaresnapdragon_865\+_5g_mobilewcd9370_firmwaremdm9650qca9367sdx55_firmwaresnapdragon_x55_5g_modem-rf_system_firmwarewcn3660bqca6574asxr2130wcn3620_firmwareqca6174asa8195pwcd9340snapdragon_auto_5g_modem-rf_gen_2qca6174a_firmwaresa8540p_firmwaresnapdragon_835_mobile_pc_firmwarewcn3988sdm429wwcd9335_firmwarewcn3980_firmwareqca6436wsa8835qca6595au_firmwareqca6391_firmwaresw5100p_firmwareqca6696_firmwarewcd9380_firmwaresa6150pqcs410sa8155p_firmwarewsa8815qca6564asa8155pwsa8830qca9377sa6145pqcn9074_firmwareqca6574a_firmwaresdx55msm8996ausnapdragon_865_5g_mobilewcn3620snapdragon_835_mobile_pcqca6391snapdragon_865\+_5g_mobile_firmwaresnapdragon_429_mobileqca6698aqwcn3950_firmwaresa8530p_firmwaresa8295pfastconnect_7800sa8145p_firmwarewcn3680bsd865_5g_firmwareqca6688aq_firmwaresa8150p_firmwarewcn3988_firmwarevideo_collaboration_vc3_platform_firmwaresa8145pwcn3990wsa8835_firmwarewcn3980wsa8830_firmwarewcn3680b_firmwaresnapdragon_w5\+_gen_1_wearableqcs610Snapdragon
CWE ID-CWE-416
Use After Free
CVE-2024-45561
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.86%
||
7 Day CHG~0.00%
Published-03 Feb, 2025 | 16:51
Updated-12 Feb, 2025 | 20:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Windows WLAN Host

Memory corruption while handling IOCTL call from user-space to set latency level.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800_firmwarewsa8840sdm429wsc8380xp_firmwarewsa8845h_firmwareqca6420wcn3620_firmwarewsa8845wcd9380_firmwareqca6391_firmwaresc8180x-ad_firmwareqca6391wcn3660bsdm429w_firmwareqca6430wsa8845_firmwarewcd9340_firmwaresc8180x-acafsnapdragon_429_mobile_firmwarewsa8835wsa8845haqt1000_firmwarefastconnect_7800wcd9341_firmwareqcc2076_firmwarewcd9340wcd9341sc8180x-aaab_firmwareqcc2076fastconnect_6900fastconnect_6800snapdragon_7c\+_gen_3_computesnapdragon_429_mobilefastconnect_6700qcc2073snapdragon_7c\+_gen_3_compute_firmwarewsa8810_firmwarewcd9385_firmwarewsa8810fastconnect_6700_firmwaresc8180x-adqcc2073_firmwaresc8280xp-abbb_firmwaresc8180x-aaabqca6420_firmwarewsa8815fastconnect_6200_firmwareqca6430_firmwarewcd9380wsa8830wsa8815_firmwarefastconnect_6200wsa8830_firmwarewcn3620fastconnect_6900_firmwaresc8180x-acaf_firmwaresc8380xpaqt1000fastconnect_6800_firmwarewcd9385wsa8840_firmwarewcn3660b_firmwarewsa8835_firmwaresc8280xp-abbbSnapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-416
Use After Free
CVE-2024-45553
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.05%
||
7 Day CHG~0.00%
Published-06 Jan, 2025 | 10:33
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in DSP Services

Memory corruption can occur when process-specific maps are added to the global list. If a map is removed from the global list while another thread is using it for a process-specific task, issues may arise.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1010_firmwaresw5100pwcn6650qca6595wcd9370qca8081_firmwareqca6696qam8620p_firmwarewcd9340_firmwarewcd9395_firmwarewcn7881_firmwarewcn6450qcc710_firmwaresnapdragon_8\+_gen_1_mobilefastconnect_6700snapdragon_685_4g_mobilewsa8832_firmwareqca8337qdu1110wcd9395qca6574au_firmwaresnapdragon_x72_5g_modem-rfqam8295pqca6574auwcd9390sa8620p_firmwarewsa8810_firmwarewsa8845h_firmwaresa9000p_firmwaresrv1hsa8770pssg2115pqcc710fastconnect_6900snapdragon_w5\+_gen_1_wearable_firmwareqru1032_firmwareqep8111sa7255psm8635qfw7114wcd9385_firmwareqam8255p_firmwareqcs4490snapdragon_680_4g_mobilewsa8845sa6155pwsa8810qam8650pqdu1000_firmwarevideo_collaboration_vc5_platform_firmwaresa9000psrv1h_firmwareqca6595ausxr2250p_firmwareqdu1010snapdragon_662_mobile_firmwaresa6155p_firmwaresnapdragon_685_4g_mobile_firmwarewsa8840snapdragon_ar1_gen_1srv1m_firmwareqcs8550_firmwaresnapdragon_x35_5g_modem-rf_firmwareqdu1210_firmwaresnapdragon_8_gen_2_mobile_firmwareqfw7124_firmwaresnapdragon_4_gen_2_mobile_firmwaresnapdragon_695_5g_mobile_firmwareqcs4490_firmwaresm8635psnapdragon_460_mobilesnapdragon_8_gen_2_mobilewcd9370_firmwareqdu1110_firmwareqdu1000sa7255p_firmwareqca6574asnapdragon_8\+_gen_2_mobilesnapdragon_x72_5g_modem-rf_firmwareqca6174asa8195pwcd9340qcs8250_firmwareqdu1210talynplussnapdragon_auto_5g_modem-rf_gen_2sm8550p_firmwaresxr2250pwcn3988snapdragon_662_mobilesa8775pqca6574sxr2230p_firmwaresa8775p_firmwareqamsrv1hwsa8845hsa8155p_firmwaresa8155pwsa8830sm8550psm7675_firmwaresa8255p_firmwarear8035qamsrv1m_firmwaresm7635_firmwaresnapdragon_4_gen_2_mobilesa8650p_firmwarewcn6450_firmwareqcm4325srv1l_firmwareqcn6224qca6698aqwcn3950_firmwaresa7775p_firmwaresm7635qrb5165nssg2125p_firmwaresnapdragon_480\+_5g_mobilefastconnect_6200wcd9378snapdragon_480_5g_mobile_firmwaresm8635p_firmwareqdx1011fastconnect_6700_firmwaresnapdragon_x75_5g_modem-rf_firmwaresnapdragon_8_gen_3_mobileqcs8250snapdragon_695_5g_mobilefastconnect_6200_firmwarewsa8830_firmwaresnapdragon_460_mobile_firmwareqcn6224_firmwarewsa8845_firmwarewsa8832wcd9378_firmwaresnapdragon_480_5g_mobilesrv1lsm7675psrv1msnapdragon_x35_5g_modem-rfar8035_firmwaresm4635wsa8815_firmwaresa8195p_firmwareqca8337_firmwaresm4635_firmwareqcm4490_firmwareqru1032wcn3950flight_rb5_5gqca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaretalynplus_firmwaresa8295p_firmwareqca6584auqcn6274_firmwarewcn6755_firmwareqru1062_firmwaresw5100_firmwarewcn6650_firmwareqru1062snapdragon_8_gen_3_mobile_firmwareqfw7114_firmwareqca6595_firmwareqcs7230fastconnect_7800_firmwaresm8635_firmwarefastconnect_6900_firmwarerobotics_rb5_firmwarewcd9380qam8255psxr2230pwcn6755sxr1230psm6650wcn7881sw5100snapdragon_4_gen_1_mobile_firmwareqca6688aqqam8295p_firmwareqca6698aq_firmwarewcd9385snapdragon_8_gen_1_mobilesnapdragon_680_4g_mobile_firmwaresa8255pqcs7230_firmwaresxr1230p_firmwarewcd9390_firmwareqep8111_firmwareqdx1011_firmwareflight_rb5_5g_firmwaressg2125pqru1052qcm4490snapdragon_480\+_5g_mobile_firmwareqamsrv1mrobotics_rb5qca6174a_firmwarewcn7861_firmwarewcn7861qam8650p_firmwarevideo_collaboration_vc5_platformsm6650_firmwareqam8620pqca6584au_firmwareqcn6274qrb5165n_firmwareqfw7124wsa8835qca6595au_firmwareqca6391_firmwarewsa8840_firmwareqdu1010_firmwaresw5100p_firmwareqca6696_firmwarewcd9380_firmwareqca6574_firmwareqca8081wsa8815sg4150psd_8_gen1_5gqam8775pqca6797aqsnapdragon_ar2_gen_1_firmwaresnapdragon_x75_5g_modem-rfqcm4325_firmwaresa8620pqca6574a_firmwaresnapdragon_4_gen_1_mobilesd_8_gen1_5g_firmwarewcd9375_firmwaresa7775pqca6391snapdragon_ar1_gen_1_firmwaresg4150p_firmwareqru1052_firmwaresa8770p_firmwaresa8295pqcs8550fastconnect_7800sa8650pqam8775p_firmwaresnapdragon_8\+_gen_2_mobile_firmwareqca6688aq_firmwarewcd9375snapdragon_ar2_gen_1wcn3988_firmwareqamsrv1h_firmwaresm7675snapdragon_8\+_gen_1_mobile_firmwarewsa8835_firmwaressg2115p_firmwaresm7675p_firmwareqdx1010snapdragon_w5\+_gen_1_wearablesnapdragon_8_gen_1_mobile_firmwareSnapdragon
CWE ID-CWE-416
Use After Free
CVE-2026-21251
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.85%
||
7 Day CHG~0.00%
Published-10 Feb, 2026 | 17:51
Updated-27 Feb, 2026 | 20:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cluster Client Failover (CCF) Elevation of Privilege Vulnerability

Use after free in Windows Cluster Client Failover allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2022windows_server_2025windows_server_2022_23h2windows_server_2019Windows Server 2019 (Server Core installation)Windows Server 2019Windows Server 2022Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2025Windows Server 2016 (Server Core installation)Windows Server 2016Windows Server 2025 (Server Core installation)
CWE ID-CWE-416
Use After Free
CVE-2024-45571
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.86%
||
7 Day CHG~0.00%
Published-03 Feb, 2025 | 16:51
Updated-12 Feb, 2025 | 20:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in WLAN Host Communication

Memory corruption may occour occur when stopping the WLAN interface after processing a WMI command from the interface.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800_firmwareipq6000_firmwareqcm6490_firmwareqcn6224_firmwareipq8076acsr8811_firmwareqca6574au_firmwareqcn6132_firmwareqam8775psa8195pqcs615qca6584ausnapdragon_x65_5g_modem-rf_firmwareqca9889_firmwareqcn5152sxr2230pipq6028qcn5022_firmwareqcc710_firmwaresxr2230p_firmwaresm7635_firmwareipq9574_firmwareqca6574ipq9048qcn5164_firmwareipq8070aqxm8083qcm8550qca6698aq_firmwareqcf8000_firmwareqcn5024_firmwareqca9888immersive_home_216qca8075qcn5122_firmwareqcn6412qcn9100ipq8173ipq8071aqcn6402qcf8001ipq8174_firmwareqcn5164qca8082_firmwaresnapdragon_8_gen_3_mobile_firmwareqam8255p_firmwarewcd9375ipq9570_firmwaresm6650qca8085sa6155pvideo_collaboration_vc3_platformqcn5052ipq5010_firmwareipq5028qcn5052_firmwarewsa8830_firmwareqca8081qcn9022immersive_home_316_firmwaresdx65m_firmwarewcd9385wsa8840_firmwareipq6028_firmwareqfw7124_firmwaresxr2250p_firmwarewsa8840qcn6402_firmwareipq8078a_firmwareqfw7124ipq6000qca6696immersive_home_3210_firmwareqca4024qca6595ipq9048_firmwareqca8337sa8155p_firmwareipq8071a_firmwareqam8650pqca8337_firmwareqcn9012ipq9570qcs8300sxr2330pqcf8000sfp_firmwareqcn9012_firmwareqcs5430_firmwareqcn9070_firmwareqcf8000qam8775p_firmwareqcn5154_firmwaresm8635p_firmwareipq8074aqcm5430qcs9100wcd9378sm7675_firmwareqca8085_firmwaresm8750pwsa8835sm8750p_firmwareqcn9024qca8081_firmwareqcn9074qca6797aq_firmwarefastconnect_7800wcd9340ipq8174qcn6112_firmwarewcd9378_firmwareqca6574auqca8084_firmwareqcn9024_firmwaresm6650_firmwareqca6584au_firmwareqca6777aqfastconnect_6700immersive_home_326qca6696_firmwaresnapdragon_x72_5g_modem-rf_firmwareqcs9100_firmwarewsa8832fastconnect_6700_firmwareipq5302wcd9390_firmwareqcn6274qcs615_firmwaresm8635immersive_home_216_firmwareipq5028_firmwareqca6554a_firmwareipq5332qca8082sm8635_firmwareqca6787aqipq6018_firmwareipq8072a_firmwareqcn9000_firmwareipq5300_firmwareqca6574a_firmwareqcf8000sfpqcn6023sdx55_firmwareqca9888_firmwareqca8075_firmwaresm8750_firmwareqxm8083_firmwareipq5332_firmwareipq6010ipq8078_firmwareqca6554aqca9889qcn5124ipq8070a_firmwareipq9554_firmwareqcs8300_firmwareqcs6490qcn6432_firmwaresxr2330p_firmwarewsa8835_firmwareqca8386_firmwarewcn7860qcs5430qca6787aq_firmwareqcn9074_firmwarewcn7881_firmwareqcn9100_firmwareqcs8550_firmwaresdx65mqcm6490ipq5312wcn7881qcn5154ipq9554qcn6274_firmwaresm8750snapdragon_x65_5g_modem-rfqca8084qcn9274_firmwarecsr8811qcn9000wcn6650ipq8173_firmwarewsa8845_firmwareqcn6412_firmwarevideo_collaboration_vc3_platform_firmwareqca6574_firmwareqcm8550_firmwarewcn6755_firmwarear8035wsa8845hipq9008_firmwaresa6155p_firmwarewcn6450_firmwareqcn6122_firmwareqcn6112wcn7880_firmwareipq9008wcd9395_firmwareqcn5122sm7635fastconnect_6900ipq9574qca6574aqcn9160qcn6432wcd9375_firmwarewcd9385_firmwareqam8650p_firmwareqcn9274qcn6422immersive_home_318_firmwareipq8078aqcn5152_firmwareqca6595_firmwaresdx55immersive_home_214snapdragon_x75_5g_modem-rf_firmwarewcd9380ipq5302_firmwareimmersive_home_326_firmwaresa8155pwcn7861_firmwarewsa8832_firmwareimmersive_home_214_firmwarewcn6755qca6564auimmersive_home_318qca6595au_firmwareqcs6490_firmwareipq8072aqcn6224qca6595auqam8255pipq5010ar8035_firmwaresa8195p_firmwaresm7675wsa8845h_firmwareimmersive_home_3210wsa8845wcn6650_firmwarewcd9380_firmwarewcn6450qcn5124_firmwaresm8635pipq8076wcd9370wcd9340_firmwareimmersive_home_316qca8386qca6678aqsnapdragon_x75_5g_modem-rfqca6564au_firmwareqcn6122qcn6132wcn7880qcn6024qca6797aqqca4024_firmwaresm7675pqcn5022qcs8550sxr2250pqcm5430_firmwareqcn5024sm7675p_firmwareipq6010_firmwareqcn6422_firmwareqcn6024_firmwareipq6018ipq8078ipq5300ipq8076_firmwareqcc710ipq5312_firmwareqcf8001_firmwaresnapdragon_8_gen_3_mobilesnapdragon_x72_5g_modem-rfqcn9160_firmwarewcn7861ipq8074a_firmwarewsa8830qcn6023_firmwarewcn7860_firmwareqca6777aq_firmwareqcn9070qca6678aq_firmwareqca6698aqfastconnect_6900_firmwareqcn9022_firmwareqcn9072_firmwareipq8076a_firmwareqfw7114wcd9390wcd9395qfw7114_firmwareqcn9072wcd9370_firmwareSnapdragon
CWE ID-CWE-416
Use After Free
CVE-2024-4610
Matching Score-4
Assigner-Arm Limited
ShareView Details
Matching Score-4
Assigner-Arm Limited
CVSS Score-7.4||HIGH
EPSS-0.76% / 73.15%
||
7 Day CHG~0.00%
Published-07 Jun, 2024 | 11:25
Updated-23 Oct, 2025 | 18:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2024-07-03||Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Mali GPU Kernel Driver allows improper GPU memory processing operations

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r34p0 through r40p0; Valhall GPU Kernel Driver: from r34p0 through r40p0.

Action-Not Available
Vendor-Arm Limited
Product-valhall_gpu_kernel_driverbifrost_gpu_kernel_driverBifrost GPU Kernel DriverValhall GPU Kernel Drivervalhall_gpu_kernel_driverbifrost_gpu_kernel_driverMali GPU Kernel Driver
CWE ID-CWE-416
Use After Free
CVE-2024-45554
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 13.87%
||
7 Day CHG+0.03%
Published-06 May, 2025 | 08:31
Updated-26 Feb, 2026 | 18:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in DSP Service

Memory corruption during concurrent SSR execution due to race condition on the global maps list.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwaresnapdragon_429_mobile_firmwarefastconnect_7800_firmwaresnapdragon_888\+_5g_mobilewsa8835sw5100psnapdragon_888\+_5g_mobile_firmwarewcd9385_firmwarewcn3988_firmwaresdm429w_firmwarewsa8830wsa8835_firmwaresnapdragon_8_gen_1_mobile_firmwarewcn3980_firmwarewcn3980snapdragon_888_5g_mobile_firmwareqca6174asw5100_firmwarewsa8832_firmwaresw5100sxr2250pwcn3620_firmwarewcd9385sxr2230p_firmwaresxr2230pwcn3620wcn3988qca6174a_firmwaresxr2250p_firmwarewcd9380wsa8830_firmwaresnapdragon_429_mobilesw5100p_firmwarefastconnect_6900sdm429wfastconnect_6900_firmwaresnapdragon_8_gen_1_mobilesnapdragon_888_5g_mobilewsa8832wcn3660b_firmwarefastconnect_7800wcn3660bSnapdragon
CWE ID-CWE-416
Use After Free
CVE-2024-45583
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.6||MEDIUM
EPSS-0.07% / 20.86%
||
7 Day CHG+0.04%
Published-06 May, 2025 | 08:32
Updated-26 Feb, 2026 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Secure Processor

Memory corruption while handling multiple IOCTL calls from userspace to operate DMA operations.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_8_gen_3_mobilesnapdragon_8_gen_3_mobile_firmwarewcd9390_firmwarefastconnect_7800_firmwarewcd9395wsa8840wsa8845hwsa8845_firmwarewsa8840_firmwarewsa8845wcd9395_firmwarewsa8845h_firmwarewcd9390fastconnect_7800Snapdragon
CWE ID-CWE-416
Use After Free
CVE-2024-4607
Matching Score-4
Assigner-Arm Limited
ShareView Details
Matching Score-4
Assigner-Arm Limited
CVSS Score-7.8||HIGH
EPSS-0.17% / 37.72%
||
7 Day CHG~0.00%
Published-05 Aug, 2024 | 11:33
Updated-30 Sep, 2024 | 16:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mali GPU Kernel Driver allows improper GPU memory processing operations

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r41p0 through r49p0; Valhall GPU Kernel Driver: from r41p0 through r49p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r49p0.

Action-Not Available
Vendor-Arm Limited
Product-bifrost_gpu_kernel_driver5th_gen_gpu_architecture_kernel_drivervalhall_gpu_kernel_driverBifrost GPU Kernel DriverArm 5th Gen GPU Architecture Kernel DriverValhall GPU Kernel Driverbifrost_gpu_kernel_drivervalhall_gpu_kernel_driverarm_5th_gen_gpu_architecture_kernel_driver
CWE ID-CWE-416
Use After Free
CVE-2024-45580
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.86%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in DSP Service

Memory corruption while handling multuple IOCTL calls from userspace for remote invocation.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-Snapdragon
CWE ID-CWE-416
Use After Free
CVE-2024-45564
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.86%
||
7 Day CHG+0.04%
Published-06 May, 2025 | 08:31
Updated-26 Feb, 2026 | 18:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in HLOS

Memory corruption during concurrent access to server info object due to incorrect reference count update.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800_firmwarewcd9341qam8295pqca6696_firmwaresnapdragon_888\+_5g_mobilesw5100pqca6678aqwcd9385_firmwarewcn3988_firmwaresnapdragon_865\+_5g_mobileqca6426sa9000pwsa8835_firmwareqca6678aq_firmwareqam8295p_firmwareqcs610snapdragon_w5\+_gen_1_wearable_firmwareqca6698aq_firmwarewcn3980qca6696sa8540p_firmwarec-v2x_9150_firmwaresnapdragon_888_5g_mobile_firmwareqca6174aqcs410sa6150p_firmwarewcn3620_firmwarewcd9385sa8530pqca6391sa8295pqca6688aq_firmwareqca9377qca6391_firmwareqca6174a_firmwaresnapdragon_x55_5g_modem-rf_systemwcn3620snapdragon_865_5g_mobile_firmwarefastconnect_6800_firmwaresa6155p_firmwaresnapdragon_429_mobilesa8195p_firmwaresw5100p_firmwaresnapdragon_xr2_5gqca6574au_firmwarewcd9370_firmwaresa8155p_firmwarefastconnect_6900sdm429wsnapdragon_865\+_5g_mobile_firmwarec-v2x_9150snapdragon_8_gen_1_mobileqca6595ausnapdragon_870_5g_mobile_firmwaresa8145p_firmwarewcn3680bqca6698aqsnapdragon_888_5g_mobilesa8150psxr2130_firmwarewcn3660bwsa8810wcd9380_firmwaresd865_5g_firmwaresnapdragon_w5\+_gen_1_wearablesnapdragon_429_mobile_firmwarevideo_collaboration_vc1_platform_firmwarewcd9341_firmwarewsa8835snapdragon_888\+_5g_mobile_firmwareqcn9074_firmwaresnapdragon_xr2_5g_firmwarewcd9370sdm429w_firmwarewsa8830sa9000p_firmwareqca6574auvideo_collaboration_vc3_platformsa6145psa8195psa6150psnapdragon_8_gen_1_mobile_firmwarewsa8815_firmwaresnapdragon_865_5g_mobileqca6595au_firmwareqca9367wcn3980_firmwarewcn3950_firmwaresa8530p_firmwaresa8540psa8295p_firmwaresd865_5gsw5100_firmwarevideo_collaboration_vc3_platform_firmwaresw5100qca6688aqqca9377_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresxr2130wsa8810_firmwarefastconnect_6800qca6426_firmwaresa8150p_firmwareqca9367_firmwaresnapdragon_870_5g_mobilewcn3950wcn3988wcn3680b_firmwarewsa8830_firmwarewcd9380wsa8815qcs610_firmwareqca6436_firmwareqca6436sa6155psa8155psnapdragon_auto_5g_modem-rf_gen_2sa8145pvideo_collaboration_vc1_platformfastconnect_6900_firmwaresa6145p_firmwareqcn9074wcn3660b_firmwarefastconnect_7800qcs410_firmwareSnapdragon
CWE ID-CWE-416
Use After Free
CVE-2024-44285
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-8.4||HIGH
EPSS-1.01% / 76.95%
||
7 Day CHG~0.00%
Published-28 Oct, 2024 | 21:08
Updated-03 Nov, 2025 | 23:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18.1 and iPadOS 18.1, watchOS 11.1, visionOS 2.1, tvOS 18.1. An app may be able to cause unexpected system termination or corrupt kernel memory.

Action-Not Available
Vendor-Apple Inc.
Product-tvoswatchosipadosvisionosiphone_oswatchOStvOSvisionOSiOS and iPadOStvoswatchosipadosvisionosiphone_os
CWE ID-CWE-416
Use After Free
CVE-2021-0929
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.21%
||
7 Day CHG~0.00%
Published-15 Dec, 2021 | 18:05
Updated-03 Aug, 2024 | 15:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ion_dma_buf_end_cpu_access and related functions of ion.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-187527909References: Upstream kernel

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CVE-2024-43061
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.86%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-03 Mar, 2025 | 12:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Audio

Memory corruption during voice activation, when sound model parameters are loaded from HLOS, and the received sound model list is empty in HLOS drive.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-Snapdragon
CWE ID-CWE-416
Use After Free
CVE-2024-43556
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.63% / 70.00%
||
7 Day CHG+0.12%
Published-08 Oct, 2024 | 17:36
Updated-30 Oct, 2025 | 16:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Graphics Component Elevation of Privilege Vulnerability

Windows Graphics Component Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_1507windows_11_22h2windows_server_2012windows_server_2008windows_10_21h2windows_11_23h2windows_11_24h2windows_server_2022windows_10_1607windows_10_22h2windows_server_2022_23h2windows_10_1809windows_server_2019windows_11_21h2windows_server_2016Windows Server 2022Windows 11 Version 24H2Windows Server 2019 (Server Core installation)Windows Server 2012 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows 10 Version 1507Windows 10 Version 1607Windows Server 2012 R2 (Server Core installation)Windows Server 2012Windows 10 Version 22H2Windows Server 2008 Service Pack 2 (Server Core installation)Windows 11 version 22H3Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 10 Version 21H2Windows Server 2019Windows Server 2008 R2 Service Pack 1Windows Server 2012 R2Windows Server 2008 Service Pack 2Windows 11 version 22H2Windows Server 2016Windows Server 2016 (Server Core installation)Windows 11 Version 23H2Windows 11 version 21H2Windows Server 2022, 23H2 Edition (Server Core installation)
CWE ID-CWE-416
Use After Free
CVE-2024-43062
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.86%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-03 Mar, 2025 | 12:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Camera Linux

Memory corruption caused by missing locks and checks on the DMA fence and improper synchronization.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-Snapdragon
CWE ID-CWE-416
Use After Free
CVE-2023-21755
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-1.71% / 82.11%
||
7 Day CHG~0.00%
Published-10 Jan, 2023 | 00:00
Updated-01 Jan, 2025 | 00:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_8.1windows_rt_8.1windows_11_21h2windows_7windows_10_22h2windows_server_2022windows_10_20h2windows_11_22h2windows_server_2019windows_10_1607Windows 10 Version 21H2Windows 11 version 22H2Windows 10 Version 1809Windows 11 version 21H2Windows 10 Version 22H2Windows 10 Version 20H2
CWE ID-CWE-416
Use After Free
CWE ID-CWE-269
Improper Privilege Management
CVE-2024-43509
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.63% / 70.00%
||
7 Day CHG+0.12%
Published-08 Oct, 2024 | 17:35
Updated-08 Jul, 2025 | 15:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Graphics Component Elevation of Privilege Vulnerability

Windows Graphics Component Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2022_23h2windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_11_24h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607windows_11_23h2Windows Server 2022Windows 11 Version 24H2Windows Server 2019 (Server Core installation)Windows Server 2012 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows 10 Version 1507Windows 10 Version 1607Windows Server 2012 R2 (Server Core installation)Windows Server 2012Windows 10 Version 22H2Windows Server 2008 Service Pack 2 (Server Core installation)Windows 11 version 22H3Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 10 Version 21H2Windows Server 2019Windows Server 2008 R2 Service Pack 1Windows Server 2012 R2Windows Server 2008 Service Pack 2Windows 11 version 22H2Windows Server 2016Windows Server 2016 (Server Core installation)Windows 11 Version 23H2Windows 11 version 21H2Windows Server 2022, 23H2 Edition (Server Core installation)
CWE ID-CWE-416
Use After Free
CVE-2023-21255
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.08% / 22.75%
||
7 Day CHG~0.00%
Published-12 Jul, 2023 | 23:33
Updated-13 Feb, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In multiple functions of binder.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Debian GNU/LinuxGoogle LLC
Product-androiddebian_linuxAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-43059
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.86%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-03 Mar, 2025 | 13:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Automotive Multimedia

Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-Snapdragon
CWE ID-CWE-416
Use After Free
CVE-2024-43047
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-1.75% / 82.33%
||
7 Day CHG~0.00%
Published-07 Oct, 2024 | 12:59
Updated-28 Oct, 2025 | 13:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2024-10-29||Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Use After Free in DSP Service

Memory corruption while maintaining memory maps of HLOS memory.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_auto_5g_modem-rfwcn3990_firmwareqca6426_firmwareqcs6490sg4150p_firmwaresnapdragon_865_5g_mobile_firmwaresnapdragon_xr2_5g_firmwaresa8150p_firmwaresnapdragon_660_mobile_firmwarewcd9385sw5100p_firmwaresnapdragon_865_5g_mobilewsa8835_firmwaresnapdragon_680_4g_mobile_firmwarefastconnect_7800_firmwareqca6391_firmwareqca6698aq_firmwarewcd9341_firmwareqca6391sa4150pqca6595sa8145p_firmwaresd660fastconnect_6900qam8295p_firmwarefastconnect_6700qca6436_firmwareqam8295pwsa8830wcd9385_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwarewsa8830_firmwareqca6688aqsnapdragon_870_5g_mobilesg4150pqcs410snapdragon_x55_5g_modem-rf_firmwarefastconnect_6800_firmwaresnapdragon_xr2_5gqca6584au_firmwaresd660_firmwarewcd9380_firmwareqca6688aq_firmwaresnapdragon_888\+_5g_mobilesnapdragon_auto_5g_modem-rf_firmwaresa8155p_firmwareqca6595au_firmwaresa6155pqca6595auqcs410_firmwaresnapdragon_865\+_5g_mobileqca6426sw5100_firmwareqcs610wcd9370_firmwaresa6150p_firmwaresnapdragon_x55_5g_modem-rffastconnect_6900_firmwaresxr2130sw5100pwsa8810_firmwaresa8150psa4155pqca6174a_firmwaresnapdragon_660_mobilewcn3980_firmwaresnapdragon_685_4g_mobilesnapdragon_888\+_5g_mobile_firmwareqcs610_firmwarewsa8810qca6595_firmwareqca6574au_firmwarewsa8835sa6145pwcd9335_firmwaresa4150p_firmwareqca6174asnapdragon_8_gen_1_mobilewcd9341snapdragon_680_4g_mobilesa8195pwcn3980video_collaboration_vc3_platform_firmwareqca6584ausa8195p_firmwarefastconnect_6700_firmwaresa8295pwcd9375_firmwaresa6150pwcn3988_firmwaresa8155pwcd9380qca6574ausa4155p_firmwareqca6696_firmwarevideo_collaboration_vc1_platformsa6145p_firmwaresnapdragon_870_5g_mobile_firmwaresw5100wcn3950_firmwaresnapdragon_888_5g_mobile_firmwarewcd9375video_collaboration_vc3_platformwcn3990qca6436sa6155p_firmwaresnapdragon_auto_5g_modem-rf_gen_2snapdragon_865\+_5g_mobile_firmwaresd865_5gsnapdragon_685_4g_mobile_firmwaresxr2130_firmwarefastconnect_7800video_collaboration_vc1_platform_firmwarewsa8815qca6696sd865_5g_firmwarewcd9370wsa8815_firmwaresnapdragon_8_gen_1_mobile_firmwaresa8145pwcn3988wcd9335fastconnect_6800qca6698aqsa8295p_firmwareqcs6490_firmwarewcn3950snapdragon_888_5g_mobileSnapdragonqca6174a_firmwarewcn3990_firmwareqca6426_firmwaresg4150p_firmwarewcn3980_firmwaresa8150p_firmwareqcs610_firmwaresnapdragon_888\+_5g_mobile_platform_firmwaresw5100p_firmwarewsa8835_firmwarefastconnect_7800_firmwareqca6391_firmwareqca6595_firmwareqca6574au_firmwareqca6698aq_firmwarewcd9341_firmwarewcd9335_firmwaresa8145p_firmwareqam8295p_firmwaresa4150p_firmwaresnapdragon_865\+_5g_firmwareqca6436_firmwarewcd9385_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwarewsa8830_firmwarequalcomm_video_collaboration_vc1_platform_firmwarequalcomm_video_collaboration_vc3_platform_firmwaresnapdragon_660_mobile_platform_firmwaresa8195p_firmwarefastconnect_6700_firmwarewcd9375_firmwarewcn3988_firmwaresa4155p_firmwareqca6696_firmwaresa6145p_firmwarefastconnect_6800_firmwarewcn3950_firmwareqca6584au_firmwaresa6155p_firmwaresd660_firmwaresnapdragon_8_gen_1_mobile_platform_firmwarewcd9380_firmwaresnapdragon_870_5g_mobile_platform_firmwareqca6688aq_firmwaresnapdragon_680_4g_mobile_platform_firmwaresnapdragon_auto_5g_modem-rf_firmwaresa8155p_firmwaresnapdragon_865_5g_mobile_platform_firmwaresxr2130_firmwareqca6595au_firmwareqcs410_firmwaresd865_5g_firmwaresm6225-ad_firmwarewsa8815_firmwaresw5100_firmwarewcd9370_firmwaresa6150p_firmwaresnapdragon_xr2_5g_platform_firmwaresnapdragon_888_5g_mobile_platform_firmwarefastconnect_6900_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresa8295p_firmwareqcs6490_firmwarewsa8810_firmwareMultiple Chipsets
CWE ID-CWE-416
Use After Free
CVE-2021-34486
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-34.65% / 96.94%
||
7 Day CHG~0.00%
Published-12 Aug, 2021 | 18:11
Updated-30 Oct, 2025 | 19:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-04-18||Apply updates per vendor instructions.
Windows Event Tracing Elevation of Privilege Vulnerability

Windows Event Tracing Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_1909windows_10_21h1windows_server_2004windows_10_1809windows_server_2019windows_10_2004windows_server_20h2windows_10_20h2Windows Server 2019Windows 10 Version 2004Windows 10 Version 1809Windows Server version 20H2Windows Server 2019 (Server Core installation)Windows 10 Version 21H1Windows 10 Version 20H2Windows 10 Version 1909Windows Server version 2004Windows
CWE ID-CWE-416
Use After Free
CVE-2024-41160
Matching Score-4
Assigner-OpenHarmony
ShareView Details
Matching Score-4
Assigner-OpenHarmony
CVSS Score-8.8||HIGH
EPSS-0.06% / 19.91%
||
7 Day CHG~0.00%
Published-02 Sep, 2024 | 03:25
Updated-09 Sep, 2024 | 12:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Liteos-A has an use after free vulnerability

in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through use after free.

Action-Not Available
Vendor-OpenAtom FoundationOpenHarmony (OpenAtom Foundation)
Product-openharmonyOpenHarmonyopenharmony
CWE ID-CWE-416
Use After Free
  • Previous
  • 1
  • 2
  • ...
  • 54
  • 55
  • 56
  • ...
  • 63
  • 64
  • Next
Details not found