Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-54207

Summary
Assigner-Linux
Assigner Org ID-416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At-30 Dec, 2025 | 12:11
Updated At-06 Feb, 2026 | 16:30
Rejected At-
Credits

HID: uclogic: Correct devm device reference for hidinput input_dev name

In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Correct devm device reference for hidinput input_dev name Reference the HID device rather than the input device for the devm allocation of the input_dev name. Referencing the input_dev would lead to a use-after-free when the input_dev was unregistered and subsequently fires a uevent that depends on the name. At the point of firing the uevent, the name would be freed by devres management. Use devm_kasprintf to simplify the logic for allocating memory and formatting the input_dev name string.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Linux
Assigner Org ID:416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At:30 Dec, 2025 | 12:11
Updated At:06 Feb, 2026 | 16:30
Rejected At:
â–¼CVE Numbering Authority (CNA)
HID: uclogic: Correct devm device reference for hidinput input_dev name

In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Correct devm device reference for hidinput input_dev name Reference the HID device rather than the input device for the devm allocation of the input_dev name. Referencing the input_dev would lead to a use-after-free when the input_dev was unregistered and subsequently fires a uevent that depends on the name. At the point of firing the uevent, the name would be freed by devres management. Use devm_kasprintf to simplify the logic for allocating memory and formatting the input_dev name string.

Affected Products
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • drivers/hid/hid-uclogic-core.c
Default Status
unaffected
Versions
Affected
  • From cce2dbdf258e6b27b2b100f511531edabb77f427 before f78bb490b16ecb506d4904be4b00bf9aad6588f9 (git)
  • From cce2dbdf258e6b27b2b100f511531edabb77f427 before 51f49e3927ad545cec0c0afb86856ccacd9f085d (git)
  • From cce2dbdf258e6b27b2b100f511531edabb77f427 before f283805d984343b2f216e2f4c6c7af265b9542ae (git)
  • From cce2dbdf258e6b27b2b100f511531edabb77f427 before 4c2707dfee5847dc0b5ecfbe512c29c93832fdc4 (git)
  • From cce2dbdf258e6b27b2b100f511531edabb77f427 before 58f0d1c0e494a88f301bf455da7df4366f179bbb (git)
  • From cce2dbdf258e6b27b2b100f511531edabb77f427 before dd613a4e45f8d35f49a63a2064e5308fa5619e29 (git)
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • drivers/hid/hid-uclogic-core.c
Default Status
affected
Versions
Affected
  • 4.1
Unaffected
  • From 0 before 4.1 (semver)
  • From 5.10.249 through 5.10.* (semver)
  • From 5.15.199 through 5.15.* (semver)
  • From 6.1.53 through 6.1.* (semver)
  • From 6.4.16 through 6.4.* (semver)
  • From 6.5.3 through 6.5.* (semver)
  • From 6.6 through * (original_commit_for_fix)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://git.kernel.org/stable/c/f78bb490b16ecb506d4904be4b00bf9aad6588f9
N/A
https://git.kernel.org/stable/c/51f49e3927ad545cec0c0afb86856ccacd9f085d
N/A
https://git.kernel.org/stable/c/f283805d984343b2f216e2f4c6c7af265b9542ae
N/A
https://git.kernel.org/stable/c/4c2707dfee5847dc0b5ecfbe512c29c93832fdc4
N/A
https://git.kernel.org/stable/c/58f0d1c0e494a88f301bf455da7df4366f179bbb
N/A
https://git.kernel.org/stable/c/dd613a4e45f8d35f49a63a2064e5308fa5619e29
N/A
Hyperlink: https://git.kernel.org/stable/c/f78bb490b16ecb506d4904be4b00bf9aad6588f9
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/51f49e3927ad545cec0c0afb86856ccacd9f085d
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/f283805d984343b2f216e2f4c6c7af265b9542ae
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/4c2707dfee5847dc0b5ecfbe512c29c93832fdc4
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/58f0d1c0e494a88f301bf455da7df4366f179bbb
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/dd613a4e45f8d35f49a63a2064e5308fa5619e29
Resource: N/A
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At:30 Dec, 2025 | 13:16
Updated At:26 Feb, 2026 | 18:44

In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Correct devm device reference for hidinput input_dev name Reference the HID device rather than the input device for the devm allocation of the input_dev name. Referencing the input_dev would lead to a use-after-free when the input_dev was unregistered and subsequently fires a uevent that depends on the name. At the point of firing the uevent, the name would be freed by devres management. Use devm_kasprintf to simplify the logic for allocating memory and formatting the input_dev name string.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 4.1(inclusive) to 5.10.249(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 5.11(inclusive) to 5.15.199(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 5.16(inclusive) to 6.1.53(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 6.2(inclusive) to 6.4.16(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 6.5(inclusive) to 6.5.3(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-416Primarynvd@nist.gov
CWE ID: CWE-416
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://git.kernel.org/stable/c/4c2707dfee5847dc0b5ecfbe512c29c93832fdc4416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/51f49e3927ad545cec0c0afb86856ccacd9f085d416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/58f0d1c0e494a88f301bf455da7df4366f179bbb416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/dd613a4e45f8d35f49a63a2064e5308fa5619e29416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/f283805d984343b2f216e2f4c6c7af265b9542ae416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/f78bb490b16ecb506d4904be4b00bf9aad6588f9416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
Hyperlink: https://git.kernel.org/stable/c/4c2707dfee5847dc0b5ecfbe512c29c93832fdc4
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/51f49e3927ad545cec0c0afb86856ccacd9f085d
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/58f0d1c0e494a88f301bf455da7df4366f179bbb
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/dd613a4e45f8d35f49a63a2064e5308fa5619e29
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/f283805d984343b2f216e2f4c6c7af265b9542ae
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/f78bb490b16ecb506d4904be4b00bf9aad6588f9
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch

Change History

0
Information is not available yet

Similar CVEs

3188Records found
CVE-2023-23421
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.33% / 55.31%
||
7 Day CHG~0.00%
Published-14 Mar, 2023 | 16:55
Updated-01 Jan, 2025 | 00:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_11_21h2windows_10_22h2windows_server_2022windows_10windows_10_20h2windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows 10 Version 1607Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server 2012 (Server Core installation)Windows 10 Version 20H2Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2
CWE ID-CWE-416
Use After Free
CVE-2023-22383
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 12.10%
||
7 Day CHG~0.00%
Published-05 Dec, 2023 | 03:03
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Camera

Memory Corruption in camera while installing a fd for a particular DMA buffer.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sw5100pqcs410_firmwaresa6150p_firmwaresd865_5gsnapdragon_865_5g_mobile_platform_firmwareqcs8155_firmwarec-v2x_9150_firmwaresa6155p_firmwareqam8295p_firmwaresd855qcs610_firmwaresxr2130_firmwarewcd9370wsa8830_firmwareqca6696snapdragon_870_5g_mobile_platform_firmwareqca6436_firmwarewcd9341_firmwaresnapdragon_wear_4100\+_platform_firmwaresnapdragon_w5\+_gen_1_wearable_platform_firmwarewcn3610_firmwareqca6426snapdragon_855\+\/860_mobile_platform_firmwarefastconnect_6700wcn3610qca6420snapdragon_865\+_5g_mobile_platform_firmwareqcn9074qca6430wsa8815_firmwaresa8195p_firmwarewcd9370_firmwareqca8337_firmwaresdx55_firmwareqca8337qca6426_firmwaresnapdragon_x55_5g_modem-rf_system_firmwarewcn3660bsxr2130qca6574au_firmwaresa8195pqam8295pwcd9341qca6574ausnapdragon_855_mobile_platformwcn3950wsa8810_firmwaresnapdragon_xr2_5g_platformsnapdragon_855_mobile_platform_firmwareqca6420_firmwareaqt1000_firmwarewcn3988qcs6490_firmwaresd855_firmwarewcn3980_firmwarewcn3660b_firmwareqca6436wsa8835qca6391_firmwareqca6430_firmwaresnapdragon_870_5g_mobile_platformsw5100p_firmwarefastconnect_6800_firmwaresa8295p_firmwareqca6696_firmwaresnapdragon_865_5g_mobile_platformwcd9380_firmwaresa6150pqcs410sa8155p_firmwarewsa8815wcn3680b_firmwarevideo_collaboration_vc1_platform_firmwaresa8155pwsa8830c-v2x_9150sa6145pqcn9074_firmwaresw5100_firmwaresdx55qsm8250_firmwarefastconnect_6800fastconnect_6900qca6391video_collaboration_vc1_platformwcn3950_firmwaresnapdragon_x55_5g_modem-rf_systemfastconnect_6900_firmwaresa8295pwcd9380sa6145p_firmwarefastconnect_6200wcn3680bsa8145p_firmwaresnapdragon_xr2_5g_platform_firmwaresd865_5g_firmwaresa8150pqcs8155sa8150p_firmwaresnapdragon_855\+\/860_mobile_platformsnapdragon_w5\+_gen_1_wearable_platformwcn3988_firmwaresa6155pfastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwaresa8145psnapdragon_wear_4100\+_platformwsa8835_firmwarewsa8810qcs6490wcn3980snapdragon_865\+_5g_mobile_platformqsm8250fastconnect_6200_firmwaresw5100video_collaboration_vc3_platformaqt1000qcs610Snapdragon
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-21724
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.21% / 43.47%
||
7 Day CHG~0.00%
Published-10 Jan, 2023 | 00:00
Updated-01 Jan, 2025 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft DWM Core Library Elevation of Privilege Vulnerability

Microsoft DWM Core Library Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_11_22h2windows_11_21h2windows_10_22h2windows_10_20h2windows_server_2022Windows Server 2022Windows 10 Version 21H2Windows 11 version 22H2Windows 11 version 21H2Windows 10 Version 22H2Windows 10 Version 20H2
CWE ID-CWE-416
Use After Free
CVE-2023-21822
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.93% / 75.92%
||
7 Day CHG~0.00%
Published-14 Feb, 2023 | 19:33
Updated-28 Feb, 2025 | 21:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Graphics Component Elevation of Privilege Vulnerability

Windows Graphics Component Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_11_21h2windows_10_22h2windows_server_2022windows_10windows_10_20h2windows_11_22h2windows_server_2019windows_10_1607Windows 10 Version 22H2Windows 10 Version 21H2Windows Server 2016 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows 11 version 22H2Windows Server 2019Windows Server 2008 Service Pack 2Windows Server 2012Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2008 R2 Service Pack 1Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 11 version 21H2Windows Server 2022Windows Server 2012 R2Windows 10 Version 1507Windows Server 2012 (Server Core installation)Windows Server 2016Windows 10 Version 20H2Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2 (Server Core installation)Windows 10 Version 1607
CWE ID-CWE-416
Use After Free
CVE-2023-21773
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-2.01% / 83.53%
||
7 Day CHG~0.00%
Published-10 Jan, 2023 | 00:00
Updated-01 Jan, 2025 | 00:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_8.1windows_rt_8.1windows_11_21h2windows_7windows_10_22h2windows_server_2022windows_10_20h2windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows 10 Version 1607Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows 8.1Windows 7Windows Server 2012 (Server Core installation)Windows 7 Service Pack 1Windows 10 Version 20H2Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2
CWE ID-CWE-416
Use After Free
CWE ID-CWE-269
Improper Privilege Management
CVE-2026-20971
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-7.3||HIGH
EPSS-0.01% / 0.62%
||
7 Day CHG~0.00%
Published-09 Jan, 2026 | 06:16
Updated-26 Feb, 2026 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use After Free in PROCA driver prior to SMR Jan-2026 Release 1 allows local attackers to potentially execute arbitrary code.

Action-Not Available
Vendor-Samsung ElectronicsSamsung
Product-androidSamsung Mobile Devices
CWE ID-CWE-416
Use After Free
CVE-2026-20859
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.29%
||
7 Day CHG~0.00%
Published-13 Jan, 2026 | 17:56
Updated-26 Feb, 2026 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2025windows_11_25h2windows_11_24h2Windows Server 2025Windows 11 Version 25H2Windows Server 2025 (Server Core installation)Windows 11 Version 24H2
CWE ID-CWE-416
Use After Free
CVE-2026-20871
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.03% / 10.04%
||
7 Day CHG~0.00%
Published-13 Jan, 2026 | 17:57
Updated-26 Feb, 2026 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Desktop Window Manager Elevation of Privilege Vulnerability

Use after free in Desktop Windows Manager allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_22h2windows_server_2022_23h2windows_server_2025windows_server_2022windows_11_24h2windows_11_23h2windows_11_25h2Windows 11 Version 25H2Windows 10 Version 21H2Windows 11 version 22H3Windows 10 Version 22H2Windows 11 Version 23H2Windows Server 2022Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2025Windows 11 Version 24H2Windows Server 2025 (Server Core installation)
CWE ID-CWE-416
Use After Free
CVE-2022-42332
Matching Score-4
Assigner-Xen Project
ShareView Details
Matching Score-4
Assigner-Xen Project
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.61%
||
7 Day CHG~0.00%
Published-21 Mar, 2023 | 00:00
Updated-13 Feb, 2025 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

x86 shadow plus log-dirty mode use-after-free In environments where host assisted address translation is necessary but Hardware Assisted Paging (HAP) is unavailable, Xen will run guests in so called shadow mode. Shadow mode maintains a pool of memory used for both shadow page tables as well as auxiliary data structures. To migrate or snapshot guests, Xen additionally runs them in so called log-dirty mode. The data structures needed by the log-dirty tracking are part of aformentioned auxiliary data. In order to keep error handling efforts within reasonable bounds, for operations which may require memory allocations shadow mode logic ensures up front that enough memory is available for the worst case requirements. Unfortunately, while page table memory is properly accounted for on the code path requiring the potential establishing of new shadows, demands by the log-dirty infrastructure were not taken into consideration. As a result, just established shadow page tables could be freed again immediately, while other code is still accessing them on the assumption that they would remain allocated.

Action-Not Available
Vendor-Debian GNU/LinuxXen ProjectFedora Project
Product-xendebian_linuxfedoraxen
CWE ID-CWE-416
Use After Free
CVE-2026-20920
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.29%
||
7 Day CHG~0.00%
Published-13 Jan, 2026 | 17:56
Updated-26 Feb, 2026 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Win32k Elevation of Privilege Vulnerability

Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2022_23h2windows_11_23h2windows_server_2022Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2Windows 11 version 22H3Windows Server 2022
CWE ID-CWE-416
Use After Free
CVE-2026-20870
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.29%
||
7 Day CHG~0.00%
Published-13 Jan, 2026 | 17:56
Updated-26 Feb, 2026 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2025windows_11_25h2windows_11_24h2Windows Server 2025Windows 11 Version 25H2Windows Server 2025 (Server Core installation)Windows 11 Version 24H2
CWE ID-CWE-416
Use After Free
CVE-2026-20411
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-7.8||HIGH
EPSS-0.00% / 0.06%
||
7 Day CHG~0.00%
Published-02 Feb, 2026 | 08:15
Updated-26 Feb, 2026 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In cameraisp, there is a possible escalation of privilege due to use after free. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10351676; Issue ID: MSV-5737.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt8365mt8793mt6895mt6897mt8195mt8390mt6989androidmt6881mt8395mt6991mt8188mt6983mt6993mt6878mt8666mt8370mt6985mt8168mt6886mt8673mt8676mt6879mt8667mt6899MT6878, MT6879, MT6881, MT6886, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT6993, MT8168, MT8188, MT8195, MT8365, MT8370, MT8390, MT8395, MT8666, MT8667, MT8673, MT8676, MT8793
CWE ID-CWE-416
Use After Free
CVE-2023-21756
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.10% / 28.50%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 17:02
Updated-01 Jan, 2025 | 01:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Win32k Elevation of Privilege Vulnerability

Windows Win32k Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows 10 Version 1607Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server 2012 (Server Core installation)Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2012 R2Windows Server 2012Windows Server 2019Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2
CWE ID-CWE-416
Use After Free
CVE-2016-1573
Matching Score-4
Assigner-Canonical Ltd.
ShareView Details
Matching Score-4
Assigner-Canonical Ltd.
CVSS Score-4.8||MEDIUM
EPSS-0.09% / 24.89%
||
7 Day CHG~0.00%
Published-22 Apr, 2019 | 15:35
Updated-16 Sep, 2024 | 18:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Using a specially crafted fallback art property, scopes can execute arbitrary QML code in context of unity8-dash

Versions of Unity8 before 8.11+16.04.20160122-0ubuntu1 file plugins/Dash/CardCreator.js will execute any code found in place of a fallback image supplied by a scope.

Action-Not Available
Vendor-ubportsUbuntu
Product-unity8Unity8
CWE ID-CWE-416
Use After Free
CVE-2023-22436
Matching Score-4
Assigner-OpenHarmony
ShareView Details
Matching Score-4
Assigner-OpenHarmony
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.37%
||
7 Day CHG~0.00%
Published-10 Mar, 2023 | 10:44
Updated-04 Mar, 2025 | 21:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
The kernel subsystem function check_permission_for_set_tokenid has an UAF vulnerability.

The kernel subsystem function check_permission_for_set_tokenid within OpenHarmony-v3.1.5 and prior versions has an UAF vulnerability which local attackers can exploit this vulnerability to escalate the privilege to root.

Action-Not Available
Vendor-OpenAtom FoundationOpenHarmony (OpenAtom Foundation)
Product-openharmonyOpenHarmony
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-416
Use After Free
CVE-2024-47892
Matching Score-4
Assigner-Imagination Technologies
ShareView Details
Matching Score-4
Assigner-Imagination Technologies
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.50%
||
7 Day CHG~0.00%
Published-13 Dec, 2024 | 17:35
Updated-16 Dec, 2024 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GPU DDK - UAF of kernel memory in PMRUnlockPhysAddressesOSMem for on-demand non-4KB PMRs in system memory (UMA)

Software installed and run as a non-privileged user may conduct GPU system calls to read and write freed physical memory from the GPU.

Action-Not Available
Vendor-Imagination Technologies Limited
Product-Graphics DDK
CWE ID-CWE-416
Use After Free
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2024-49074
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.12% / 30.82%
||
7 Day CHG~0.00%
Published-10 Dec, 2024 | 17:49
Updated-13 May, 2025 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2019windows_10_22h2Windows 10 Version 22H2Windows 10 Version 1809Windows Server 2019Windows Server 2019 (Server Core installation)Windows 10 Version 21H2
CWE ID-CWE-416
Use After Free
CVE-2021-40449
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-91.30% / 99.65%
||
7 Day CHG~0.00%
Published-13 Oct, 2021 | 00:26
Updated-30 Oct, 2025 | 19:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2021-12-01||Apply updates per vendor instructions.
Win32k Elevation of Privilege Vulnerability

Win32k Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_7windows_11_21h2windows_server_2012windows_11windows_server_2022windows_rt_8.1windows_8.1windows_10_2004windows_server_20h2windows_10_1507windows_10_1909windows_server_2008windows_10_21h1windows_server_2004windows_10_1607windows_10_1809windows_server_2019windows_10_20h2windows_server_2016Windows 11 version 21H2Windows 10 Version 2004Windows Server 2016 (Server Core installation)Windows Server 2012Windows 8.1Windows Server 2008 Service Pack 2Windows Server 2019 (Server Core installation)Windows 7Windows 10 Version 21H1Windows Server 2008 Service Pack 2 (Server Core installation)Windows 10 Version 1909Windows Server 2012 (Server Core installation)Windows Server 2022Windows Server 2019Windows 10 Version 1507Windows 10 Version 1607Windows Server 2008 Service Pack 2Windows 7 Service Pack 1Windows Server 2012 R2Windows 10 Version 1809Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows 10 Version 20H2Windows Server 2008 R2 Service Pack 1Windows Server 2016Windows Server version 20H2Windows Server version 2004Windows
CWE ID-CWE-416
Use After Free
CVE-2024-47899
Matching Score-4
Assigner-Imagination Technologies
ShareView Details
Matching Score-4
Assigner-Imagination Technologies
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.30%
||
7 Day CHG~0.00%
Published-31 Jan, 2025 | 03:17
Updated-18 Mar, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GPU DDK - PVRSRVDeviceServicesOpen use-after-free condition

Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.

Action-Not Available
Vendor-Imagination Technologies Limited
Product-Graphics DDK
CWE ID-CWE-416
Use After Free
CVE-2024-47898
Matching Score-4
Assigner-Imagination Technologies
ShareView Details
Matching Score-4
Assigner-Imagination Technologies
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.30%
||
7 Day CHG~0.00%
Published-31 Jan, 2025 | 03:14
Updated-20 Mar, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GPU DDK - PVRSRVDeviceSyncOpen use-after-free condition

Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.

Action-Not Available
Vendor-Imagination Technologies Limited
Product-Graphics DDK
CWE ID-CWE-416
Use After Free
CVE-2024-47891
Matching Score-4
Assigner-Imagination Technologies
ShareView Details
Matching Score-4
Assigner-Imagination Technologies
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.17%
||
7 Day CHG~0.00%
Published-31 Jan, 2025 | 03:11
Updated-18 Mar, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GPU DDK - Exploitable double free on PTL_STREAM_DESC object in the kernel function TLServerCloseStreamKM due to a race condition

Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.

Action-Not Available
Vendor-Imagination Technologies Limited
Product-Graphics DDK
CWE ID-CWE-416
Use After Free
CVE-2023-21747
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.41% / 61.22%
||
7 Day CHG~0.00%
Published-10 Jan, 2023 | 00:00
Updated-01 Jan, 2025 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_8.1windows_rt_8.1windows_11_21h2windows_7windows_10_22h2windows_server_2022windows_10_20h2windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows 10 Version 1607Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows 8.1Windows 7Windows Server 2012 (Server Core installation)Windows 7 Service Pack 1Windows 10 Version 20H2Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2
CWE ID-CWE-416
Use After Free
CVE-2020-12303
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.84%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:07
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in DAL subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE 3.1.80, 4.0.30 may allow an authenticated user to potentially enable escalation of privileges via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-converged_security_and_manageability_enginetrusted_execution_technologyIntel(R) CSME, Intel(R) TXE
CWE ID-CWE-416
Use After Free
CVE-2024-46973
Matching Score-4
Assigner-Imagination Technologies
ShareView Details
Matching Score-4
Assigner-Imagination Technologies
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.70%
||
7 Day CHG~0.00%
Published-28 Dec, 2024 | 04:56
Updated-28 Dec, 2024 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Exploitable kernel use-after-free on psServerMMUContext due to reference count mismanagement

Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.

Action-Not Available
Vendor-Imagination Technologies Limited
Product-Graphics DDK
CWE ID-CWE-416
Use After Free
CVE-2024-47033
Matching Score-4
Assigner-Google Devices
ShareView Details
Matching Score-4
Assigner-Google Devices
CVSS Score-7.4||HIGH
EPSS-0.03% / 10.06%
||
7 Day CHG~0.00%
Published-25 Oct, 2024 | 10:34
Updated-28 Oct, 2024 | 17:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In lwis_allocator_free of lwis_allocator.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroidpixel
CWE ID-CWE-416
Use After Free
CVE-2024-45566
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.86%
||
7 Day CHG+0.04%
Published-06 May, 2025 | 08:31
Updated-26 Feb, 2026 | 18:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Camera Driver

Memory corruption during concurrent buffer access due to modification of the reference count.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwaresd865_5g_firmwaresnapdragon_429_mobile_firmwarefastconnect_7800_firmwarewsa8835wsa8810snapdragon_xr2_5g_firmwaresnapdragon_865\+_5g_mobileqca6426sdm429w_firmwarewsa8830wsa8835_firmwaresnapdragon_8_gen_1_mobile_firmwarewsa8815_firmwaresnapdragon_865_5g_mobilesd865_5gsnapdragon_x55_5g_modem-rf_system_firmwaresxr2130wcn3620_firmwarewsa8810_firmwarefastconnect_6800qca6426_firmwareqca6391snapdragon_870_5g_mobilewcn3620snapdragon_x55_5g_modem-rf_systemwsa8830_firmwarewcd9380snapdragon_865_5g_mobile_firmwarefastconnect_6800_firmwaresnapdragon_429_mobilewsa8815qca6436_firmwareqca6436snapdragon_xr2_5gfastconnect_6900sdm429wsnapdragon_865\+_5g_mobile_firmwarefastconnect_6900_firmwaresnapdragon_8_gen_1_mobilesnapdragon_870_5g_mobile_firmwarefastconnect_7800wcn3660b_firmwaresxr2130_firmwareqca6391_firmwarewcn3660bSnapdragon
CWE ID-CWE-416
Use After Free
CVE-2024-45567
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.86%
||
7 Day CHG+0.04%
Published-06 May, 2025 | 08:32
Updated-26 Feb, 2026 | 18:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Camera Driver

Memory corruption while encoding JPEG format.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwaresnapdragon_429_mobile_firmwarefastconnect_7800_firmwarewcn3620_firmwarewcd9385wsa8835sxr2230p_firmwarewcn3660bwcd9385_firmwaresxr2230pwcn3620sdm429w_firmwarewsa8830wsa8830_firmwarewsa8835_firmwaresxr2250p_firmwarewcd9380snapdragon_8_gen_1_mobile_firmwaresnapdragon_429_mobilefastconnect_6900sdm429wfastconnect_6900_firmwaresnapdragon_8_gen_1_mobilewsa8832_firmwarewsa8832wcn3660b_firmwarefastconnect_7800sxr2250pSnapdragon
CWE ID-CWE-416
Use After Free
CVE-2024-45562
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.6||MEDIUM
EPSS-0.07% / 20.86%
||
7 Day CHG+0.04%
Published-06 May, 2025 | 08:31
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in HLOS

Memory corruption during concurrent access to server info object due to unprotected critical field.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6678aq_firmwareqcs410_firmwaresa6150p_firmwaresd865_5gsdm429w_firmwaresw5100pqcs610_firmwarewcd9335sxr2130_firmwarewcd9370qca6678aqqca6696wcd9340_firmwaresa8530pwcd9341_firmwareqca6320sa4150p_firmwareqca6426qca6564auqcn9074sa4150pwsa8815_firmwaresa8195p_firmwareqca6426_firmwareqca9377_firmwareqca6574au_firmwareqam8295pwcd9341qca6574ausnapdragon_820_automotivesnapdragon_888\+_5g_mobile_firmwarewcn3950wsa8810_firmwaresnapdragon_870_5g_mobile_firmwaresa9000p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwarewcn3660b_firmwaresnapdragon_820_automotive_firmwarefastconnect_6800_firmwaresa8295p_firmwaresnapdragon_870_5g_mobilesd835_firmwaresa4155p_firmwarevideo_collaboration_vc1_platform_firmwaresa4155pc-v2x_9150qca6320_firmwaresnapdragon_xr2_5g_firmwaresw5100_firmwaresa8540pqca6310_firmwareqsm8250_firmwarefastconnect_6800fastconnect_7800_firmwarefastconnect_6900snapdragon_w5\+_gen_1_wearable_firmwarevideo_collaboration_vc1_platformsnapdragon_865_5g_mobile_firmwarewcd9385_firmwaresnapdragon_x55_5g_modem-rf_systemfastconnect_6900_firmwareqca6310wcd9380sa6145p_firmwaresnapdragon_xr2_5gsnapdragon_8_gen_1_mobile_firmwaresa8150pmsm8996au_firmwaresa6155pqca6564au_firmwaresnapdragon_429_mobile_firmwarewsa8810qsm8250sa9000psw5100snapdragon_888_5g_mobile_firmwarevideo_collaboration_vc3_platformqca6595ausnapdragon_888_5g_mobilec-v2x_9150_firmwaresa6155p_firmwareqca6688aqqam8295p_firmwaresd835wcn3990_firmwareqca6564a_firmwareqca6436_firmwareqca6698aq_firmwaresnapdragon_888\+_5g_mobilewcd9385mdm9650_firmwaresnapdragon_8_gen_1_mobileqca9367_firmwaresnapdragon_865\+_5g_mobilewcd9370_firmwaremdm9650qca9367sdx55_firmwaresnapdragon_x55_5g_modem-rf_system_firmwarewcn3660bqca6574asxr2130wcn3620_firmwareqca6174asa8195pwcd9340snapdragon_auto_5g_modem-rf_gen_2qca6174a_firmwaresa8540p_firmwaresnapdragon_835_mobile_pc_firmwarewcn3988sdm429wwcd9335_firmwarewcn3980_firmwareqca6436wsa8835qca6595au_firmwareqca6391_firmwaresw5100p_firmwareqca6696_firmwarewcd9380_firmwaresa6150pqcs410sa8155p_firmwarewsa8815qca6564asa8155pwsa8830qca9377sa6145pqcn9074_firmwareqca6574a_firmwaresdx55msm8996ausnapdragon_865_5g_mobilewcn3620snapdragon_835_mobile_pcqca6391snapdragon_865\+_5g_mobile_firmwaresnapdragon_429_mobileqca6698aqwcn3950_firmwaresa8530p_firmwaresa8295pfastconnect_7800sa8145p_firmwarewcn3680bsd865_5g_firmwareqca6688aq_firmwaresa8150p_firmwarewcn3988_firmwarevideo_collaboration_vc3_platform_firmwaresa8145pwcn3990wsa8835_firmwarewcn3980wsa8830_firmwarewcn3680b_firmwaresnapdragon_w5\+_gen_1_wearableqcs610Snapdragon
CWE ID-CWE-416
Use After Free
CVE-2024-45561
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.86%
||
7 Day CHG~0.00%
Published-03 Feb, 2025 | 16:51
Updated-12 Feb, 2025 | 20:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Windows WLAN Host

Memory corruption while handling IOCTL call from user-space to set latency level.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800_firmwarewsa8840sdm429wsc8380xp_firmwarewsa8845h_firmwareqca6420wcn3620_firmwarewsa8845wcd9380_firmwareqca6391_firmwaresc8180x-ad_firmwareqca6391wcn3660bsdm429w_firmwareqca6430wsa8845_firmwarewcd9340_firmwaresc8180x-acafsnapdragon_429_mobile_firmwarewsa8835wsa8845haqt1000_firmwarefastconnect_7800wcd9341_firmwareqcc2076_firmwarewcd9340wcd9341sc8180x-aaab_firmwareqcc2076fastconnect_6900fastconnect_6800snapdragon_7c\+_gen_3_computesnapdragon_429_mobilefastconnect_6700qcc2073snapdragon_7c\+_gen_3_compute_firmwarewsa8810_firmwarewcd9385_firmwarewsa8810fastconnect_6700_firmwaresc8180x-adqcc2073_firmwaresc8280xp-abbb_firmwaresc8180x-aaabqca6420_firmwarewsa8815fastconnect_6200_firmwareqca6430_firmwarewcd9380wsa8830wsa8815_firmwarefastconnect_6200wsa8830_firmwarewcn3620fastconnect_6900_firmwaresc8180x-acaf_firmwaresc8380xpaqt1000fastconnect_6800_firmwarewcd9385wsa8840_firmwarewcn3660b_firmwarewsa8835_firmwaresc8280xp-abbbSnapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-416
Use After Free
CVE-2024-45553
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.05%
||
7 Day CHG~0.00%
Published-06 Jan, 2025 | 10:33
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in DSP Services

Memory corruption can occur when process-specific maps are added to the global list. If a map is removed from the global list while another thread is using it for a process-specific task, issues may arise.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1010_firmwaresw5100pwcn6650qca6595wcd9370qca8081_firmwareqca6696qam8620p_firmwarewcd9340_firmwarewcd9395_firmwarewcn7881_firmwarewcn6450qcc710_firmwaresnapdragon_8\+_gen_1_mobilefastconnect_6700snapdragon_685_4g_mobilewsa8832_firmwareqca8337qdu1110wcd9395qca6574au_firmwaresnapdragon_x72_5g_modem-rfqam8295pqca6574auwcd9390sa8620p_firmwarewsa8810_firmwarewsa8845h_firmwaresa9000p_firmwaresrv1hsa8770pssg2115pqcc710fastconnect_6900snapdragon_w5\+_gen_1_wearable_firmwareqru1032_firmwareqep8111sa7255psm8635qfw7114wcd9385_firmwareqam8255p_firmwareqcs4490snapdragon_680_4g_mobilewsa8845sa6155pwsa8810qam8650pqdu1000_firmwarevideo_collaboration_vc5_platform_firmwaresa9000psrv1h_firmwareqca6595ausxr2250p_firmwareqdu1010snapdragon_662_mobile_firmwaresa6155p_firmwaresnapdragon_685_4g_mobile_firmwarewsa8840snapdragon_ar1_gen_1srv1m_firmwareqcs8550_firmwaresnapdragon_x35_5g_modem-rf_firmwareqdu1210_firmwaresnapdragon_8_gen_2_mobile_firmwareqfw7124_firmwaresnapdragon_4_gen_2_mobile_firmwaresnapdragon_695_5g_mobile_firmwareqcs4490_firmwaresm8635psnapdragon_460_mobilesnapdragon_8_gen_2_mobilewcd9370_firmwareqdu1110_firmwareqdu1000sa7255p_firmwareqca6574asnapdragon_8\+_gen_2_mobilesnapdragon_x72_5g_modem-rf_firmwareqca6174asa8195pwcd9340qcs8250_firmwareqdu1210talynplussnapdragon_auto_5g_modem-rf_gen_2sm8550p_firmwaresxr2250pwcn3988snapdragon_662_mobilesa8775pqca6574sxr2230p_firmwaresa8775p_firmwareqamsrv1hwsa8845hsa8155p_firmwaresa8155pwsa8830sm8550psm7675_firmwaresa8255p_firmwarear8035qamsrv1m_firmwaresm7635_firmwaresnapdragon_4_gen_2_mobilesa8650p_firmwarewcn6450_firmwareqcm4325srv1l_firmwareqcn6224qca6698aqwcn3950_firmwaresa7775p_firmwaresm7635qrb5165nssg2125p_firmwaresnapdragon_480\+_5g_mobilefastconnect_6200wcd9378snapdragon_480_5g_mobile_firmwaresm8635p_firmwareqdx1011fastconnect_6700_firmwaresnapdragon_x75_5g_modem-rf_firmwaresnapdragon_8_gen_3_mobileqcs8250snapdragon_695_5g_mobilefastconnect_6200_firmwarewsa8830_firmwaresnapdragon_460_mobile_firmwareqcn6224_firmwarewsa8845_firmwarewsa8832wcd9378_firmwaresnapdragon_480_5g_mobilesrv1lsm7675psrv1msnapdragon_x35_5g_modem-rfar8035_firmwaresm4635wsa8815_firmwaresa8195p_firmwareqca8337_firmwaresm4635_firmwareqcm4490_firmwareqru1032wcn3950flight_rb5_5gqca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaretalynplus_firmwaresa8295p_firmwareqca6584auqcn6274_firmwarewcn6755_firmwareqru1062_firmwaresw5100_firmwarewcn6650_firmwareqru1062snapdragon_8_gen_3_mobile_firmwareqfw7114_firmwareqca6595_firmwareqcs7230fastconnect_7800_firmwaresm8635_firmwarefastconnect_6900_firmwarerobotics_rb5_firmwarewcd9380qam8255psxr2230pwcn6755sxr1230psm6650wcn7881sw5100snapdragon_4_gen_1_mobile_firmwareqca6688aqqam8295p_firmwareqca6698aq_firmwarewcd9385snapdragon_8_gen_1_mobilesnapdragon_680_4g_mobile_firmwaresa8255pqcs7230_firmwaresxr1230p_firmwarewcd9390_firmwareqep8111_firmwareqdx1011_firmwareflight_rb5_5g_firmwaressg2125pqru1052qcm4490snapdragon_480\+_5g_mobile_firmwareqamsrv1mrobotics_rb5qca6174a_firmwarewcn7861_firmwarewcn7861qam8650p_firmwarevideo_collaboration_vc5_platformsm6650_firmwareqam8620pqca6584au_firmwareqcn6274qrb5165n_firmwareqfw7124wsa8835qca6595au_firmwareqca6391_firmwarewsa8840_firmwareqdu1010_firmwaresw5100p_firmwareqca6696_firmwarewcd9380_firmwareqca6574_firmwareqca8081wsa8815sg4150psd_8_gen1_5gqam8775pqca6797aqsnapdragon_ar2_gen_1_firmwaresnapdragon_x75_5g_modem-rfqcm4325_firmwaresa8620pqca6574a_firmwaresnapdragon_4_gen_1_mobilesd_8_gen1_5g_firmwarewcd9375_firmwaresa7775pqca6391snapdragon_ar1_gen_1_firmwaresg4150p_firmwareqru1052_firmwaresa8770p_firmwaresa8295pqcs8550fastconnect_7800sa8650pqam8775p_firmwaresnapdragon_8\+_gen_2_mobile_firmwareqca6688aq_firmwarewcd9375snapdragon_ar2_gen_1wcn3988_firmwareqamsrv1h_firmwaresm7675snapdragon_8\+_gen_1_mobile_firmwarewsa8835_firmwaressg2115p_firmwaresm7675p_firmwareqdx1010snapdragon_w5\+_gen_1_wearablesnapdragon_8_gen_1_mobile_firmwareSnapdragon
CWE ID-CWE-416
Use After Free
CVE-2026-21251
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.85%
||
7 Day CHG~0.00%
Published-10 Feb, 2026 | 17:51
Updated-27 Feb, 2026 | 20:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cluster Client Failover (CCF) Elevation of Privilege Vulnerability

Use after free in Windows Cluster Client Failover allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2022windows_server_2025windows_server_2022_23h2windows_server_2019Windows Server 2019 (Server Core installation)Windows Server 2019Windows Server 2022Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2025Windows Server 2016 (Server Core installation)Windows Server 2016Windows Server 2025 (Server Core installation)
CWE ID-CWE-416
Use After Free
CVE-2024-45571
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.86%
||
7 Day CHG~0.00%
Published-03 Feb, 2025 | 16:51
Updated-12 Feb, 2025 | 20:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in WLAN Host Communication

Memory corruption may occour occur when stopping the WLAN interface after processing a WMI command from the interface.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800_firmwareipq6000_firmwareqcm6490_firmwareqcn6224_firmwareipq8076acsr8811_firmwareqca6574au_firmwareqcn6132_firmwareqam8775psa8195pqcs615qca6584ausnapdragon_x65_5g_modem-rf_firmwareqca9889_firmwareqcn5152sxr2230pipq6028qcn5022_firmwareqcc710_firmwaresxr2230p_firmwaresm7635_firmwareipq9574_firmwareqca6574ipq9048qcn5164_firmwareipq8070aqxm8083qcm8550qca6698aq_firmwareqcf8000_firmwareqcn5024_firmwareqca9888immersive_home_216qca8075qcn5122_firmwareqcn6412qcn9100ipq8173ipq8071aqcn6402qcf8001ipq8174_firmwareqcn5164qca8082_firmwaresnapdragon_8_gen_3_mobile_firmwareqam8255p_firmwarewcd9375ipq9570_firmwaresm6650qca8085sa6155pvideo_collaboration_vc3_platformqcn5052ipq5010_firmwareipq5028qcn5052_firmwarewsa8830_firmwareqca8081qcn9022immersive_home_316_firmwaresdx65m_firmwarewcd9385wsa8840_firmwareipq6028_firmwareqfw7124_firmwaresxr2250p_firmwarewsa8840qcn6402_firmwareipq8078a_firmwareqfw7124ipq6000qca6696immersive_home_3210_firmwareqca4024qca6595ipq9048_firmwareqca8337sa8155p_firmwareipq8071a_firmwareqam8650pqca8337_firmwareqcn9012ipq9570qcs8300sxr2330pqcf8000sfp_firmwareqcn9012_firmwareqcs5430_firmwareqcn9070_firmwareqcf8000qam8775p_firmwareqcn5154_firmwaresm8635p_firmwareipq8074aqcm5430qcs9100wcd9378sm7675_firmwareqca8085_firmwaresm8750pwsa8835sm8750p_firmwareqcn9024qca8081_firmwareqcn9074qca6797aq_firmwarefastconnect_7800wcd9340ipq8174qcn6112_firmwarewcd9378_firmwareqca6574auqca8084_firmwareqcn9024_firmwaresm6650_firmwareqca6584au_firmwareqca6777aqfastconnect_6700immersive_home_326qca6696_firmwaresnapdragon_x72_5g_modem-rf_firmwareqcs9100_firmwarewsa8832fastconnect_6700_firmwareipq5302wcd9390_firmwareqcn6274qcs615_firmwaresm8635immersive_home_216_firmwareipq5028_firmwareqca6554a_firmwareipq5332qca8082sm8635_firmwareqca6787aqipq6018_firmwareipq8072a_firmwareqcn9000_firmwareipq5300_firmwareqca6574a_firmwareqcf8000sfpqcn6023sdx55_firmwareqca9888_firmwareqca8075_firmwaresm8750_firmwareqxm8083_firmwareipq5332_firmwareipq6010ipq8078_firmwareqca6554aqca9889qcn5124ipq8070a_firmwareipq9554_firmwareqcs8300_firmwareqcs6490qcn6432_firmwaresxr2330p_firmwarewsa8835_firmwareqca8386_firmwarewcn7860qcs5430qca6787aq_firmwareqcn9074_firmwarewcn7881_firmwareqcn9100_firmwareqcs8550_firmwaresdx65mqcm6490ipq5312wcn7881qcn5154ipq9554qcn6274_firmwaresm8750snapdragon_x65_5g_modem-rfqca8084qcn9274_firmwarecsr8811qcn9000wcn6650ipq8173_firmwarewsa8845_firmwareqcn6412_firmwarevideo_collaboration_vc3_platform_firmwareqca6574_firmwareqcm8550_firmwarewcn6755_firmwarear8035wsa8845hipq9008_firmwaresa6155p_firmwarewcn6450_firmwareqcn6122_firmwareqcn6112wcn7880_firmwareipq9008wcd9395_firmwareqcn5122sm7635fastconnect_6900ipq9574qca6574aqcn9160qcn6432wcd9375_firmwarewcd9385_firmwareqam8650p_firmwareqcn9274qcn6422immersive_home_318_firmwareipq8078aqcn5152_firmwareqca6595_firmwaresdx55immersive_home_214snapdragon_x75_5g_modem-rf_firmwarewcd9380ipq5302_firmwareimmersive_home_326_firmwaresa8155pwcn7861_firmwarewsa8832_firmwareimmersive_home_214_firmwarewcn6755qca6564auimmersive_home_318qca6595au_firmwareqcs6490_firmwareipq8072aqcn6224qca6595auqam8255pipq5010ar8035_firmwaresa8195p_firmwaresm7675wsa8845h_firmwareimmersive_home_3210wsa8845wcn6650_firmwarewcd9380_firmwarewcn6450qcn5124_firmwaresm8635pipq8076wcd9370wcd9340_firmwareimmersive_home_316qca8386qca6678aqsnapdragon_x75_5g_modem-rfqca6564au_firmwareqcn6122qcn6132wcn7880qcn6024qca6797aqqca4024_firmwaresm7675pqcn5022qcs8550sxr2250pqcm5430_firmwareqcn5024sm7675p_firmwareipq6010_firmwareqcn6422_firmwareqcn6024_firmwareipq6018ipq8078ipq5300ipq8076_firmwareqcc710ipq5312_firmwareqcf8001_firmwaresnapdragon_8_gen_3_mobilesnapdragon_x72_5g_modem-rfqcn9160_firmwarewcn7861ipq8074a_firmwarewsa8830qcn6023_firmwarewcn7860_firmwareqca6777aq_firmwareqcn9070qca6678aq_firmwareqca6698aqfastconnect_6900_firmwareqcn9022_firmwareqcn9072_firmwareipq8076a_firmwareqfw7114wcd9390wcd9395qfw7114_firmwareqcn9072wcd9370_firmwareSnapdragon
CWE ID-CWE-416
Use After Free
CVE-2024-4610
Matching Score-4
Assigner-Arm Limited
ShareView Details
Matching Score-4
Assigner-Arm Limited
CVSS Score-7.4||HIGH
EPSS-0.76% / 73.15%
||
7 Day CHG~0.00%
Published-07 Jun, 2024 | 11:25
Updated-23 Oct, 2025 | 18:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2024-07-03||Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Mali GPU Kernel Driver allows improper GPU memory processing operations

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r34p0 through r40p0; Valhall GPU Kernel Driver: from r34p0 through r40p0.

Action-Not Available
Vendor-Arm Limited
Product-valhall_gpu_kernel_driverbifrost_gpu_kernel_driverBifrost GPU Kernel DriverValhall GPU Kernel Drivervalhall_gpu_kernel_driverbifrost_gpu_kernel_driverMali GPU Kernel Driver
CWE ID-CWE-416
Use After Free
CVE-2024-45554
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 13.87%
||
7 Day CHG+0.03%
Published-06 May, 2025 | 08:31
Updated-26 Feb, 2026 | 18:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in DSP Service

Memory corruption during concurrent SSR execution due to race condition on the global maps list.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwaresnapdragon_429_mobile_firmwarefastconnect_7800_firmwaresnapdragon_888\+_5g_mobilewsa8835sw5100psnapdragon_888\+_5g_mobile_firmwarewcd9385_firmwarewcn3988_firmwaresdm429w_firmwarewsa8830wsa8835_firmwaresnapdragon_8_gen_1_mobile_firmwarewcn3980_firmwarewcn3980snapdragon_888_5g_mobile_firmwareqca6174asw5100_firmwarewsa8832_firmwaresw5100sxr2250pwcn3620_firmwarewcd9385sxr2230p_firmwaresxr2230pwcn3620wcn3988qca6174a_firmwaresxr2250p_firmwarewcd9380wsa8830_firmwaresnapdragon_429_mobilesw5100p_firmwarefastconnect_6900sdm429wfastconnect_6900_firmwaresnapdragon_8_gen_1_mobilesnapdragon_888_5g_mobilewsa8832wcn3660b_firmwarefastconnect_7800wcn3660bSnapdragon
CWE ID-CWE-416
Use After Free
CVE-2024-45583
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.6||MEDIUM
EPSS-0.07% / 20.86%
||
7 Day CHG+0.04%
Published-06 May, 2025 | 08:32
Updated-26 Feb, 2026 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Secure Processor

Memory corruption while handling multiple IOCTL calls from userspace to operate DMA operations.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_8_gen_3_mobilesnapdragon_8_gen_3_mobile_firmwarewcd9390_firmwarefastconnect_7800_firmwarewcd9395wsa8840wsa8845hwsa8845_firmwarewsa8840_firmwarewsa8845wcd9395_firmwarewsa8845h_firmwarewcd9390fastconnect_7800Snapdragon
CWE ID-CWE-416
Use After Free
CVE-2024-4607
Matching Score-4
Assigner-Arm Limited
ShareView Details
Matching Score-4
Assigner-Arm Limited
CVSS Score-7.8||HIGH
EPSS-0.17% / 37.72%
||
7 Day CHG~0.00%
Published-05 Aug, 2024 | 11:33
Updated-30 Sep, 2024 | 16:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mali GPU Kernel Driver allows improper GPU memory processing operations

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r41p0 through r49p0; Valhall GPU Kernel Driver: from r41p0 through r49p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r49p0.

Action-Not Available
Vendor-Arm Limited
Product-bifrost_gpu_kernel_driver5th_gen_gpu_architecture_kernel_drivervalhall_gpu_kernel_driverBifrost GPU Kernel DriverArm 5th Gen GPU Architecture Kernel DriverValhall GPU Kernel Driverbifrost_gpu_kernel_drivervalhall_gpu_kernel_driverarm_5th_gen_gpu_architecture_kernel_driver
CWE ID-CWE-416
Use After Free
CVE-2024-45580
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.86%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in DSP Service

Memory corruption while handling multuple IOCTL calls from userspace for remote invocation.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-Snapdragon
CWE ID-CWE-416
Use After Free
CVE-2024-45564
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.86%
||
7 Day CHG+0.04%
Published-06 May, 2025 | 08:31
Updated-26 Feb, 2026 | 18:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in HLOS

Memory corruption during concurrent access to server info object due to incorrect reference count update.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800_firmwarewcd9341qam8295pqca6696_firmwaresnapdragon_888\+_5g_mobilesw5100pqca6678aqwcd9385_firmwarewcn3988_firmwaresnapdragon_865\+_5g_mobileqca6426sa9000pwsa8835_firmwareqca6678aq_firmwareqam8295p_firmwareqcs610snapdragon_w5\+_gen_1_wearable_firmwareqca6698aq_firmwarewcn3980qca6696sa8540p_firmwarec-v2x_9150_firmwaresnapdragon_888_5g_mobile_firmwareqca6174aqcs410sa6150p_firmwarewcn3620_firmwarewcd9385sa8530pqca6391sa8295pqca6688aq_firmwareqca9377qca6391_firmwareqca6174a_firmwaresnapdragon_x55_5g_modem-rf_systemwcn3620snapdragon_865_5g_mobile_firmwarefastconnect_6800_firmwaresa6155p_firmwaresnapdragon_429_mobilesa8195p_firmwaresw5100p_firmwaresnapdragon_xr2_5gqca6574au_firmwarewcd9370_firmwaresa8155p_firmwarefastconnect_6900sdm429wsnapdragon_865\+_5g_mobile_firmwarec-v2x_9150snapdragon_8_gen_1_mobileqca6595ausnapdragon_870_5g_mobile_firmwaresa8145p_firmwarewcn3680bqca6698aqsnapdragon_888_5g_mobilesa8150psxr2130_firmwarewcn3660bwsa8810wcd9380_firmwaresd865_5g_firmwaresnapdragon_w5\+_gen_1_wearablesnapdragon_429_mobile_firmwarevideo_collaboration_vc1_platform_firmwarewcd9341_firmwarewsa8835snapdragon_888\+_5g_mobile_firmwareqcn9074_firmwaresnapdragon_xr2_5g_firmwarewcd9370sdm429w_firmwarewsa8830sa9000p_firmwareqca6574auvideo_collaboration_vc3_platformsa6145psa8195psa6150psnapdragon_8_gen_1_mobile_firmwarewsa8815_firmwaresnapdragon_865_5g_mobileqca6595au_firmwareqca9367wcn3980_firmwarewcn3950_firmwaresa8530p_firmwaresa8540psa8295p_firmwaresd865_5gsw5100_firmwarevideo_collaboration_vc3_platform_firmwaresw5100qca6688aqqca9377_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresxr2130wsa8810_firmwarefastconnect_6800qca6426_firmwaresa8150p_firmwareqca9367_firmwaresnapdragon_870_5g_mobilewcn3950wcn3988wcn3680b_firmwarewsa8830_firmwarewcd9380wsa8815qcs610_firmwareqca6436_firmwareqca6436sa6155psa8155psnapdragon_auto_5g_modem-rf_gen_2sa8145pvideo_collaboration_vc1_platformfastconnect_6900_firmwaresa6145p_firmwareqcn9074wcn3660b_firmwarefastconnect_7800qcs410_firmwareSnapdragon
CWE ID-CWE-416
Use After Free
CVE-2024-44285
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-8.4||HIGH
EPSS-1.01% / 76.95%
||
7 Day CHG~0.00%
Published-28 Oct, 2024 | 21:08
Updated-03 Nov, 2025 | 23:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18.1 and iPadOS 18.1, watchOS 11.1, visionOS 2.1, tvOS 18.1. An app may be able to cause unexpected system termination or corrupt kernel memory.

Action-Not Available
Vendor-Apple Inc.
Product-tvoswatchosipadosvisionosiphone_oswatchOStvOSvisionOSiOS and iPadOStvoswatchosipadosvisionosiphone_os
CWE ID-CWE-416
Use After Free
CVE-2021-0929
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.21%
||
7 Day CHG~0.00%
Published-15 Dec, 2021 | 18:05
Updated-03 Aug, 2024 | 15:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ion_dma_buf_end_cpu_access and related functions of ion.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-187527909References: Upstream kernel

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CVE-2024-43061
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.86%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-03 Mar, 2025 | 12:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Audio

Memory corruption during voice activation, when sound model parameters are loaded from HLOS, and the received sound model list is empty in HLOS drive.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-Snapdragon
CWE ID-CWE-416
Use After Free
CVE-2024-43556
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.63% / 70.00%
||
7 Day CHG+0.12%
Published-08 Oct, 2024 | 17:36
Updated-30 Oct, 2025 | 16:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Graphics Component Elevation of Privilege Vulnerability

Windows Graphics Component Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_1507windows_11_22h2windows_server_2012windows_server_2008windows_10_21h2windows_11_23h2windows_11_24h2windows_server_2022windows_10_1607windows_10_22h2windows_server_2022_23h2windows_10_1809windows_server_2019windows_11_21h2windows_server_2016Windows Server 2022Windows 11 Version 24H2Windows Server 2019 (Server Core installation)Windows Server 2012 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows 10 Version 1507Windows 10 Version 1607Windows Server 2012 R2 (Server Core installation)Windows Server 2012Windows 10 Version 22H2Windows Server 2008 Service Pack 2 (Server Core installation)Windows 11 version 22H3Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 10 Version 21H2Windows Server 2019Windows Server 2008 R2 Service Pack 1Windows Server 2012 R2Windows Server 2008 Service Pack 2Windows 11 version 22H2Windows Server 2016Windows Server 2016 (Server Core installation)Windows 11 Version 23H2Windows 11 version 21H2Windows Server 2022, 23H2 Edition (Server Core installation)
CWE ID-CWE-416
Use After Free
CVE-2024-43062
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.86%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-03 Mar, 2025 | 12:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Camera Linux

Memory corruption caused by missing locks and checks on the DMA fence and improper synchronization.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-Snapdragon
CWE ID-CWE-416
Use After Free
CVE-2023-21755
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-1.71% / 82.11%
||
7 Day CHG~0.00%
Published-10 Jan, 2023 | 00:00
Updated-01 Jan, 2025 | 00:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_8.1windows_rt_8.1windows_11_21h2windows_7windows_10_22h2windows_server_2022windows_10_20h2windows_11_22h2windows_server_2019windows_10_1607Windows 10 Version 21H2Windows 11 version 22H2Windows 10 Version 1809Windows 11 version 21H2Windows 10 Version 22H2Windows 10 Version 20H2
CWE ID-CWE-416
Use After Free
CWE ID-CWE-269
Improper Privilege Management
CVE-2024-43509
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.63% / 70.00%
||
7 Day CHG+0.12%
Published-08 Oct, 2024 | 17:35
Updated-08 Jul, 2025 | 15:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Graphics Component Elevation of Privilege Vulnerability

Windows Graphics Component Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2022_23h2windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_11_24h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607windows_11_23h2Windows Server 2022Windows 11 Version 24H2Windows Server 2019 (Server Core installation)Windows Server 2012 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows 10 Version 1507Windows 10 Version 1607Windows Server 2012 R2 (Server Core installation)Windows Server 2012Windows 10 Version 22H2Windows Server 2008 Service Pack 2 (Server Core installation)Windows 11 version 22H3Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 10 Version 21H2Windows Server 2019Windows Server 2008 R2 Service Pack 1Windows Server 2012 R2Windows Server 2008 Service Pack 2Windows 11 version 22H2Windows Server 2016Windows Server 2016 (Server Core installation)Windows 11 Version 23H2Windows 11 version 21H2Windows Server 2022, 23H2 Edition (Server Core installation)
CWE ID-CWE-416
Use After Free
CVE-2023-21255
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.08% / 22.75%
||
7 Day CHG~0.00%
Published-12 Jul, 2023 | 23:33
Updated-13 Feb, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In multiple functions of binder.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Debian GNU/LinuxGoogle LLC
Product-androiddebian_linuxAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-43059
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.86%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-03 Mar, 2025 | 13:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Automotive Multimedia

Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-Snapdragon
CWE ID-CWE-416
Use After Free
CVE-2024-43047
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-1.75% / 82.33%
||
7 Day CHG~0.00%
Published-07 Oct, 2024 | 12:59
Updated-28 Oct, 2025 | 13:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2024-10-29||Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Use After Free in DSP Service

Memory corruption while maintaining memory maps of HLOS memory.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_auto_5g_modem-rfwcn3990_firmwareqca6426_firmwareqcs6490sg4150p_firmwaresnapdragon_865_5g_mobile_firmwaresnapdragon_xr2_5g_firmwaresa8150p_firmwaresnapdragon_660_mobile_firmwarewcd9385sw5100p_firmwaresnapdragon_865_5g_mobilewsa8835_firmwaresnapdragon_680_4g_mobile_firmwarefastconnect_7800_firmwareqca6391_firmwareqca6698aq_firmwarewcd9341_firmwareqca6391sa4150pqca6595sa8145p_firmwaresd660fastconnect_6900qam8295p_firmwarefastconnect_6700qca6436_firmwareqam8295pwsa8830wcd9385_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwarewsa8830_firmwareqca6688aqsnapdragon_870_5g_mobilesg4150pqcs410snapdragon_x55_5g_modem-rf_firmwarefastconnect_6800_firmwaresnapdragon_xr2_5gqca6584au_firmwaresd660_firmwarewcd9380_firmwareqca6688aq_firmwaresnapdragon_888\+_5g_mobilesnapdragon_auto_5g_modem-rf_firmwaresa8155p_firmwareqca6595au_firmwaresa6155pqca6595auqcs410_firmwaresnapdragon_865\+_5g_mobileqca6426sw5100_firmwareqcs610wcd9370_firmwaresa6150p_firmwaresnapdragon_x55_5g_modem-rffastconnect_6900_firmwaresxr2130sw5100pwsa8810_firmwaresa8150psa4155pqca6174a_firmwaresnapdragon_660_mobilewcn3980_firmwaresnapdragon_685_4g_mobilesnapdragon_888\+_5g_mobile_firmwareqcs610_firmwarewsa8810qca6595_firmwareqca6574au_firmwarewsa8835sa6145pwcd9335_firmwaresa4150p_firmwareqca6174asnapdragon_8_gen_1_mobilewcd9341snapdragon_680_4g_mobilesa8195pwcn3980video_collaboration_vc3_platform_firmwareqca6584ausa8195p_firmwarefastconnect_6700_firmwaresa8295pwcd9375_firmwaresa6150pwcn3988_firmwaresa8155pwcd9380qca6574ausa4155p_firmwareqca6696_firmwarevideo_collaboration_vc1_platformsa6145p_firmwaresnapdragon_870_5g_mobile_firmwaresw5100wcn3950_firmwaresnapdragon_888_5g_mobile_firmwarewcd9375video_collaboration_vc3_platformwcn3990qca6436sa6155p_firmwaresnapdragon_auto_5g_modem-rf_gen_2snapdragon_865\+_5g_mobile_firmwaresd865_5gsnapdragon_685_4g_mobile_firmwaresxr2130_firmwarefastconnect_7800video_collaboration_vc1_platform_firmwarewsa8815qca6696sd865_5g_firmwarewcd9370wsa8815_firmwaresnapdragon_8_gen_1_mobile_firmwaresa8145pwcn3988wcd9335fastconnect_6800qca6698aqsa8295p_firmwareqcs6490_firmwarewcn3950snapdragon_888_5g_mobileSnapdragonqca6174a_firmwarewcn3990_firmwareqca6426_firmwaresg4150p_firmwarewcn3980_firmwaresa8150p_firmwareqcs610_firmwaresnapdragon_888\+_5g_mobile_platform_firmwaresw5100p_firmwarewsa8835_firmwarefastconnect_7800_firmwareqca6391_firmwareqca6595_firmwareqca6574au_firmwareqca6698aq_firmwarewcd9341_firmwarewcd9335_firmwaresa8145p_firmwareqam8295p_firmwaresa4150p_firmwaresnapdragon_865\+_5g_firmwareqca6436_firmwarewcd9385_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwarewsa8830_firmwarequalcomm_video_collaboration_vc1_platform_firmwarequalcomm_video_collaboration_vc3_platform_firmwaresnapdragon_660_mobile_platform_firmwaresa8195p_firmwarefastconnect_6700_firmwarewcd9375_firmwarewcn3988_firmwaresa4155p_firmwareqca6696_firmwaresa6145p_firmwarefastconnect_6800_firmwarewcn3950_firmwareqca6584au_firmwaresa6155p_firmwaresd660_firmwaresnapdragon_8_gen_1_mobile_platform_firmwarewcd9380_firmwaresnapdragon_870_5g_mobile_platform_firmwareqca6688aq_firmwaresnapdragon_680_4g_mobile_platform_firmwaresnapdragon_auto_5g_modem-rf_firmwaresa8155p_firmwaresnapdragon_865_5g_mobile_platform_firmwaresxr2130_firmwareqca6595au_firmwareqcs410_firmwaresd865_5g_firmwaresm6225-ad_firmwarewsa8815_firmwaresw5100_firmwarewcd9370_firmwaresa6150p_firmwaresnapdragon_xr2_5g_platform_firmwaresnapdragon_888_5g_mobile_platform_firmwarefastconnect_6900_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresa8295p_firmwareqcs6490_firmwarewsa8810_firmwareMultiple Chipsets
CWE ID-CWE-416
Use After Free
CVE-2021-34486
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-34.65% / 96.94%
||
7 Day CHG~0.00%
Published-12 Aug, 2021 | 18:11
Updated-30 Oct, 2025 | 19:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-04-18||Apply updates per vendor instructions.
Windows Event Tracing Elevation of Privilege Vulnerability

Windows Event Tracing Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_1909windows_10_21h1windows_server_2004windows_10_1809windows_server_2019windows_10_2004windows_server_20h2windows_10_20h2Windows Server 2019Windows 10 Version 2004Windows 10 Version 1809Windows Server version 20H2Windows Server 2019 (Server Core installation)Windows 10 Version 21H1Windows 10 Version 20H2Windows 10 Version 1909Windows Server version 2004Windows
CWE ID-CWE-416
Use After Free
CVE-2024-41160
Matching Score-4
Assigner-OpenHarmony
ShareView Details
Matching Score-4
Assigner-OpenHarmony
CVSS Score-8.8||HIGH
EPSS-0.06% / 19.91%
||
7 Day CHG~0.00%
Published-02 Sep, 2024 | 03:25
Updated-09 Sep, 2024 | 12:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Liteos-A has an use after free vulnerability

in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through use after free.

Action-Not Available
Vendor-OpenAtom FoundationOpenHarmony (OpenAtom Foundation)
Product-openharmonyOpenHarmonyopenharmony
CWE ID-CWE-416
Use After Free
  • Previous
  • 1
  • 2
  • ...
  • 54
  • 55
  • 56
  • ...
  • 63
  • 64
  • Next
Details not found