Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-54207

Summary
Assigner-Linux
Assigner Org ID-416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At-30 Dec, 2025 | 12:11
Updated At-06 Feb, 2026 | 16:30
Rejected At-
Credits

HID: uclogic: Correct devm device reference for hidinput input_dev name

In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Correct devm device reference for hidinput input_dev name Reference the HID device rather than the input device for the devm allocation of the input_dev name. Referencing the input_dev would lead to a use-after-free when the input_dev was unregistered and subsequently fires a uevent that depends on the name. At the point of firing the uevent, the name would be freed by devres management. Use devm_kasprintf to simplify the logic for allocating memory and formatting the input_dev name string.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Linux
Assigner Org ID:416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At:30 Dec, 2025 | 12:11
Updated At:06 Feb, 2026 | 16:30
Rejected At:
â–¼CVE Numbering Authority (CNA)
HID: uclogic: Correct devm device reference for hidinput input_dev name

In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Correct devm device reference for hidinput input_dev name Reference the HID device rather than the input device for the devm allocation of the input_dev name. Referencing the input_dev would lead to a use-after-free when the input_dev was unregistered and subsequently fires a uevent that depends on the name. At the point of firing the uevent, the name would be freed by devres management. Use devm_kasprintf to simplify the logic for allocating memory and formatting the input_dev name string.

Affected Products
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • drivers/hid/hid-uclogic-core.c
Default Status
unaffected
Versions
Affected
  • From cce2dbdf258e6b27b2b100f511531edabb77f427 before f78bb490b16ecb506d4904be4b00bf9aad6588f9 (git)
  • From cce2dbdf258e6b27b2b100f511531edabb77f427 before 51f49e3927ad545cec0c0afb86856ccacd9f085d (git)
  • From cce2dbdf258e6b27b2b100f511531edabb77f427 before f283805d984343b2f216e2f4c6c7af265b9542ae (git)
  • From cce2dbdf258e6b27b2b100f511531edabb77f427 before 4c2707dfee5847dc0b5ecfbe512c29c93832fdc4 (git)
  • From cce2dbdf258e6b27b2b100f511531edabb77f427 before 58f0d1c0e494a88f301bf455da7df4366f179bbb (git)
  • From cce2dbdf258e6b27b2b100f511531edabb77f427 before dd613a4e45f8d35f49a63a2064e5308fa5619e29 (git)
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • drivers/hid/hid-uclogic-core.c
Default Status
affected
Versions
Affected
  • 4.1
Unaffected
  • From 0 before 4.1 (semver)
  • From 5.10.249 through 5.10.* (semver)
  • From 5.15.199 through 5.15.* (semver)
  • From 6.1.53 through 6.1.* (semver)
  • From 6.4.16 through 6.4.* (semver)
  • From 6.5.3 through 6.5.* (semver)
  • From 6.6 through * (original_commit_for_fix)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://git.kernel.org/stable/c/f78bb490b16ecb506d4904be4b00bf9aad6588f9
N/A
https://git.kernel.org/stable/c/51f49e3927ad545cec0c0afb86856ccacd9f085d
N/A
https://git.kernel.org/stable/c/f283805d984343b2f216e2f4c6c7af265b9542ae
N/A
https://git.kernel.org/stable/c/4c2707dfee5847dc0b5ecfbe512c29c93832fdc4
N/A
https://git.kernel.org/stable/c/58f0d1c0e494a88f301bf455da7df4366f179bbb
N/A
https://git.kernel.org/stable/c/dd613a4e45f8d35f49a63a2064e5308fa5619e29
N/A
Hyperlink: https://git.kernel.org/stable/c/f78bb490b16ecb506d4904be4b00bf9aad6588f9
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/51f49e3927ad545cec0c0afb86856ccacd9f085d
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/f283805d984343b2f216e2f4c6c7af265b9542ae
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/4c2707dfee5847dc0b5ecfbe512c29c93832fdc4
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/58f0d1c0e494a88f301bf455da7df4366f179bbb
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/dd613a4e45f8d35f49a63a2064e5308fa5619e29
Resource: N/A
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At:30 Dec, 2025 | 13:16
Updated At:26 Feb, 2026 | 18:44

In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Correct devm device reference for hidinput input_dev name Reference the HID device rather than the input device for the devm allocation of the input_dev name. Referencing the input_dev would lead to a use-after-free when the input_dev was unregistered and subsequently fires a uevent that depends on the name. At the point of firing the uevent, the name would be freed by devres management. Use devm_kasprintf to simplify the logic for allocating memory and formatting the input_dev name string.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 4.1(inclusive) to 5.10.249(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 5.11(inclusive) to 5.15.199(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 5.16(inclusive) to 6.1.53(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 6.2(inclusive) to 6.4.16(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 6.5(inclusive) to 6.5.3(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-416Primarynvd@nist.gov
CWE ID: CWE-416
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://git.kernel.org/stable/c/4c2707dfee5847dc0b5ecfbe512c29c93832fdc4416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/51f49e3927ad545cec0c0afb86856ccacd9f085d416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/58f0d1c0e494a88f301bf455da7df4366f179bbb416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/dd613a4e45f8d35f49a63a2064e5308fa5619e29416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/f283805d984343b2f216e2f4c6c7af265b9542ae416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/f78bb490b16ecb506d4904be4b00bf9aad6588f9416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
Hyperlink: https://git.kernel.org/stable/c/4c2707dfee5847dc0b5ecfbe512c29c93832fdc4
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/51f49e3927ad545cec0c0afb86856ccacd9f085d
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/58f0d1c0e494a88f301bf455da7df4366f179bbb
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/dd613a4e45f8d35f49a63a2064e5308fa5619e29
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/f283805d984343b2f216e2f4c6c7af265b9542ae
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/f78bb490b16ecb506d4904be4b00bf9aad6588f9
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch

Change History

0
Information is not available yet

Similar CVEs

3188Records found
CVE-2021-39620
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 2.80%
||
7 Day CHG~0.00%
Published-14 Jan, 2022 | 19:10
Updated-04 Aug, 2024 | 02:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ipcSetDataReference of Parcel.cpp, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-203847542

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CVE-2021-39698
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.48%
||
7 Day CHG~0.00%
Published-16 Mar, 2022 | 14:04
Updated-04 Aug, 2024 | 02:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In aio_poll_complete_work of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-185125206References: Upstream kernel

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CVE-2021-39674
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 2.80%
||
7 Day CHG~0.00%
Published-11 Feb, 2022 | 17:40
Updated-04 Aug, 2024 | 02:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In btm_sec_connected and btm_sec_disconnected of btm_sec.cc file , there is a possible use after free. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-201083442

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CVE-2021-39634
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.02% / 5.78%
||
7 Day CHG~0.00%
Published-14 Jan, 2022 | 19:11
Updated-04 Aug, 2024 | 02:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In fs/eventpoll.c, there is a possible use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-204450605References: Upstream kernel

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CVE-2021-39681
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.21%
||
7 Day CHG~0.00%
Published-14 Jan, 2022 | 19:11
Updated-04 Aug, 2024 | 02:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In delete_protocol of main.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-200251074References: N/A

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CVE-2021-39801
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.48%
||
7 Day CHG~0.00%
Published-12 Apr, 2022 | 16:11
Updated-04 Aug, 2024 | 02:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ion_ioctl of ion-ioctl.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-209791720References: Upstream kernel

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-667
Improper Locking
CVE-2025-26679
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.69% / 71.64%
||
7 Day CHG-0.04%
Published-08 Apr, 2025 | 17:23
Updated-13 Feb, 2026 | 19:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
RPC Endpoint Mapper Service Elevation of Privilege Vulnerability

Use after free in RPC Endpoint Mapper Service allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2008windows_11_24h2windows_11_23h2windows_server_2019windows_server_2022windows_10_22h2windows_server_2016windows_server_2025windows_11_22h2windows_server_2022_23h2windows_10_1507windows_10_1809windows_10_1607windows_server_2012windows_10_21h2Windows Server 2025Windows Server 2008 R2 Service Pack 1Windows 11 Version 23H2Windows Server 2012 (Server Core installation)Windows 10 Version 1809Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 version 22H3Windows Server 2016 (Server Core installation)Windows 10 Version 22H2Windows Server 2019Windows Server 2022Windows 10 Version 1607Windows 11 Version 24H2Windows Server 2025 (Server Core installation)Windows Server 2019 (Server Core installation)Windows Server 2016Windows 11 version 22H2Windows Server 2012 R2Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 Service Pack 2Windows Server 2012Windows Server 2012 R2 (Server Core installation)
CWE ID-CWE-416
Use After Free
CVE-2022-20540
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.72%
||
7 Day CHG~0.00%
Published-16 Dec, 2022 | 00:00
Updated-18 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In SurfaceFlinger::doDump of SurfaceFlinger.cpp, there is possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-237291506

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CVE-2022-20566
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.85%
||
7 Day CHG~0.00%
Published-16 Dec, 2022 | 00:00
Updated-21 Apr, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In l2cap_chan_put of l2cap_core, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-165329981References: Upstream kernel

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-667
Improper Locking
CVE-2022-20045
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.21%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:05
Updated-03 Aug, 2024 | 01:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Bluetooth, there is a possible service crash due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126820; Issue ID: ALPS06126820.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt8175mt8167androidmt8385mt8362amt8365mt8183MT8167, MT8175, MT8183, MT8362A, MT8365, MT8385
CWE ID-CWE-416
Use After Free
CVE-2021-1905
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-1.06% / 77.44%
||
7 Day CHG~0.00%
Published-07 May, 2021 | 09:10
Updated-28 Oct, 2025 | 13:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.

Possible use after free due to improper handling of memory mapping of multiple processes simultaneously. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-pm8150msm8996auqbt2000_firmwarewcn3990_firmwareqca6426_firmwareqfe4373fc_firmwaresd710_firmwareqpm6621wsa8835_firmwarepm640l_firmwareqcs605pm7250_firmwarewcd9341_firmwarewcn3660bqat3550_firmwareqtc800t_firmwarepmi8937_firmwaresd8885g_firmwarewsa8830wcd9340apq8009w_firmwarepmi632_firmwareqat3514pm855_firmwareqet4100_firmwareqdm4650_firmwareqca6564aqpm6621_firmwarepm7150a_firmwareqsw8573wtr6955wcn6856_firmwareqca6420_firmwareqet4101sd632_firmwareqpm6670_firmwaresd888apq8064au_firmwareqpa4361_firmwarepm7150lsmb1396_firmwarepm7250b_firmwarewcd9326_firmwarewcd9380_firmwarepm660l_firmwareqdm2307smr526pm670l_firmwareqdm2310sdr660qca6595ausd662_firmwaresda429wqca6390pm8004smb231pmc1000h_firmwarepm6350sm6250qpa8801_firmwaresmr525sdr425qfe4303_firmwareqtm525qcm6125qat5515_firmwaremsm8996au_firmwareqdm5621qfe2101_firmwarepm8350qpa8802sa6150p_firmwareqat3519_firmwareqcs603wcd9370_firmwarepm8350_firmwarear8151_firmwarepm439qca9377apq8053_firmwareqca4020qtc800spm8009_firmwareqdm5671_firmwarepm8004_firmwarepmw3100_firmwarewcn3620pm8909wcn6850_firmwareqat5516_firmwareqfs2580qet6100_firmwarewcd9360smr525_firmwareqpm6585_firmwarepmi8937pm855a_firmwarewsa8810smr546_firmwareqdm5670_firmwareqpm5620sdr845qpm4641qpa6560_firmwarewtr4905pmm8920ausd8cx_firmwaresd665sdr865_firmwarecsra6620_firmwareqat3516qtc800s_firmwaresdr425_firmwarepmr735bqpm8820_firmwareqca6335qfs2530_firmwareqcm2290_firmwarepmm8920au_firmwareqpa5581_firmwareqca9367_firmwareqca9367qca9377_firmwaresa8195p_firmwareqdm2302sa6150pqpm4650_firmwarepm456sa8155ppm6150a_firmwareqpa5580pmi8952qpm5670pmm6155au_firmwareqca6696_firmwarepm8150lpm8150a_firmwarepm8005qfe4309wcn3950_firmwareqcs2290qpm8830apq8017_firmwarepmm8996auqdm2310_firmwarewcn3998_firmwareqfe3100_firmwaresdx20_firmwarewcn3610qdm2302_firmwaresdr660gsmb1358_firmwarewsa8815pmm6155auqpm5577_firmwareqpa5580_firmwareqet6100wsa8815_firmwareqpa8675sd765_firmwaresdw2500_firmwaresdxr2_5g_firmwarepme605qpa8821_firmwaresdxr2_5gwcd9335smb231_firmwaresm6250pqca6335_firmwarewcn3660pm640p_firmwarepm4125_firmwareqdm5670sd888_firmwaremsm8909w_firmwareqca6421_firmwarewcn3991pm660asd750g_firmwareqca6584auqln5040_firmwarepmx50_firmwaresmb1360_firmwareqsw6310mdm9650qpa8803_firmwareqfe3340_firmwarepm8909_firmwareqdm2301_firmwarepm8150b_firmwaresdr052_firmwarepmk8350_firmwarewcn3615qpm4640qca6420qca6430_firmwarepm6125pm3003a_firmwarepm215_firmwareqpm8830_firmwareqpa8801pm4125qca6391_firmwareqln1030sdr735sd439_firmwareqfs2608csra6640sd678_firmwaremsm8917_firmwarewcn6855_firmwaresd678qcs605_firmwaresd8cxsmb1381qet5100_firmwarewcn3615_firmwarepm855p_firmwaresdr735gapq8009_firmwaresa6155sa2150pwcd9385_firmwareqcm2290qat5516qtm527wtr2965_firmwareqfe4301_firmwarepm8916_firmwaresmb1354_firmwaresdr8150qpm5577sdw3100wtr5975_firmwarewgr7640qca9379qpm2630_firmwareqca6584au_firmwarepmi632sda429w_firmwarepmr525_firmwareqca6421sd210apq8009wsd835_firmwaresmb1395pm6150_firmwarepm8350bpmx20_firmwareqfs2630qca6390_firmwaresd765qca6310_firmwareqca6595au_firmwaresa6155pqcs410_firmwaresmb1350_firmwaresd710qat3518_firmwareqat3550qpa5460apq8053pmr735afsm10056_firmwarepm7250qbt1000qcs610smb1357_firmwareapq8064ausdr660g_firmwaresd636_firmwareqpm6375_firmwarepmm855ausd8655g_firmwarepm855l_firmwareqpm5677_firmwaresmb358spm4250_firmwaresmr546qdm2305_firmwareqet6105_firmwaresa515m_firmwareqbt1500qpa2625_firmwareqat3522_firmwareqfe3340wcn3620_firmwareqfe3100qfs2530sd6905gpmr735a_firmwarewtr2955_firmwarewcn3991_firmwaresdr675qpm5679_firmwaresd835wcn3680b_firmwareqcm4290_firmwareqpa8686qln4640_firmwarepm215sdr845_firmwareqca6564_firmwarepm855psd455_firmwareqet6110qfe2550sdxr1_firmwarepmk8003_firmwareqca6310rsw8577_firmwareqet6105qpa8686_firmwareqpm5621_firmwareqpm5620_firmwaresa6145pwcd9335_firmwareqpa8821qsw6310_firmwaresd8c_firmwarefsm10055_firmwarepm855qca6174aqfs2630_firmwaresmb1398_firmwareqdm2307_firmwaresdx24pm6350_firmwareqdm5677sdr735g_firmwarewcd9340_firmwaresd6905g_firmwareqat5533_firmwareqat5522sd8csa8195ppmk8002_firmwareqpm6375sd750gsdw3100_firmwarewcd9375_firmwarewcd9330qca6564a_firmwareqcs2290_firmwareqdm5620_firmwarepm670a_firmwaresd636wcd9380qbt2000qfe4373fcmdm9628qtm527_firmwarepmk8002qca6436pmm855au_firmwareqcs603_firmwareqpm5621wcn3660_firmwarepm6150sm7250psdx24_firmwarepm8008_firmwareqca8337_firmwarepm8150c_firmwareqpm5658_firmwarewtr3925sdx50mwcd9360_firmwareqpa5461qln5040qca6696qsw8574pm8916qbt1500_firmwareqet4101_firmwaresmb1350smb1380_firmwareqca6574asd460qpm4630qpm8895_firmwareqpm5579qpm6325apq8009sdm830smb1355pm670qdm5679mdm9206_firmwarepm8937_firmwarepm8937sd210_firmwarewcd9371_firmwaresdm630qat5568_firmwareqpm6670wcn3999qpa5373pm8350b_firmwarepm8150awcn3950sd845smb1395_firmwareaqt1000_firmwareqdm5650_firmwareqdm5652pmk8003qdm2308_firmwaremdm9626_firmwareqca6174qpm8870_firmwaresa8150p_firmwarepmx24sd720g_firmwarepm6250wcd9385rgr7640au_firmwaresd870pm8150bwgr7640_firmwaresdxr1wcn3680_firmwarepm6150aqfe4308ar8035_firmwareqca6391qln1030_firmwareqca4020_firmwareqdm2308pmm8195au_firmwaresd765gqca6574qca6431qfs2580_firmwareqpm5658qpm8820wtr5975qca6436_firmwarepm8350csdr675_firmwaresmb358s_firmwareqpm5677qpa6560qpm8895pm8998_firmwareqpa2625qfe2520_firmwaresmb2351wtr2955ar8151qcm6125_firmwareqpa4361sd730qca6430qdm4643_firmwareqpa4340_firmwarepm8250_firmwareqpm5657_firmwareqet5100qsm7250_firmwareqcs405qln4650sd660_firmwarewcn3999_firmwaresdr8150_firmwareqpm5579_firmwareqfs2608_firmwareqat3519qcs4290sd205_firmwareqdm5620qpa5460_firmwarepmd9655_firmwarepmc1000hpmm8195aupmd9607_firmwarewtr4905_firmwareqbt1000_firmwaresd8655gqfe4302_firmwareqtc800h_firmwarepmi8952_firmwareqln5020qpa8803sm7250p_firmwaresd855wtr6955_firmwareqat3555_firmwareqpm5870pm8350c_firmwarepm4250sdr8250_firmwarepm855b_firmwareqcm4290qln4650_firmwaresmb1381_firmwarepm670argr7640aupmx24_firmwareqcs6125_firmwareqpa4360sdm830_firmwaresdr051_firmwaresd460_firmwareqpm6325_firmwareqca9379_firmwarewsa8810_firmwareqfe4301qln4640qln4642sa8150ppm6250_firmwareqca6174a_firmwareqpm4621_firmwareqtc410spm855awcn3610_firmwareqtc800hpm8350bh_firmwaresdx55m_firmwareqtm525_firmwareapq8096au_firmwaremdm9206smr526_firmwarequalcomm215qsw8574_firmwaresm4125_firmwareqpm4640_firmwaresdm429w_firmwaresdw2500wcn3680bmsm8953pm8953_firmwarepmm8155au_firmwareqpa8842_firmwarewcn6851ar8031qdm2301smb1396sd439qat5568sd455qat3516_firmwarewcd9341qpm5541_firmwareqpm5657pmr735b_firmwarepm456_firmwareqsm7250pmk8350ar8035pm439_firmwarepm8150l_firmwarewcn3680qat3522qpm2630sdm429wqfe4320wcn3660b_firmwarewcn3988_firmwareqpa8675_firmwaresd429sd720gsd768g_firmwaresdx55_firmwareqpm4630_firmwarewcd9375qca6564qdm5650qpa4360_firmwarepmw3100sm4125wcn6856pm8998sd450_firmwaresd765g_firmwarepmm8996au_firmwarepm670_firmwareqcs4290_firmwareqpa8673aqt1000qsm8250pm8953sd665_firmwareqdm3301_firmwarewcd9370qpm8870qdm5652_firmwarepm640lwcn3988pmx50qfe4305smr545sd675qfe2520qat5533msm8953_firmwarepm855lsa515mqca6574_firmwareqat3555pmm8155ausa8155sm6250p_firmwareqfe4303qpa5461_firmwarepm8250qdm4643qfe4308_firmwareqca6320_firmwareqfe4320_firmwareqpm5641_firmwaresd670_firmwaresd662sd480wcd9330_firmwarewcd9371sd855_firmwarepm7150l_firmwarepm8350bhqcc1110sd768gqfe4309_firmwareqsm8250_firmwaresmb1398sd480_firmwareqln1020pm6150l_firmwarepm8150csd660smb1380ar8031_firmwaresdr8250sdx50m_firmwaresd205pme605_firmwareqdm4650qtc800tpmx55csra6640_firmwareqfe2550_firmwaresd845_firmwaresdx20mqpa8842wsa8830_firmwareqpa4340qcs6125qln5020_firmwareqet5100msmb1351_firmwareqet4100pm660qat5522_firmwareqcs410smb2351_firmwarepm640a_firmwaresd429_firmwareqpm6585qpm5875_firmwareqca6174_firmwarewcn3998pm855bmdm9607_firmwaresmb1355_firmwareqpm5641sm6250_firmwaresmb1358wcn6850pmd9607sa8155p_firmwareqdm5671wtr2965mdm9626pm640pwtr3925_firmwaresmb1360pm670lpmr525qpa5373_firmwarewcn3910_firmwaresd670qpa8673_firmwareqdm3301qln1020_firmwareqca6426qln4642_firmwarepm3003aapq8017mdm9650_firmwareqpm6582wcn3910apq8096ausd870_firmwareqca6574a_firmwareqat5515sd450pm660lqualcomm215_firmwarewcd9326qet5100m_firmwaresdx55mpm6150lpmi8998qfe4305_firmwaresd730_firmwareqpm5679sdr051sdr052wcn3980_firmwaresdr735_firmwarepm8009mdm9607qca8337pmx20qcs610_firmwareqpm4621qpm5870_firmwareqdm2305qca6574au_firmwareqtc410s_firmwarewsa8835sdx20m_firmwaresa8155_firmwaremsm8909wfsm10056qpm4641_firmwareqpm5541smb1357qtc801sqdm5679_firmwareqat3518qpm5670_firmwaresdr660_firmwarepm8150_firmwarepmd9655qpm5875qfe2101sd8885gsmb1390qfe4302wcn3980qdm5621_firmwaresa6155_firmwarepm7250bpm660a_firmwaresdx55qcs405_firmwareqet6110_firmwareqca6574ausdm630_firmwaresa6145p_firmwareqtc801s_firmwarepm6125_firmwareqat3514_firmwarepm660_firmwaresmb1351smb1390_firmwarecsra6620smb1354smr545_firmwarewcn3990sa6155p_firmwareqln5030_firmwareqca6431_firmwaresd675_firmwareqca6564au_firmwareqca6320pm640aqpa8802_firmwarepm8005_firmwarepmi8998_firmwareqsw8573_firmwaremdm9628_firmwareqpm4650qpm6582_firmwaresa2150p_firmwaresdr865qcc1110_firmwarepm8008wcn6855qca6564ausd632msm8917sdx20wcn6851_firmwarepm7150afsm10055qdm5677_firmwarepmx55_firmwareqpa5581rsw8577qln5030Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon WearablesMultiple Chipsets
CWE ID-CWE-416
Use After Free
CVE-2025-47354
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 5.64%
||
7 Day CHG~0.00%
Published-09 Oct, 2025 | 03:18
Updated-26 Feb, 2026 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in DSP Service

Memory corruption while allocating buffers in DSP service.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qmp1000sm8750p_firmwaresm6475_firmwarewcn7861sm7435_firmwaresm8750psnapdragon_4_gen_2_mobile_platform_firmwarewcd9385wsa8845sw5100p_firmwarewsa8835_firmwarewsa8810fastconnect_7800_firmwaresm8750_firmwarewcn7881wcn7880_firmwarewsa8835wcd9395wcd9378_firmwarewcn7750wcn7860wcn7881_firmwarefastconnect_6700wsa8830wsa8840sm8735wcd9385_firmwaresw5100psnapdragon_6_gen_1_mobile_platformsnapdragon_w5\+_gen_1_wearable_platform_firmwarewsa8830_firmwarewsa8832_firmwarewcn6755_firmwarefastconnect_6700_firmwarewcd9375_firmwarewcn3988_firmwarewcn7860_firmwarewcd9380wcd9378sw5100wsa8832sxr2350pwcn3950_firmwarewcd9375fastconnect_6200_firmwarewcd9380_firmwaresm8735_firmwarefastconnect_7800snapdragon_6_gen_1_mobile_platform_firmwarewsa8815wcd9370sm7435sm6475wsa8815_firmwaresxr2330pwcd9395_firmwarewcn6755wsa8845hsw5100_firmwarewcn7880wcn3988sxr2330p_firmwarewsa8845_firmwaresnapdragon_4_gen_2_mobile_platformfastconnect_6200wcd9370_firmwarewsa8840_firmwarewcn7750_firmwareqmp1000_firmwaresnapdragon_w5\+_gen_1_wearable_platformsm8750wcn3950wsa8810_firmwarewcn7861_firmwarewsa8845h_firmwaresxr2350p_firmwareSnapdragon
CWE ID-CWE-416
Use After Free
CVE-2025-47339
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.01% / 2.74%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 22:48
Updated-27 Jan, 2026 | 21:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in HLOS

Memory corruption while deinitializing a HDCP session.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9375_firmwareqam8295p_firmwarewcn3988_firmwareqcm5430ipq8070_firmwareqca9889sa7255p_firmwareimmersive_home_214_platformqca6595au_firmwareqam8255pwcn7860_firmwarewcn7861qca6574au_firmwaresm7635pqcn6132_firmwaresc8380xpsa8650p_firmwaresrv1lipq4018_firmwareqam8775p_firmwareqca9980snapdragon_auto_5g_modem-rf_gen_2_firmwareqca6174aipq8068_firmwareqca6428ipq6010_firmwaresa6155p_firmwarewsa8845_firmwarevideo_collaboration_vc3_platform_firmwaresnapdragon_x72_5g_modem-rf_system_firmwareqamsrv1mqca9994_firmwaresnapdragon_ar1_gen_1_platform_\"luna1\"_firmwaresm8635pimmersive_home_318_platform_firmwaresm8635_firmwareipq8074ipq8071_firmwareqca6574awcn7881_firmwareqca9990sa9000psa8195p_firmwareqca9984_firmwareqca9898qca6174a_firmwareqca6595ausa8155p_firmwaresm6650psnapdragon_x35_5g_modem-rf_systemsm8750p_firmwaresa6145p_firmwarewcn7860qcs5430sxr2330pipq6000_firmwareqcn9100_firmwareqca8075_firmwaresa8295p_firmwareqcs9100snapdragon_6_gen_1_mobile_platformwcn7881qcn9070qca6584auqcs9100_firmwaresm6650p_firmwareqfw7124_firmwareqcn5052qca9984qfw7114_firmwareqca9980_firmwaresa6150p_firmwarewsa8810qca6574auqca6574a_firmwarewsa8845hqcn5152_firmwareipq4028qca8337_firmwareqcn5122_firmwareqcn9000_firmwarewcn3950immersive_home_316_platformipq8078asm7635p_firmwareimmersive_home_316_platform_firmwarefastconnect_6700_firmwarefastconnect_6900_firmwareqca9985qcm6490_firmwaresdx55_firmwareqca6678aq_firmwaresm7435_firmwarewcd9340_firmwaresrv1hwcn6650_firmwareqcn9274srv1l_firmwareqca9886_firmwaresa8155psm8750pipq8076aqep8111_firmwaresm7675_firmwarewcd9370qcc710_firmwareqca9888_firmwareqcn6224qcn5024csr8811_firmwaresa8145p_firmwareqca9985_firmwareqcn5052_firmwarecsr8811ipq4029_firmwaresa8540p_firmwareipq8078_firmwaresa8150pqca7500qca9986qcn6112_firmwarewsa8840sa7255pipq8074_firmwaresm7435ipq8071a_firmwarear8035snapdragon_6_gen_1_mobile_platform_firmwarewsa8830qca9886qmp1000sa6145pqcn6023_firmwareipq8174_firmwareipq5028snapdragon_auto_5g_modem-rf_gen_2sa8770p_firmwaresm6475ipq5010qcs6490qcn9024_firmwareqca6678aqsnapdragon_x35_5g_modem-rf_system_firmwaresa9000p_firmwareqmp1000_firmwareqca6438wsa8815_firmwarewsa8835qca9888ipq4019_firmwaresa8620pqca9986_firmwareqca6696qcn6122qca9898_firmwarewcd9380_firmwarewcn3988qca6428_firmwareqcn9022qcn9100video_collaboration_vc3_platformwsa8815qcs6490_firmwarear9380_firmwaresa8145pqcn5154_firmwaresa8195pipq8074aipq8078sa8620p_firmwaresm6475_firmwareqca9990_firmwaresnapdragon_x32_5g_modem-rf_systemqam8620p_firmwaresm4635wcd9378qcn5024_firmwareqcn5124_firmwaresxr2350p_firmwaresa8770pqcn9072qcn6023qcn6274_firmwarewcn7861_firmwareqca8075qcn9072_firmwareqca9889_firmwaresm8735_firmwaresm8650q_firmwareipq8064qam8620pqcn5152snapdragon_8_gen_3_mobile_platformwcd9375ipq6028qca6574snapdragon_4_gen_2_mobile_platform_firmwareipq4029qca9880_firmwaresm8635p_firmwareqca8081sm6650_firmwarewcn7880ipq8072aipq8071ipq8173qcn9274_firmwareqcn9074_firmwareimmersive_home_216_platformqca9994ipq4028_firmwareipq8070a_firmwareipq8078a_firmwareqamsrv1h_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcn7750ipq8074a_firmwarewcd9395_firmwareipq8072_firmwaresm8750sm4635_firmwareqcn9022_firmwareqam8255p_firmwareqca9992wsa8810_firmwaresa8150p_firmwareqca8081_firmwaresrv1h_firmwareqca4024ipq5010_firmwareqca6696_firmwareqca6584au_firmwaresdx55qfw7114ipq8076_firmwaresnapdragon_ar1_gen_1_platform_firmwaresa7775pqca6698aq_firmwarewsa8835_firmwareqca9880qcm5430_firmwareipq8072ipq8065_firmwareqcn5022_firmwareqca6797aq_firmwareqcn6122_firmwaresa8775pipq5028_firmwareqcn6024ipq8076a_firmwaresxr2330p_firmwareipq6010qcn9070_firmwaresrv1mfastconnect_6200_firmwareqam8650pqca6574_firmwareqam8650p_firmwarewcn6755_firmwareqcn5164_firmwareipq8071asnapdragon_x75_5g_modem-rf_systemqcn5122qca6438_firmwareipq8070aqam8775pipq8064_firmwareipq8068sm7635_firmwarewcn3950_firmwarewcn7750_firmwaresm6650ipq6018qcn5164sa8650pqcn6024_firmwareimmersive_home_216_platform_firmwaresrv1m_firmwarewcn6650qca6797aqfastconnect_6200sm8735sxr2350psm7635snapdragon_x75_5g_modem-rf_system_firmwareipq8070sm8635ipq4018qcn9000snapdragon_4_gen_2_mobile_platformfastconnect_6900qep8111qcn6274qca4024_firmwarewsa8832qcn5154sa8775p_firmwarewcn6755qcn6112ipq6018_firmwarewcd9390fastconnect_7800qcn5124wsa8832_firmwareqamsrv1hqca6698aqsa8255pipq8173_firmwaresm8750_firmwareipq6000sa6155psnapdragon_x32_5g_modem-rf_system_firmwareimmersive_home_214_platform_firmwareipq8072a_firmwareqcn9024qca6688aq_firmwaresa8540psm7675pwcd9385qcs5430_firmwareipq4019qca6688aqwcd9340fastconnect_7800_firmwaresnapdragon_ar1_gen_1_platformwsa8830_firmwareqamsrv1m_firmwarewsa8840_firmwarewcn7880_firmwarewcd9385_firmwareipq8076qca8337qfw7124qca9992_firmwareqam8295pqca6595qcn6224_firmwarear9380ipq8174qca6595_firmwaresnapdragon_x72_5g_modem-rf_systemsm7675qcm6490sm7675p_firmwarewcd9378_firmwareqcs615_firmwarewcd9370_firmwarear8035_firmwareipq8065wsa8845qcn6132qca7500_firmwareqcc710wsa8845h_firmwaresnapdragon_ar1_gen_1_platform_\"luna1\"sa6150pwcd9395qcs615qcn5022ipq6028_firmwareqcn9074sc8380xp_firmwarewcd9380sa7775p_firmwaresa8255p_firmwaresa8295pimmersive_home_318_platformfastconnect_6700wcd9390_firmwaresm8650qSnapdragon
CWE ID-CWE-416
Use After Free
CVE-2021-37652
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.68%
||
7 Day CHG~0.00%
Published-12 Aug, 2021 | 21:15
Updated-04 Aug, 2024 | 01:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use after free in boosted trees creation in TensorFlow

TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation for `tf.raw_ops.BoostedTreesCreateEnsemble` can result in a use after free error if an attacker supplies specially crafted arguments. The [implementation](https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensorflow/core/kernels/boosted_trees/resource_ops.cc#L55) uses a reference counted resource and decrements the refcount if the initialization fails, as it should. However, when the code was written, the resource was represented as a naked pointer but later refactoring has changed it to be a smart pointer. Thus, when the pointer leaves the scope, a subsequent `free`-ing of the resource occurs, but this fails to take into account that the refcount has already reached 0, thus the resource has been already freed. During this double-free process, members of the resource object are accessed for cleanup but they are invalid as the entire resource has been freed. We have patched the issue in GitHub commit 5ecec9c6fbdbc6be03295685190a45e7eee726ab. The fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-416
Use After Free
CWE ID-CWE-415
Double Free
CVE-2025-32709
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.76% / 73.13%
||
7 Day CHG-0.08%
Published-13 May, 2025 | 16:58
Updated-26 Feb, 2026 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2025-06-03||Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_server_2016windows_10_1507windows_10_22h2windows_server_2012windows_server_2008windows_11_24h2windows_11_23h2windows_10_1809windows_server_2022windows_server_2025windows_11_22h2windows_server_2022_23h2windows_10_1607windows_server_2019Windows Server 2019 (Server Core installation)Windows 10 Version 21H2Windows 10 Version 22H2Windows 11 Version 23H2Windows Server 2012Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2008 Service Pack 2Windows Server 2008 R2 Service Pack 1Windows Server 2012 R2Windows Server 2025 (Server Core installation)Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2016Windows Server 2012 R2 (Server Core installation)Windows 11 version 22H2Windows 11 version 22H3Windows Server 2019Windows 10 Version 1607Windows Server 2022Windows 10 Version 1507Windows Server 2012 (Server Core installation)Windows Server 2025Windows Server 2016 (Server Core installation)Windows 11 Version 24H2Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 10 Version 1809Windows
CWE ID-CWE-416
Use After Free
CVE-2025-32712
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.64%
||
7 Day CHG~0.00%
Published-10 Jun, 2025 | 17:02
Updated-26 Feb, 2026 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Win32k Elevation of Privilege Vulnerability

Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_1507windows_server_2022_23h2windows_10_1607windows_10_21h2windows_server_2008windows_server_2012windows_server_2019windows_11_23h2windows_server_2022windows_11_24h2windows_10_1809windows_server_2025windows_server_2016windows_11_22h2windows_10_22h2Windows Server 2019 (Server Core installation)Windows 10 Version 21H2Windows 10 Version 22H2Windows 11 Version 23H2Windows Server 2012Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2008 Service Pack 2Windows Server 2008 R2 Service Pack 1Windows Server 2012 R2Windows Server 2025 (Server Core installation)Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2016Windows Server 2012 R2 (Server Core installation)Windows 11 version 22H2Windows 11 version 22H3Windows Server 2019Windows 10 Version 1607Windows Server 2022Windows 10 Version 1507Windows Server 2012 (Server Core installation)Windows Server 2025Windows Server 2016 (Server Core installation)Windows 11 Version 24H2Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 10 Version 1809
CWE ID-CWE-416
Use After Free
CVE-2025-32701
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-1.54% / 81.20%
||
7 Day CHG~0.00%
Published-13 May, 2025 | 16:58
Updated-26 Feb, 2026 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2025-06-03||Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Windows Common Log File System Driver Elevation of Privilege Vulnerability

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_1507windows_11_22h2windows_server_2012windows_server_2008windows_10_21h2windows_11_23h2windows_11_24h2windows_server_2022windows_10_1607windows_10_22h2windows_server_2022_23h2windows_10_1809windows_server_2025windows_server_2019windows_server_2016Windows Server 2019 (Server Core installation)Windows 10 Version 21H2Windows 10 Version 22H2Windows 11 Version 23H2Windows Server 2012Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2008 Service Pack 2Windows Server 2008 R2 Service Pack 1Windows Server 2012 R2Windows Server 2025 (Server Core installation)Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2016Windows Server 2012 R2 (Server Core installation)Windows 11 version 22H2Windows 11 version 22H3Windows Server 2019Windows 10 Version 1607Windows Server 2022Windows 10 Version 1507Windows Server 2012 (Server Core installation)Windows Server 2025Windows Server 2016 (Server Core installation)Windows 11 Version 24H2Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 10 Version 1809Windows
CWE ID-CWE-416
Use After Free
CVE-2025-32332
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 0.39%
||
7 Day CHG~0.00%
Published-04 Sep, 2025 | 18:33
Updated-26 Feb, 2026 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In multiple locations, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CVE-2025-30377
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.4||HIGH
EPSS-0.42% / 61.83%
||
7 Day CHG+0.03%
Published-13 May, 2025 | 16:58
Updated-13 Feb, 2026 | 19:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Office Remote Code Execution Vulnerability

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-exceloffice_online_serveroffice_long_term_servicing_channel365_appsofficeMicrosoft Office LTSC 2024Microsoft 365 Apps for EnterpriseMicrosoft Office LTSC for Mac 2021Microsoft Office LTSC for Mac 2024Microsoft Office for AndroidMicrosoft Office LTSC 2021Microsoft Office 2019Microsoft Office 2016
CWE ID-CWE-416
Use After Free
CVE-2025-30385
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.37% / 58.48%
||
7 Day CHG+0.02%
Published-13 May, 2025 | 16:59
Updated-26 Feb, 2026 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Common Log File System Driver Elevation of Privilege Vulnerability

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2012windows_server_2016windows_10_22h2windows_11_23h2windows_11_22h2windows_10_1607windows_server_2019windows_server_2022_23h2windows_server_2025windows_11_24h2windows_server_2008windows_10_1809windows_server_2022windows_10_21h2Windows Server 2019 (Server Core installation)Windows 10 Version 21H2Windows 10 Version 22H2Windows 11 Version 23H2Windows Server 2012Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2008 Service Pack 2Windows Server 2008 R2 Service Pack 1Windows Server 2012 R2Windows Server 2025 (Server Core installation)Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2016Windows Server 2012 R2 (Server Core installation)Windows 11 version 22H2Windows 11 version 22H3Windows Server 2019Windows 10 Version 1607Windows Server 2022Windows 10 Version 1507Windows Server 2012 (Server Core installation)Windows Server 2025Windows Server 2016 (Server Core installation)Windows 11 Version 24H2Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 10 Version 1809
CWE ID-CWE-416
Use After Free
CVE-2017-0263
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-17.77% / 95.03%
||
7 Day CHG+2.03%
Published-12 May, 2017 | 14:00
Updated-22 Oct, 2025 | 00:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-08-10||Apply updates per vendor instructions.

The kernel-mode drivers in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_7windows_10_1507windows_server_2012windows_server_2008windows_10_1703windows_10_1607windows_rt_8.1windows_8.1windows_server_2016windows_10_1511Microsoft WindowsWin32k
CWE ID-CWE-416
Use After Free
CVE-2025-30232
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.1||HIGH
EPSS-0.03% / 7.21%
||
7 Day CHG~0.00%
Published-27 Mar, 2025 | 00:00
Updated-30 Sep, 2025 | 21:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use-after-free in Exim 4.96 through 4.98.1 could allow users (with command-line access) to escalate privileges.

Action-Not Available
Vendor-Exim
Product-eximExim
CWE ID-CWE-416
Use After Free
CVE-2025-33217
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-7.8||HIGH
EPSS-0.01% / 0.37%
||
7 Day CHG~0.00%
Published-28 Jan, 2026 | 17:46
Updated-26 Feb, 2026 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA Display Driver for Windows contains a vulnerability where an attacker could trigger a use after free. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure.

Action-Not Available
Vendor-NVIDIA Corporation
Product-RTX PRO, RTX, QuadroGeForceTesla
CWE ID-CWE-416
Use After Free
CVE-2025-29970
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.42% / 61.83%
||
7 Day CHG+0.03%
Published-13 May, 2025 | 16:58
Updated-13 Feb, 2026 | 19:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Brokering File System Elevation of Privilege Vulnerability

Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2022_23h2windows_server_2025windows_11_24h2Windows 11 Version 24H2Windows Server 2025 (Server Core installation)Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2025
CWE ID-CWE-416
Use After Free
CVE-2025-27056
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.48%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 12:49
Updated-21 Jul, 2025 | 18:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in DSP Service

Memory corruption during sub-system restart while processing clean-up to free up resources.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn7750_firmwaresw5100_firmwarewcn7860sxr2330p_firmwarewcn7880snapdragon_8_gen_3_mobilewsa8830_firmwaresw5100wsa8845wsa8832_firmwaresm8750p_firmwaresnapdragon_w5\+_gen_1_wearable_firmwarewcd9378_firmwarewcn7861wcd9380_firmwarefastconnect_7800_firmwarewcd9395snapdragon_8_gen_3_mobile_firmwarewcd9380sw5100psm8750psm8750sw5100p_firmwarewcd9378sxr2330pwsa8830wcn7881fastconnect_7800wsa8840_firmwarewsa8845hwsa8845_firmwarewcn7750wcd9390wsa8835sm8735_firmwarewcn7880_firmwarewcn7881_firmwarewsa8840wcd9390_firmwarewsa8835_firmwaresm8735snapdragon_w5\+_gen_1_wearablesm8750_firmwarewcd9395_firmwarewcn7861_firmwarewsa8832qmp1000wsa8845h_firmwareqmp1000_firmwarewcn7860_firmwareSnapdragon
CWE ID-CWE-416
Use After Free
CVE-2025-33220
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-7.8||HIGH
EPSS-0.01% / 0.37%
||
7 Day CHG~0.00%
Published-28 Jan, 2026 | 17:48
Updated-26 Feb, 2026 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause heap memory access after the memory is freed. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure.

Action-Not Available
Vendor-NVIDIA Corporation
Product-RTX PRO, RTX, QuadroGeForceVirtual GPU ManagerTesla
CWE ID-CWE-416
Use After Free
CVE-2025-27730
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.69% / 71.64%
||
7 Day CHG-0.04%
Published-08 Apr, 2025 | 17:24
Updated-13 Feb, 2026 | 19:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Digital Media Elevation of Privilege Vulnerability

Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_11_23h2windows_10_21h2windows_server_2019windows_10_22h2windows_server_2025windows_11_22h2windows_10_1809windows_server_2022_23h2windows_11_24h2Windows Server 2025Windows 11 Version 24H2Windows Server 2025 (Server Core installation)Windows 11 Version 23H2Windows Server 2019 (Server Core installation)Windows 10 Version 1809Windows 11 version 22H2Windows 10 Version 21H2Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 version 22H3Windows 10 Version 22H2Windows Server 2019
CWE ID-CWE-415
Double Free
CWE ID-CWE-416
Use After Free
CVE-2025-27077
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.01% / 2.30%
||
7 Day CHG~0.00%
Published-24 Sep, 2025 | 15:33
Updated-26 Feb, 2026 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Automotive Software platform based on QNX

Memory corruption while processing message in guest VM.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6698aqsrv1h_firmwaresa8540p_firmwaresa8650p_firmwaresa8255pqamsrv1m_firmwareqca6574ausa8775p_firmwaresrv1m_firmwareqam8620p_firmwaresa8770p_firmwareqamsrv1h_firmwareqam8255p_firmwaresa8295pqca6696_firmwareqca6797aq_firmwareqam8775p_firmwaresa8255p_firmwareqam8255pqam8775pqam8295p_firmwaresa7255p_firmwaresa7775psrv1msa8540psa8770pqca6688aq_firmwareqca6595_firmwareqam8295pqca6595ausa9000psa8620p_firmwaresa8650pqca6797aqqamsrv1mqca6696qam8620psa8295p_firmwaresrv1l_firmwaresrv1hqca6688aqqca6595au_firmwareqca6574au_firmwareqam8650p_firmwaresa9000p_firmwaresa7775p_firmwaresrv1lqca6595qam8650psa7255psa8620pqca6698aq_firmwaresa8775pqamsrv1hSnapdragon
CWE ID-CWE-416
Use After Free
CVE-2025-27050
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.48%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 12:49
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Camera

Memory corruption while processing event close when client process terminates abruptly.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wsa8845_firmwarewsa8840wcd9370sc8180xp-aaab_firmwarewcd9340_firmwarewcd9385sc8380xpwcd9341_firmwaresnapdragon_7c\+_gen_3_compute_firmwarefastconnect_6700qca6420sc8180xp-adsc8280xp-abbbqca6430wsa8815_firmwarewcd9370_firmwaresc8180xp-ad_firmwareqcm6490_firmwaresc8180xp-aaabwcd9340wcd9341qcm6490wsa8810_firmwarewsa8845h_firmwareqca6420_firmwareaqt1000_firmwareqcs6490_firmwaresc8180xp-acafsnapdragon_7c\+_gen_3_computewsa8835wsa8840_firmwareqca6391_firmwareqca6430_firmwarefastconnect_6800_firmwareqcs5430wsa8845hwcd9380_firmwareqcm5430sm6250_firmwaresc8180x-ad_firmwareqcm5430_firmwaresc8180x-acafwsa8815wsa8830sc8180x\+sdx55_firmwaresc8380xp_firmwarefastconnect_6800wcd9375_firmwarefastconnect_7800_firmwarefastconnect_6900qca6391qcs5430_firmwaresc8180x\+sdx55wcd9385_firmwaresm6250fastconnect_6900_firmwarewcd9380sc7180-acfastconnect_6200sc8280xp-abbb_firmwarefastconnect_7800sc8180x-acaf_firmwaresc7180-adsc7180-ad_firmwarewcd9375wsa8845fastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwaresc8180x-adwsa8835_firmwaresc8180x-aaabwsa8810sc8180x-aaab_firmwareqcs6490sc7180-ac_firmwaresc8180xp-acaf_firmwarefastconnect_6200_firmwarewsa8830_firmwarevideo_collaboration_vc3_platformaqt1000Snapdragon
CWE ID-CWE-416
Use After Free
CVE-2025-27037
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.01% / 2.30%
||
7 Day CHG~0.00%
Published-24 Sep, 2025 | 15:33
Updated-26 Feb, 2026 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Camera Driver

Memory corruption while processing config_dev IOCTL when camera kernel driver drops its reference to CPU buffers.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3988_firmwaresw5100snapdragon_xr2_5g_platformfastconnect_6900wcn3680bqca6696_firmwaresnapdragon_x55_5g_modem-rf_systemqca6436wsa8830_firmwaresnapdragon_870_5g_mobile_platform_\(sm8250-ac\)qcn9074_firmwarefastconnect_7800sa8145pwcd9380_firmwaresa8155pwsa8830sa8195p_firmwaresd865_5g_firmwareqca6391qca6696sa8195psa8295p_firmwareqca6391_firmwaresnapdragon_xr2_5g_platform_firmwareqca6574au_firmwaresa8145p_firmwaresa6150p_firmwaresa6155p_firmwaresw5100pfastconnect_6800qca6426wsa8810_firmwarewcd9380snapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)snapdragon_x55_5g_modem-rf_system_firmwareqca6574auqcn9074wcn3980_firmwaresnapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)_firmwaresa8295pwcn3680b_firmwaresa8150p_firmwaresnapdragon_8_gen_1_mobile_platform_firmwaresnapdragon_865_5g_mobile_platformsa8150pwsa8835sw5100p_firmwareqam8295p_firmwareqca6426_firmwaresa6145psa6155psa6145p_firmwareqam8295pwsa8835_firmwarewcn3660b_firmwarewsa8815_firmwaresd865_5gfastconnect_6900_firmwarefastconnect_6800_firmwaresxr2130_firmwarewcn3988wsa8810snapdragon_870_5g_mobile_platform_\(sm8250-ac\)_firmwaresnapdragon_865_5g_mobile_platform_firmwarewcn3980sxr2130sa6150pqca6436_firmwaresnapdragon_8_gen_1_mobile_platformsw5100_firmwarefastconnect_7800_firmwaresa8155p_firmwarewcn3660bwsa8815Snapdragon
CWE ID-CWE-416
Use After Free
CVE-2025-26594
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.09%
||
7 Day CHG+0.01%
Published-25 Feb, 2025 | 15:53
Updated-06 Nov, 2025 | 21:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
X.org: xwayland: use-after-free of the root cursor

A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to freed memory and causes a use-after-free.

Action-Not Available
Vendor-tigervncRed Hat, Inc.X.Org Foundation
Product-tigervncenterprise_linuxx_serverxwaylandRed Hat Enterprise Linux 8.4 Update Services for SAP SolutionsRed Hat Enterprise Linux 8.6 Update Services for SAP SolutionsRed Hat Enterprise Linux 6Red Hat Enterprise Linux 9.2 Extended Update SupportRed Hat Enterprise Linux 8.6 Telecommunications Update ServiceRed Hat Enterprise Linux 10Red Hat Enterprise Linux 8Red Hat Enterprise Linux 8.2 Advanced Update SupportRed Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 8.8 Extended Update SupportRed Hat Enterprise Linux 9Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 7 Extended Lifecycle SupportRed Hat Enterprise Linux 8.4 Telecommunications Update ServiceRed Hat Enterprise Linux 9.4 Extended Update SupportRed Hat Enterprise Linux 9.0 Update Services for SAP Solutions
CWE ID-CWE-416
Use After Free
CVE-2023-46708
Matching Score-4
Assigner-OpenHarmony
ShareView Details
Matching Score-4
Assigner-OpenHarmony
CVSS Score-4.3||MEDIUM
EPSS-0.07% / 20.25%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 06:19
Updated-16 Dec, 2024 | 19:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Wlan has a use after free vulnerability

in OpenHarmony v3.2.4 and prior versions allow a local attacker arbitrary code execution in any apps through use after free.

Action-Not Available
Vendor-OpenAtom FoundationOpenHarmony (OpenAtom Foundation)
Product-openharmonyOpenHarmonyopenharmony
CWE ID-CWE-416
Use After Free
CVE-2025-29824
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.50% / 65.58%
||
7 Day CHG+0.02%
Published-08 Apr, 2025 | 17:23
Updated-13 Feb, 2026 | 19:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2025-04-29||Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Windows Common Log File System Driver Elevation of Privilege Vulnerability

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_1507windows_11_22h2windows_server_2012windows_server_2008windows_10_21h2windows_11_23h2windows_11_24h2windows_server_2022windows_10_1607windows_10_22h2windows_server_2022_23h2windows_10_1809windows_server_2025windows_server_2019windows_server_2016Windows Server 2025Windows Server 2008 R2 Service Pack 1Windows 11 Version 23H2Windows Server 2012 (Server Core installation)Windows 10 Version 1809Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 version 22H3Windows Server 2016 (Server Core installation)Windows 10 Version 22H2Windows Server 2019Windows Server 2022Windows 10 Version 1607Windows 11 Version 24H2Windows Server 2025 (Server Core installation)Windows Server 2019 (Server Core installation)Windows Server 2016Windows 11 version 22H2Windows Server 2012 R2Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 Service Pack 2Windows Server 2012Windows Server 2012 R2 (Server Core installation)Windows
CWE ID-CWE-416
Use After Free
CVE-2025-24855
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.19%
||
7 Day CHG~0.00%
Published-14 Mar, 2025 | 00:00
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal.

Action-Not Available
Vendor-libxml2 (XMLSoft)
Product-libxsltlibxslt
CWE ID-CWE-416
Use After Free
CVE-2025-24301
Matching Score-4
Assigner-OpenHarmony
ShareView Details
Matching Score-4
Assigner-OpenHarmony
CVSS Score-3.8||LOW
EPSS-0.04% / 11.30%
||
7 Day CHG~0.00%
Published-04 Mar, 2025 | 03:44
Updated-11 Mar, 2025 | 16:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Arkcompiler Ets Runtime has an UAF vulnerability

in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios.

Action-Not Available
Vendor-OpenAtom FoundationOpenHarmony (OpenAtom Foundation)
Product-openharmonyOpenHarmony
CWE ID-CWE-416
Use After Free
CVE-2025-24072
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.18% / 38.92%
||
7 Day CHG~0.00%
Published-11 Mar, 2025 | 16:59
Updated-13 Feb, 2026 | 19:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Local Security Authority (LSA) Server Elevation of Privilege Vulnerability

Use after free in Microsoft Local Security Authority Server (lsasrv) allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_11_24h2windows_server_2012windows_server_2025windows_11_23h2windows_10_21h2windows_server_2022windows_10_1607windows_server_2019windows_10_1507windows_server_2008windows_11_22h2windows_server_2016windows_server_2022_23h2windows_10_22h2windows_10_1809Windows Server 2025Windows Server 2008 R2 Service Pack 1Windows 11 Version 23H2Windows Server 2012 (Server Core installation)Windows 10 Version 1809Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 version 22H3Windows Server 2016 (Server Core installation)Windows 10 Version 22H2Windows Server 2019Windows Server 2022Windows 10 Version 1607Windows 11 Version 24H2Windows Server 2025 (Server Core installation)Windows Server 2019 (Server Core installation)Windows Server 2016Windows 11 version 22H2Windows Server 2012 R2Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 Service Pack 2Windows Server 2012Windows Server 2012 R2 (Server Core installation)
CWE ID-CWE-416
Use After Free
CVE-2025-24044
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.20% / 42.09%
||
7 Day CHG~0.00%
Published-11 Mar, 2025 | 16:58
Updated-13 Feb, 2026 | 19:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_11_24h2windows_server_2012windows_server_2025windows_11_23h2windows_10_21h2windows_server_2022windows_10_1607windows_server_2019windows_10_1507windows_11_22h2windows_server_2016windows_server_2022_23h2windows_10_22h2windows_10_1809Windows Server 2025Windows 11 Version 23H2Windows Server 2012 (Server Core installation)Windows 10 Version 1809Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 version 22H3Windows Server 2016 (Server Core installation)Windows 10 Version 22H2Windows Server 2019Windows Server 2022Windows 10 Version 1607Windows 11 Version 24H2Windows Server 2025 (Server Core installation)Windows Server 2019 (Server Core installation)Windows Server 2016Windows 11 version 22H2Windows Server 2012 R2Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2012Windows Server 2012 R2 (Server Core installation)
CWE ID-CWE-416
Use After Free
CVE-2025-24298
Matching Score-4
Assigner-OpenHarmony
ShareView Details
Matching Score-4
Assigner-OpenHarmony
CVSS Score-8.4||HIGH
EPSS-0.02% / 4.04%
||
7 Day CHG~0.00%
Published-11 Aug, 2025 | 02:55
Updated-12 Aug, 2025 | 16:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
liteos_a has an UAF vulnerability

in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through use after free.

Action-Not Available
Vendor-OpenAtom FoundationOpenHarmony (OpenAtom Foundation)
Product-openharmonyOpenHarmony
CWE ID-CWE-416
Use After Free
CVE-2021-35115
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.04% / 13.37%
||
7 Day CHG~0.00%
Published-01 Apr, 2022 | 04:40
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper handling of multiple session supported by PVM backend can lead to use after free in Snapdragon Auto, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-ar6003_firmwareqca6564au_firmwareqca6584ausa6155p_firmwaresa6150p_firmwaresa8145p_firmwaremsm8996au_firmwareqca6564ausdx55m_firmwaremdm9215mdm9615mqca6574ausa6145p_firmwaremdm8215m_firmwaresa8155p_firmwaremsm8996auqca6564a_firmwaresa8195psa8540p_firmwaresa8150p_firmwarewcd9341_firmwaresa6155psa8540pmdm8215mdm9310_firmwareqca6574asa6145pmdm8615m_firmwarewcd9341mdm8615mqca6584au_firmwareapq8096auqca6564aqca6696_firmwaresa8145pqca6696mdm9615mdm8215_firmwaremdm9615m_firmwaresa9000psa8150psa6150psdx55apq8096au_firmwaresa8155pmdm9615_firmwaremdm9215_firmwaresa9000p_firmwaremdm8215mqca6574a_firmwareqca6574au_firmwaresa8195p_firmwaresdx55_firmwarear6003sdx55mmdm9310Snapdragon Auto, Snapdragon Mobile
CWE ID-CWE-416
Use After Free
CVE-2025-24046
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.18% / 38.92%
||
7 Day CHG~0.00%
Published-11 Mar, 2025 | 16:59
Updated-13 Feb, 2026 | 19:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Kernel Streaming Service Driver Elevation of Privilege Vulnerability

Use after free in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_1607windows_server_2022_23h2windows_server_2019windows_server_2025windows_11_24h2windows_10_22h2windows_10_1507windows_10_21h2windows_10_1809windows_11_22h2windows_server_2022windows_server_2016Windows Server 2025Windows 11 Version 23H2Windows 10 Version 1809Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 version 22H3Windows Server 2016 (Server Core installation)Windows 10 Version 22H2Windows Server 2019Windows Server 2022Windows 10 Version 1607Windows 11 Version 24H2Windows Server 2025 (Server Core installation)Windows Server 2019 (Server Core installation)Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows 11 version 22H2
CWE ID-CWE-416
Use After Free
CVE-2025-23414
Matching Score-4
Assigner-OpenHarmony
ShareView Details
Matching Score-4
Assigner-OpenHarmony
CVSS Score-3.8||LOW
EPSS-0.04% / 11.30%
||
7 Day CHG~0.00%
Published-04 Mar, 2025 | 03:44
Updated-11 Mar, 2025 | 16:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Arkcompiler Ets Runtime has an UAF vulnerability

in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios.

Action-Not Available
Vendor-OpenAtom FoundationOpenHarmony (OpenAtom Foundation)
Product-openharmonyOpenHarmony
CWE ID-CWE-416
Use After Free
CVE-2025-22438
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 0.39%
||
7 Day CHG~0.00%
Published-02 Sep, 2025 | 22:11
Updated-26 Feb, 2026 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In afterKeyEventLockedInterruptable of InputDispatcher.cpp, there is a possible use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CVE-2021-34403
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.22%
||
7 Day CHG~0.00%
Published-18 Jan, 2022 | 18:05
Updated-04 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA Linux distributions contain a vulnerability in nvmap ioctl, which allows any user with a local account to exploit a use-after-free condition, leading to code privilege escalation, loss of confidentiality and integrity, or denial of service.

Action-Not Available
Vendor-Google LLCNVIDIA Corporation
Product-shield_experienceandroidSHIELD TV
CWE ID-CWE-416
Use After Free
CVE-2025-21437
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.86%
||
7 Day CHG~0.00%
Published-07 Apr, 2025 | 10:16
Updated-26 Feb, 2026 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Automotive Linux OS

Memory corruption while processing memory map or unmap IOCTL operations simultaneously.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6574sa8255p_firmwareqam8255psrv1m_firmwaresa8195pqam8650psa7255pqam8775p_firmwaresa8775p_firmwaresrv1h_firmwaresa7775pqam8650p_firmwaresa8770p_firmwareqam8295psa8775pqam8620p_firmwareqca6696qam8295p_firmwaresrv1hqca6595srv1l_firmwaresa8155pqam8775psa8155p_firmwareqca6595_firmwareqamsrv1hqca6574ausrv1msa8295p_firmwaresa8620p_firmwareqca6698aq_firmwareqamsrv1msa6155p_firmwareqamsrv1m_firmwareqca6595au_firmwareqca6696_firmwaresa8650p_firmwaresa9000pqamsrv1h_firmwareqca6688aqsa9000p_firmwaresa8650pqca6574a_firmwaresa7255p_firmwareqam8255p_firmwaresa8770pqca6574au_firmwaresa8620pqca6574_firmwareqca6595auqca6698aqqca6688aq_firmwareqam8620psa6155psa7775p_firmwaresa8195p_firmwaresa8255psa8295pqca6797aqqca6574aqca6797aq_firmwaresrv1lSnapdragon
CWE ID-CWE-416
Use After Free
CVE-2025-21474
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.48%
||
7 Day CHG~0.00%
Published-06 Aug, 2025 | 07:25
Updated-19 Aug, 2025 | 13:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in BTHOST

Memory corruption while processing commands from A2dp sink command queue.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_8_gen_1_mobile_platformsw5100psw5100_firmwarewcn3660b_firmwaresnapdragon_w5\+_gen_1_wearable_platform_firmwaresa6145p_firmwarewcn3988wsa8835sa6155p_firmwareqca6426sa8195psnapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)sa8295psnapdragon_x55_5g_modem-rf_systemqca6391qcs610sa8145p_firmwaresa8295p_firmwaresa8150pwcn3950_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareqcn9074_firmwaresa6150p_firmwarewcn3980qam8295p_firmwarewcn3988_firmwarefastconnect_7800_firmwaresw5100p_firmwareqca6574au_firmwarewsa8830video_collaboration_vc1_platform_firmwaresa8145pwsa8815_firmwarevideo_collaboration_vc3_platform_firmwaresnapdragon_870_5g_mobile_platform_\(sm8250-ac\)_firmwarewsa8810wcd9370_firmwarefastconnect_6800wcn3680b_firmwareqca6426_firmwaresa6150psnapdragon_xr2_5g_platform_firmwaresnapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)_firmwareqca6696sw5100snapdragon_870_5g_mobile_platform_\(sm8250-ac\)sd865_5gqca6574auwcn3680bsxr2130wsa8810_firmwarewcd9380_firmwarewsa8835_firmwarewcd9341snapdragon_xr2_5g_platformqca6436qcs610_firmwarewcd9370qam8295psnapdragon_8_gen_1_mobile_platform_firmwarewcn3660bqca6696_firmwarefastconnect_6800_firmwaresa6155pwcn3950wsa8815wcd9341_firmwaresa6145pvideo_collaboration_vc1_platformfastconnect_7800qcn9074qcs410snapdragon_865_5g_mobile_platformfastconnect_6900_firmwaresxr2130_firmwaresnapdragon_865_5g_mobile_platform_firmwareqca6436_firmwarewcn3980_firmwarefastconnect_6900qcs410_firmwaresa8155p_firmwarevideo_collaboration_vc3_platformsd865_5g_firmwaresa8155psnapdragon_w5\+_gen_1_wearable_platformsa8150p_firmwareqca6391_firmwarewsa8830_firmwarewcd9380sa8195p_firmwareSnapdragon
CWE ID-CWE-416
Use After Free
CVE-2025-21436
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.86%
||
7 Day CHG~0.00%
Published-07 Apr, 2025 | 10:16
Updated-26 Feb, 2026 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in DSP Service

Memory corruption may occur while initiating two IOCTL calls simultaneously to create processes from two different threads.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sw5100psm8735_firmwaresw5100p_firmwarewsa8845_firmwarewcn7880_firmwarewsa8832_firmwaresm8750p_firmwarewcd9390wsa8835sw5100_firmwarewsa8830_firmwarewcd9395wsa8845wsa8840sxr2330pfastconnect_7800wsa8845h_firmwarefastconnect_7800_firmwaresnapdragon_8_gen_3_mobile_platform_firmwaresm8750wsa8830snapdragon_w5\+_gen_1_wearable_platform_firmwarewcn7880wsa8832snapdragon_w5\+_gen_1_wearable_platformsw5100wcd9378wsa8835_firmwarewcn7860sm8735sm8750psnapdragon_8_gen_3_mobile_platformwcn7861_firmwarewsa8840_firmwarewcn7750qmp1000wcn7881wcn7860_firmwaresm8750_firmwareqmp1000_firmwarewcd9378_firmwarewsa8845hsxr2330p_firmwarewcd9390_firmwarewcd9380_firmwarewcd9395_firmwarewcn7861wcn7750_firmwarewcd9380wcn7881_firmwareSnapdragon
CWE ID-CWE-416
Use After Free
CVE-2025-21456
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.48%
||
7 Day CHG~0.00%
Published-06 Aug, 2025 | 07:25
Updated-26 Feb, 2026 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in NPU

Memory corruption while processing IOCTL command when multiple threads are called to map/unmap buffer concurrently.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sw5100pqam8255psa8195psa7255pqam8775p_firmwarevideo_collaboration_vc1_platformsa7775pqam8650p_firmwarewsa8810_firmwareqcs610_firmwareqca6696qcc710qam8775pqca6174a_firmwaresw5100sa6150p_firmwarewsa8835_firmwareqca6698aq_firmwarewcn3660b_firmwaresa6155p_firmwareqcs410_firmwarec-v2x_9150_firmwarewcn3680bsnapdragon_x72_5g_modem-rf_system_firmwaresa8530p_firmwareqcc710_firmwareqfw7124sa8620pwcd9370sa8295pqca8337wcd9380snapdragon_888\+_5g_mobile_platform_\(sm8350-ac\)_firmwarewsa8815_firmwarefastconnect_6900_firmwaresa8540p_firmwareqam8650psa8150p_firmwareqcn6274_firmwaresnapdragon_w5\+_gen_1_wearable_platform_firmwaresnapdragon_w5\+_gen_1_wearable_platformwcn3980qca6574auwcn3988snapdragon_x75_5g_modem-rf_systemqca6584au_firmwaresa9000psa9000p_firmwareqca6584auqam8255p_firmwaresnapdragon_888\+_5g_mobile_platform_\(sm8350-ac\)ar8035sa8195p_firmwarewcd9380_firmwareqca6797aq_firmwarewsa8830_firmwaresa8540psa8255p_firmwarear8035_firmwarewsa8835qam8295psa8775pfastconnect_7800qca8081_firmwareqca8337_firmwaresa8155pwcn3660bwsa8830sa8155p_firmwarewcn3988_firmwareqcn6224video_collaboration_vc1_platform_firmwaresa8295p_firmwaresa8620p_firmwaresa6145pwcd9385snapdragon_auto_5g_modem-rf_gen_2qca6696_firmwaresa8530psa8650p_firmwaresnapdragon_x72_5g_modem-rf_systemwcd9385_firmwarewcn3680b_firmwarevideo_collaboration_vc3_platform_firmwaresa8145pqcs610wcn3950_firmwaresa6150pwcd9370_firmwaresa7255p_firmwareqca6574au_firmwarewsa8815snapdragon_888_5g_mobile_platformsa7775p_firmwaresa8255pwcd9341wsa8810sa6145p_firmwaresnapdragon_888_5g_mobile_platform_firmwareqca6797aqsnapdragon_x75_5g_modem-rf_system_firmwareqcn6274c-v2x_9150qfw7114sw5100p_firmwareqfw7114_firmwarewcd9340sa8775p_firmwarevideo_collaboration_vc3_platformsw5100_firmwarewcn3980_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqam8295p_firmwarefastconnect_7800_firmwareqca8081wcd9340_firmwaresa8145p_firmwarefastconnect_6900sa8150pwcd9341_firmwaresa8650pqca6174aqca6698aqsa6155pwcn3950qfw7124_firmwareqcs410qcn6224_firmwareSnapdragon
CWE ID-CWE-416
Use After Free
CVE-2021-34498
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.24% / 46.58%
||
7 Day CHG~0.00%
Published-14 Jul, 2021 | 17:54
Updated-19 Nov, 2024 | 14:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows GDI Elevation of Privilege Vulnerability

Windows GDI Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_10windows_server_2019windows_server_2008Windows 10 Version 1607Windows Server version 2004Windows 10 Version 21H1Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 8.1Windows Server 2012 (Server Core installation)Windows 7Windows Server version 20H2Windows 10 Version 1909Windows 7 Service Pack 1Windows 10 Version 20H2Windows Server 2016Windows 10 Version 2004Windows 10 Version 1507Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)
CWE ID-CWE-416
Use After Free
CVE-2025-21466
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.48%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 12:49
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Display

Memory corruption while processing a private escape command in an event trigger.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wsa8845_firmwarewsa8840wcd9370snapdragon_7c_gen_2_compute_firmwaresc8180xp-aaab_firmwarewcd9340_firmwarewcd9385sc8380xpwcd9341_firmwaresnapdragon_7c\+_gen_3_compute_firmwarefastconnect_6700qca6420sc8180xp-adsc8280xp-abbbqca6430wsa8815_firmwarewcd9370_firmwaresc8180xp-ad_firmwareqcm6490_firmwaresc8180xp-aaabwcd9340wcd9341qcm6490wsa8810_firmwarewsa8845h_firmwareqca6420_firmwareaqt1000_firmwareqcs6490_firmwaresc8180xp-acafsnapdragon_7c\+_gen_3_computewsa8835wsa8840_firmwareqca6391_firmwareqca6430_firmwarefastconnect_6800_firmwareqcs5430wsa8845hwcd9380_firmwareqcm5430sm6250_firmwaresc8180x-ad_firmwareqcm5430_firmwaresc8180x-acafwsa8815snapdragon_7c_computewsa8830snapdragon_7c_gen_2_computesc8180x\+sdx55_firmwaresnapdragon_7c_compute_firmwaresc8380xp_firmwarefastconnect_6800wcd9375_firmwarefastconnect_7800_firmwarefastconnect_6900qca6391qcs5430_firmwaresc8180x\+sdx55wcd9385_firmwaresm6250fastconnect_6900_firmwarewcd9380fastconnect_6200sc8280xp-abbb_firmwarefastconnect_7800sc8180x-acaf_firmwarewcd9375wsa8845fastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwaresc8180x-adwsa8835_firmwaresc8180x-aaabwsa8810sc8180x-aaab_firmwareqcs6490sc8180xp-acaf_firmwarefastconnect_6200_firmwarewsa8830_firmwarevideo_collaboration_vc3_platformaqt1000Snapdragon
CWE ID-CWE-416
Use After Free
CVE-2025-21453
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.86%
||
7 Day CHG+0.04%
Published-06 May, 2025 | 08:32
Updated-26 Feb, 2026 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in GPS HLOS Driver

Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd865_5gsnapdragon_632_mobileqca6595sm8735qca8081_firmwaresnapdragon_670_mobileqam8620p_firmwarewcn7880_firmwarewcd9340_firmwaresa8530pwcd9395_firmwareqcn6024wcn7750qcc710_firmwareqca6426snapdragon_8\+_gen_1_mobilefastconnect_6700wcn3610sa4150psnapdragon_782g_mobile_firmwarewsa8832_firmwareqca8337qca6426_firmwarewcd9395qca6574au_firmwaresnapdragon_x72_5g_modem-rfsm6370qca6564_firmwareqam8295pwcd9341sd626_firmwaresnapdragon_x12_lte_modemsnapdragon_888\+_5g_mobile_firmware205_mobilewsa8810_firmwaresd730_firmwarewsa8845h_firmwaresnapdragon_212_mobilesa9000p_firmwareqcs9100fastconnect_6800_firmwareqcs5430wcn7860sd835_firmwareqcm5430_firmwaresa4155pvideo_collaboration_vc1_platform_firmwaresa8770psnapdragon_678_mobile_firmwaresnapdragon_425_mobilesnapdragon_632_mobile_firmwaresa8540pvideo_collaboration_vc1_platformsa7255pqep8111sm8635snapdragon_730_mobile_firmwarewcd9385_firmwarevision_intelligence_200qca6310wcd9360snapdragon_680_4g_mobilesa6155psnapdragon_212_mobile_firmwareqca6564au_firmwaresnapdragon_429_mobile_firmwareqam8650psa9000psnapdragon_888_5g_mobile_firmwaresxr2250p_firmwaresnapdragon_662_mobile_firmwaresa6155p_firmwaresnapdragon_685_4g_mobile_firmwaresd835snapdragon_x55_5g_modem-rfsnapdragon_4_gen_2_mobile_firmwareqca6436_firmwaresnapdragon_695_5g_mobile_firmwaresnapdragon_x55_5g_modem-rf_firmwaresnapdragon_7c\+_gen_3_compute_firmwaresm4125_firmwaresnapdragon_x62_5g_modem-rf_firmwareqca6420wcn3910csrb31024qca9367wcn3660bqca6574asnapdragon_x72_5g_modem-rf_firmwareqca6174awcd9340qcm2290talynplussnapdragon_auto_5g_modem-rf_gen_2snapdragon_835_mobile_pc_firmwaresxr2250psm8550p_firmwarewcn3988qcm8550snapdragon_765_5g_mobile_firmwareqcn9024vision_intelligence_300_firmwareqca6574215_mobileqamsrv1hqcs410qcm2290_firmwarevision_intelligence_100sm8650qsnapdragon_765g_5g_mobile_firmwaresa8155pwsa8830smart_display_200_firmwaresm8550psa6145psnapdragon_625_mobile_firmwaresa8255p_firmwaresm7635_firmwaresnapdragon_4_gen_2_mobilewcn7750_firmwaresa8650p_firmwarewcn6450_firmwaresrv1l_firmwareqcs9100_firmwaresnapdragon_865\+_5g_mobile_firmwaresnapdragon_429_mobilewcn3950_firmwarefastconnect_6200sm7325p_firmwarewcd9360_firmwarewcd9378snapdragon_480_5g_mobile_firmwaresnapdragon_210_firmwaresnapdragon_660_mobile_firmwaresm8635p_firmwaresm6650p_firmwaresnapdragon_710_mobile_firmwarevideo_collaboration_vc3_platform_firmwarerobotics_rb3_firmwaresd670_firmwaresnapdragon_8_gen_3_mobilesnapdragon_855_mobilesnapdragon_210qcn6224_firmwarevision_intelligence_100_firmwaresd660_firmwaresdx61_firmwaresnapdragon_750g_5g_mobile_firmwaresnapdragon_480_5g_mobilesrv1lsxr2130_firmwaresrv1msm7675psnapdragon_860_mobile_firmwarear8035_firmwaresnapdragon_778g\+_5g_mobilesd888_firmwaresnapdragon_x62_5g_modem-rfqcs6125_firmwarewsa8815_firmwareqca8337_firmwaresnapdragon_x12_lte_modem_firmwaresm7250p_firmwaresm4635_firmwarewcn3680_firmwaresa2150p_firmwarewcn3950snapdragon_730g_mobile_firmwaresm8750qca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaretalynplus_firmwaresnapdragon_778g\+_5g_mobile_firmwaresa8295p_firmwaresmart_audio_400_firmwaresa4155p_firmwaresnapdragon_720g_mobilesm7250pcsrb31024_firmwaresa8155sd888wcn6755_firmwaresnapdragon_675_mobile_firmwaresnapdragon_768g_5g_mobileqca6310_firmwaresd626fastconnect_6800snapdragon_865_5g_mobile_firmwarefastconnect_6900_firmwareqmp1000_firmwarewcn7880wcn6755sxr2330pwcn7881video_collaboration_vc3_platformqcm2150_firmware215_mobile_firmwareqca6698aq_firmwareqcs2290qcs2290_firmwaresnapdragon_xr2\+_gen_1_firmwarewcn3615qca9367_firmwarewcn3680sa8255pwcd9390_firmwareqep8111_firmwareqcs615_firmwareqca6430snapdragon_855\+_mobilesnapdragon_765_5g_mobilesnapdragon_860_mobilesnapdragon_auto_5g_modem-rfsm8750_firmwaresnapdragon_x65_5g_modem-rf_firmwarecsra6640_firmwareqamsrv1mwcn7861qam8650p_firmwareqca6420_firmwareqcs6490_firmwaresm6650_firmwaresd855_firmwarewcn3980_firmwareqam8620pqca6436wcd9335_firmwarewsa8835wsa8840_firmwareqca6391_firmwareqcs4290_firmwareqcs8300qca8081csra6620sd660wsa8815mdm9628qam8775pqca9377qcm4325_firmwaresnapdragon_439_mobile_firmwaresnapdragon_720g_mobile_firmwareqcm4290_firmwaresnapdragon_710_mobileqcn9274_firmwareqcs5430_firmwaresnapdragon_x32_5g_modem-rfsg4150p_firmwarecsra6620_firmwareqcs8550sa8650psnapdragon_626_mobileqam8775p_firmwaresd865_5g_firmwaresm8750p_firmwaresnapdragon_xr1wcd9375snapdragon_636_mobilesa8145psnapdragon_8\+_gen_1_mobile_firmwaresmart_display_200sm7675p_firmwarewcn3680b_firmwaresnapdragon_8_gen_1_mobile_firmwareqcm8550_firmwareapq8017sa6150p_firmwarewcn6650qcs410_firmwarerobotics_rb3sw5100psxr1120qcs610_firmwarewcd9335wcd9370qca6696wcd9341_firmwaresxr2330p_firmwarewcn7881_firmwarewcn6450wcn6740_firmwaresnapdragon_780g_5g_mobilesnapdragon_750g_5g_mobilevision_intelligence_200_firmwaresnapdragon_685_4g_mobilesnapdragon_x50_5g_modem-rf_firmwaresnapdragon_auto_4g_modemsnapdragon_690_5g_mobile_firmwareqca6574auwcd9390sa8620p_firmwarecsra6640snapdragon_778g_5g_mobile_firmwaresrv1hsm8650q_firmwarewcn3660b_firmwaresd730snapdragon_690_5g_mobileqcn6024_firmwaresnapdragon_636_mobile_firmwareqcm5430snapdragon_625_mobileqcm6125_firmwareqcc710snapdragon_x32_5g_modem-rf_firmwaresnapdragon_xr2_5g_firmwaresnapdragon_xr1_firmwaresxr1120_firmware315_5g_iot_modem_firmwarefastconnect_6900robotics_rb2snapdragon_w5\+_gen_1_wearable_firmwareqfw7114315_5g_iot_modemqam8255p_firmwaresa8155_firmwaresdx61qca6335snapdragon_x65_5g_modem-rfqcs4490snapdragon_730_mobilewsa8845snapdragon_626_mobile_firmwareqcm6125wsa8810srv1h_firmwareqca6595ausnapdragon_888_5g_mobilesm7315_firmwarewcd9326_firmwaresnapdragon_845_mobile_firmwarewsa8840srv1m_firmwaresnapdragon_x35_5g_modem-rf_firmwaresnapdragon_730g_mobilesnapdragon_782g_mobileqcs8550_firmwaresnapdragon_8_gen_2_mobile_firmwareqfw7124_firmwaresm8750pqcn9012qcs4490_firmwarewcn3910_firmwaresm8635psnapdragon_460_mobilesnapdragon_8_gen_2_mobileqmp1000wcd9370_firmwarerobotics_rb2_firmwaresa7255p_firmwaresnapdragon_8\+_gen_2_mobilesa8195pqca6335_firmwaresa8540p_firmwareqcm6490sm6370_firmwaresnapdragon_662_mobileqcn9274sa8775psxr2230p_firmwaresnapdragon_855_mobile_firmwareqca6430_firmwareqcn9011sa8775p_firmwaresmart_audio_400wsa8845hqcn9024_firmwaresa6150pwcd9326sa8155p_firmwaresnapdragon_630_mobileqca6564asnapdragon_768g_5g_mobile_firmwaresm7675_firmwarear8035qamsrv1m_firmwareqca6564sa6155qcm4325qcn6224qcs615sa7775p_firmwareqca6698aqsm6250sm7635sa8530p_firmwaresnapdragon_480\+_5g_mobilesd670wcn3680bsa8145p_firmwaresa8150p_firmwarefastconnect_6700_firmwarewcn3990snapdragon_x75_5g_modem-rf_firmwareqcs6490snapdragon_695_5g_mobilesnapdragon_778g_5g_mobilefastconnect_6200_firmwarewsa8830_firmwaresnapdragon_460_mobile_firmwareqca6678aq_firmwarewsa8845_firmwarewsa8832snapdragon_auto_4g_modem_firmwarewcd9378_firmwareqca6678aqsnapdragon_x35_5g_modem-rf205_mobile_firmwarewcn7860_firmwaresa4150p_firmwareqca6564ausm4635snapdragon_425_mobile_firmwaresa8195p_firmwareqcm4290snapdragon_xr2\+_gen_1sg8275p_firmwareqca9377_firmwareqcm6490_firmwaresm4125qcm4490_firmwarevision_intelligence_400_firmwareqcs6125snapdragon_870_5g_mobile_firmwaresnapdragon_7c\+_gen_3_computesnapdragon_732g_mobilesnapdragon_870_5g_mobilesnapdragon_678_mobilesm6250_firmwareqca6584auqcn6274_firmwareqcn9011_firmwaresa2150psw5100_firmwarewcn6740wcn6650_firmwaresnapdragon_780g_5g_mobile_firmwaresnapdragon_845_mobilesnapdragon_8_gen_3_mobile_firmwareqfw7114_firmwareqca6595_firmwarefastconnect_7800_firmwaresnapdragon_675_mobilesm8635_firmwareapq8017_firmwarewcd9380sa6145p_firmwaresa6155_firmwareqam8255psxr2230psnapdragon_xr2_5gsa8150psnapdragon_auto_5g_modem-rf_firmwaresm6650sw5100aqt1000snapdragon_4_gen_1_mobile_firmwaresm6650pqca6688aqqam8295p_firmwaresd855wcd9330_firmwarewcn3990_firmwaresm7315snapdragon_660_mobileqca6564a_firmwarewcd9385snapdragon_888\+_5g_mobilesnapdragon_8_gen_1_mobilesnapdragon_630_mobile_firmwarewcd9330wcn3610_firmwaresnapdragon_680_4g_mobile_firmwareqcs4290snapdragon_865\+_5g_mobilesg8275psdx55_firmwarewcn3615_firmwaresxr2130qcm4490snapdragon_480\+_5g_mobile_firmwarewcn7861_firmwareqca6174a_firmwaresm7325psnapdragon_732g_mobile_firmwaresnapdragon_x50_5g_modem-rfsnapdragon_670_mobile_firmwareaqt1000_firmwareqca6584au_firmwareqcn6274qfw7124qca6595au_firmwareqcs8300_firmwaresw5100p_firmwareqca6696_firmwarewcd9380_firmwareqca6574_firmwaresg4150psd_8_gen1_5gqca6797aqmdm9628_firmwaresnapdragon_x75_5g_modem-rfsa8620psdx55qca6574a_firmwaresnapdragon_4_gen_1_mobilesnapdragon_865_5g_mobilesnapdragon_835_mobile_pcsnapdragon_855\+_mobile_firmwaresd_8_gen1_5g_firmwarewcd9375_firmwaresa7775pqca6391qcn9012_firmwaresnapdragon_439_mobilesa8770p_firmwaresa8295psm8735_firmwarefastconnect_7800snapdragon_8\+_gen_2_mobile_firmwareqca6688aq_firmwarevision_intelligence_300snapdragon_765g_5g_mobilewcn3988_firmwareqamsrv1h_firmwaresm7675wsa8835_firmwarevision_intelligence_400wcn3980qcm2150snapdragon_w5\+_gen_1_wearableqcs610Snapdragon
CWE ID-CWE-416
Use After Free
  • Previous
  • 1
  • 2
  • ...
  • 60
  • 61
  • 62
  • 63
  • 64
  • Next
Details not found