Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-22085

Summary
Assigner-Linux
Assigner Org ID-416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At-16 Apr, 2025 | 14:12
Updated At-26 May, 2025 | 05:18
Rejected At-
Credits

RDMA/core: Fix use-after-free when rename device name

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix use-after-free when rename device name Syzbot reported a slab-use-after-free with the following call trace: ================================================================== BUG: KASAN: slab-use-after-free in nla_put+0xd3/0x150 lib/nlattr.c:1099 Read of size 5 at addr ffff888140ea1c60 by task syz.0.988/10025 CPU: 0 UID: 0 PID: 10025 Comm: syz.0.988 Not tainted 6.14.0-rc4-syzkaller-00859-gf77f12010f67 #0 Hardware name: Google Compute Engine, BIOS Google 02/12/2025 Call Trace: <TASK> __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120 print_address_description mm/kasan/report.c:408 [inline] print_report+0x16e/0x5b0 mm/kasan/report.c:521 kasan_report+0x143/0x180 mm/kasan/report.c:634 kasan_check_range+0x282/0x290 mm/kasan/generic.c:189 __asan_memcpy+0x29/0x70 mm/kasan/shadow.c:105 nla_put+0xd3/0x150 lib/nlattr.c:1099 nla_put_string include/net/netlink.h:1621 [inline] fill_nldev_handle+0x16e/0x200 drivers/infiniband/core/nldev.c:265 rdma_nl_notify_event+0x561/0xef0 drivers/infiniband/core/nldev.c:2857 ib_device_notify_register+0x22/0x230 drivers/infiniband/core/device.c:1344 ib_register_device+0x1292/0x1460 drivers/infiniband/core/device.c:1460 rxe_register_device+0x233/0x350 drivers/infiniband/sw/rxe/rxe_verbs.c:1540 rxe_net_add+0x74/0xf0 drivers/infiniband/sw/rxe/rxe_net.c:550 rxe_newlink+0xde/0x1a0 drivers/infiniband/sw/rxe/rxe.c:212 nldev_newlink+0x5ea/0x680 drivers/infiniband/core/nldev.c:1795 rdma_nl_rcv_skb drivers/infiniband/core/netlink.c:239 [inline] rdma_nl_rcv+0x6dd/0x9e0 drivers/infiniband/core/netlink.c:259 netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline] netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1339 netlink_sendmsg+0x8de/0xcb0 net/netlink/af_netlink.c:1883 sock_sendmsg_nosec net/socket.c:709 [inline] __sock_sendmsg+0x221/0x270 net/socket.c:724 ____sys_sendmsg+0x53a/0x860 net/socket.c:2564 ___sys_sendmsg net/socket.c:2618 [inline] __sys_sendmsg+0x269/0x350 net/socket.c:2650 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f42d1b8d169 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 ... RSP: 002b:00007f42d2960038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 00007f42d1da6320 RCX: 00007f42d1b8d169 RDX: 0000000000000000 RSI: 00004000000002c0 RDI: 000000000000000c RBP: 00007f42d1c0e2a0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000000 R14: 00007f42d1da6320 R15: 00007ffe399344a8 </TASK> Allocated by task 10025: kasan_save_stack mm/kasan/common.c:47 [inline] kasan_save_track+0x3f/0x80 mm/kasan/common.c:68 poison_kmalloc_redzone mm/kasan/common.c:377 [inline] __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394 kasan_kmalloc include/linux/kasan.h:260 [inline] __do_kmalloc_node mm/slub.c:4294 [inline] __kmalloc_node_track_caller_noprof+0x28b/0x4c0 mm/slub.c:4313 __kmemdup_nul mm/util.c:61 [inline] kstrdup+0x42/0x100 mm/util.c:81 kobject_set_name_vargs+0x61/0x120 lib/kobject.c:274 dev_set_name+0xd5/0x120 drivers/base/core.c:3468 assign_name drivers/infiniband/core/device.c:1202 [inline] ib_register_device+0x178/0x1460 drivers/infiniband/core/device.c:1384 rxe_register_device+0x233/0x350 drivers/infiniband/sw/rxe/rxe_verbs.c:1540 rxe_net_add+0x74/0xf0 drivers/infiniband/sw/rxe/rxe_net.c:550 rxe_newlink+0xde/0x1a0 drivers/infiniband/sw/rxe/rxe.c:212 nldev_newlink+0x5ea/0x680 drivers/infiniband/core/nldev.c:1795 rdma_nl_rcv_skb drivers/infiniband/core/netlink.c:239 [inline] rdma_nl_rcv+0x6dd/0x9e0 drivers/infiniband/core/netlink.c:259 netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline] netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1339 netlink_sendmsg+0x8de/0xcb0 net ---truncated---

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Linux
Assigner Org ID:416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At:16 Apr, 2025 | 14:12
Updated At:26 May, 2025 | 05:18
Rejected At:
â–¼CVE Numbering Authority (CNA)
RDMA/core: Fix use-after-free when rename device name

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix use-after-free when rename device name Syzbot reported a slab-use-after-free with the following call trace: ================================================================== BUG: KASAN: slab-use-after-free in nla_put+0xd3/0x150 lib/nlattr.c:1099 Read of size 5 at addr ffff888140ea1c60 by task syz.0.988/10025 CPU: 0 UID: 0 PID: 10025 Comm: syz.0.988 Not tainted 6.14.0-rc4-syzkaller-00859-gf77f12010f67 #0 Hardware name: Google Compute Engine, BIOS Google 02/12/2025 Call Trace: <TASK> __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120 print_address_description mm/kasan/report.c:408 [inline] print_report+0x16e/0x5b0 mm/kasan/report.c:521 kasan_report+0x143/0x180 mm/kasan/report.c:634 kasan_check_range+0x282/0x290 mm/kasan/generic.c:189 __asan_memcpy+0x29/0x70 mm/kasan/shadow.c:105 nla_put+0xd3/0x150 lib/nlattr.c:1099 nla_put_string include/net/netlink.h:1621 [inline] fill_nldev_handle+0x16e/0x200 drivers/infiniband/core/nldev.c:265 rdma_nl_notify_event+0x561/0xef0 drivers/infiniband/core/nldev.c:2857 ib_device_notify_register+0x22/0x230 drivers/infiniband/core/device.c:1344 ib_register_device+0x1292/0x1460 drivers/infiniband/core/device.c:1460 rxe_register_device+0x233/0x350 drivers/infiniband/sw/rxe/rxe_verbs.c:1540 rxe_net_add+0x74/0xf0 drivers/infiniband/sw/rxe/rxe_net.c:550 rxe_newlink+0xde/0x1a0 drivers/infiniband/sw/rxe/rxe.c:212 nldev_newlink+0x5ea/0x680 drivers/infiniband/core/nldev.c:1795 rdma_nl_rcv_skb drivers/infiniband/core/netlink.c:239 [inline] rdma_nl_rcv+0x6dd/0x9e0 drivers/infiniband/core/netlink.c:259 netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline] netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1339 netlink_sendmsg+0x8de/0xcb0 net/netlink/af_netlink.c:1883 sock_sendmsg_nosec net/socket.c:709 [inline] __sock_sendmsg+0x221/0x270 net/socket.c:724 ____sys_sendmsg+0x53a/0x860 net/socket.c:2564 ___sys_sendmsg net/socket.c:2618 [inline] __sys_sendmsg+0x269/0x350 net/socket.c:2650 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f42d1b8d169 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 ... RSP: 002b:00007f42d2960038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 00007f42d1da6320 RCX: 00007f42d1b8d169 RDX: 0000000000000000 RSI: 00004000000002c0 RDI: 000000000000000c RBP: 00007f42d1c0e2a0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000000 R14: 00007f42d1da6320 R15: 00007ffe399344a8 </TASK> Allocated by task 10025: kasan_save_stack mm/kasan/common.c:47 [inline] kasan_save_track+0x3f/0x80 mm/kasan/common.c:68 poison_kmalloc_redzone mm/kasan/common.c:377 [inline] __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394 kasan_kmalloc include/linux/kasan.h:260 [inline] __do_kmalloc_node mm/slub.c:4294 [inline] __kmalloc_node_track_caller_noprof+0x28b/0x4c0 mm/slub.c:4313 __kmemdup_nul mm/util.c:61 [inline] kstrdup+0x42/0x100 mm/util.c:81 kobject_set_name_vargs+0x61/0x120 lib/kobject.c:274 dev_set_name+0xd5/0x120 drivers/base/core.c:3468 assign_name drivers/infiniband/core/device.c:1202 [inline] ib_register_device+0x178/0x1460 drivers/infiniband/core/device.c:1384 rxe_register_device+0x233/0x350 drivers/infiniband/sw/rxe/rxe_verbs.c:1540 rxe_net_add+0x74/0xf0 drivers/infiniband/sw/rxe/rxe_net.c:550 rxe_newlink+0xde/0x1a0 drivers/infiniband/sw/rxe/rxe.c:212 nldev_newlink+0x5ea/0x680 drivers/infiniband/core/nldev.c:1795 rdma_nl_rcv_skb drivers/infiniband/core/netlink.c:239 [inline] rdma_nl_rcv+0x6dd/0x9e0 drivers/infiniband/core/netlink.c:259 netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline] netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1339 netlink_sendmsg+0x8de/0xcb0 net ---truncated---

Affected Products
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • drivers/infiniband/core/device.c
Default Status
unaffected
Versions
Affected
  • From 9cbed5aab5aeea420d0aa945733bf608449d44fb before 0d6460b9d2a3ee380940bdf47680751ef91cb88e (git)
  • From 9cbed5aab5aeea420d0aa945733bf608449d44fb before 56ec8580be5174b2b9774066e60f1aad56d201db (git)
  • From 9cbed5aab5aeea420d0aa945733bf608449d44fb before edf6b543e81ba68c6dbac2499ab362098a5a9716 (git)
  • From 9cbed5aab5aeea420d0aa945733bf608449d44fb before 1d6a9e7449e2a0c1e2934eee7880ba8bd1e464cd (git)
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • drivers/infiniband/core/device.c
Default Status
affected
Versions
Affected
  • 6.12
Unaffected
  • From 0 before 6.12 (semver)
  • From 6.12.23 through 6.12.* (semver)
  • From 6.13.11 through 6.13.* (semver)
  • From 6.14.2 through 6.14.* (semver)
  • From 6.15 through * (original_commit_for_fix)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://git.kernel.org/stable/c/0d6460b9d2a3ee380940bdf47680751ef91cb88e
N/A
https://git.kernel.org/stable/c/56ec8580be5174b2b9774066e60f1aad56d201db
N/A
https://git.kernel.org/stable/c/edf6b543e81ba68c6dbac2499ab362098a5a9716
N/A
https://git.kernel.org/stable/c/1d6a9e7449e2a0c1e2934eee7880ba8bd1e464cd
N/A
Hyperlink: https://git.kernel.org/stable/c/0d6460b9d2a3ee380940bdf47680751ef91cb88e
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/56ec8580be5174b2b9774066e60f1aad56d201db
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/edf6b543e81ba68c6dbac2499ab362098a5a9716
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/1d6a9e7449e2a0c1e2934eee7880ba8bd1e464cd
Resource: N/A
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-416CWE-416 Use After Free
Type: CWE
CWE ID: CWE-416
Description: CWE-416 Use After Free
Metrics
VersionBase scoreBase severityVector
3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At:16 Apr, 2025 | 15:16
Updated At:25 Apr, 2025 | 18:41

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix use-after-free when rename device name Syzbot reported a slab-use-after-free with the following call trace: ================================================================== BUG: KASAN: slab-use-after-free in nla_put+0xd3/0x150 lib/nlattr.c:1099 Read of size 5 at addr ffff888140ea1c60 by task syz.0.988/10025 CPU: 0 UID: 0 PID: 10025 Comm: syz.0.988 Not tainted 6.14.0-rc4-syzkaller-00859-gf77f12010f67 #0 Hardware name: Google Compute Engine, BIOS Google 02/12/2025 Call Trace: <TASK> __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120 print_address_description mm/kasan/report.c:408 [inline] print_report+0x16e/0x5b0 mm/kasan/report.c:521 kasan_report+0x143/0x180 mm/kasan/report.c:634 kasan_check_range+0x282/0x290 mm/kasan/generic.c:189 __asan_memcpy+0x29/0x70 mm/kasan/shadow.c:105 nla_put+0xd3/0x150 lib/nlattr.c:1099 nla_put_string include/net/netlink.h:1621 [inline] fill_nldev_handle+0x16e/0x200 drivers/infiniband/core/nldev.c:265 rdma_nl_notify_event+0x561/0xef0 drivers/infiniband/core/nldev.c:2857 ib_device_notify_register+0x22/0x230 drivers/infiniband/core/device.c:1344 ib_register_device+0x1292/0x1460 drivers/infiniband/core/device.c:1460 rxe_register_device+0x233/0x350 drivers/infiniband/sw/rxe/rxe_verbs.c:1540 rxe_net_add+0x74/0xf0 drivers/infiniband/sw/rxe/rxe_net.c:550 rxe_newlink+0xde/0x1a0 drivers/infiniband/sw/rxe/rxe.c:212 nldev_newlink+0x5ea/0x680 drivers/infiniband/core/nldev.c:1795 rdma_nl_rcv_skb drivers/infiniband/core/netlink.c:239 [inline] rdma_nl_rcv+0x6dd/0x9e0 drivers/infiniband/core/netlink.c:259 netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline] netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1339 netlink_sendmsg+0x8de/0xcb0 net/netlink/af_netlink.c:1883 sock_sendmsg_nosec net/socket.c:709 [inline] __sock_sendmsg+0x221/0x270 net/socket.c:724 ____sys_sendmsg+0x53a/0x860 net/socket.c:2564 ___sys_sendmsg net/socket.c:2618 [inline] __sys_sendmsg+0x269/0x350 net/socket.c:2650 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f42d1b8d169 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 ... RSP: 002b:00007f42d2960038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 00007f42d1da6320 RCX: 00007f42d1b8d169 RDX: 0000000000000000 RSI: 00004000000002c0 RDI: 000000000000000c RBP: 00007f42d1c0e2a0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000000 R14: 00007f42d1da6320 R15: 00007ffe399344a8 </TASK> Allocated by task 10025: kasan_save_stack mm/kasan/common.c:47 [inline] kasan_save_track+0x3f/0x80 mm/kasan/common.c:68 poison_kmalloc_redzone mm/kasan/common.c:377 [inline] __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394 kasan_kmalloc include/linux/kasan.h:260 [inline] __do_kmalloc_node mm/slub.c:4294 [inline] __kmalloc_node_track_caller_noprof+0x28b/0x4c0 mm/slub.c:4313 __kmemdup_nul mm/util.c:61 [inline] kstrdup+0x42/0x100 mm/util.c:81 kobject_set_name_vargs+0x61/0x120 lib/kobject.c:274 dev_set_name+0xd5/0x120 drivers/base/core.c:3468 assign_name drivers/infiniband/core/device.c:1202 [inline] ib_register_device+0x178/0x1460 drivers/infiniband/core/device.c:1384 rxe_register_device+0x233/0x350 drivers/infiniband/sw/rxe/rxe_verbs.c:1540 rxe_net_add+0x74/0xf0 drivers/infiniband/sw/rxe/rxe_net.c:550 rxe_newlink+0xde/0x1a0 drivers/infiniband/sw/rxe/rxe.c:212 nldev_newlink+0x5ea/0x680 drivers/infiniband/core/nldev.c:1795 rdma_nl_rcv_skb drivers/infiniband/core/netlink.c:239 [inline] rdma_nl_rcv+0x6dd/0x9e0 drivers/infiniband/core/netlink.c:259 netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline] netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1339 netlink_sendmsg+0x8de/0xcb0 net ---truncated---

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 6.12(inclusive) to 6.12.23(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 6.13(inclusive) to 6.13.11(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 6.14(inclusive) to 6.14.2(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-416Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-416
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://git.kernel.org/stable/c/0d6460b9d2a3ee380940bdf47680751ef91cb88e416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/1d6a9e7449e2a0c1e2934eee7880ba8bd1e464cd416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/56ec8580be5174b2b9774066e60f1aad56d201db416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/edf6b543e81ba68c6dbac2499ab362098a5a9716416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
Hyperlink: https://git.kernel.org/stable/c/0d6460b9d2a3ee380940bdf47680751ef91cb88e
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/1d6a9e7449e2a0c1e2934eee7880ba8bd1e464cd
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/56ec8580be5174b2b9774066e60f1aad56d201db
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/edf6b543e81ba68c6dbac2499ab362098a5a9716
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch

Change History

0
Information is not available yet

Similar CVEs

3188Records found
CVE-2021-39634
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.02% / 5.76%
||
7 Day CHG~0.00%
Published-14 Jan, 2022 | 19:11
Updated-04 Aug, 2024 | 02:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In fs/eventpoll.c, there is a possible use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-204450605References: Upstream kernel

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CVE-2023-29336
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-79.46% / 99.06%
||
7 Day CHG~0.00%
Published-09 May, 2023 | 17:03
Updated-28 Oct, 2025 | 14:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-05-30||Apply updates per vendor instructions.
Win32k Elevation of Privilege Vulnerability

Win32k Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_1507windows_server_2012windows_server_2008windows_10_1607windows_server_2016Windows 10 Version 1507Windows 10 Version 1607Windows Server 2016 (Server Core installation)Windows Server 2008 Service Pack 2Windows Server 2012Windows Server 2012 R2Windows Server 2008 Service Pack 2Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2016Windows Server 2012 (Server Core installation)Win32k
CWE ID-CWE-416
Use After Free
CVE-2020-0642
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.49% / 65.12%
||
7 Day CHG~0.00%
Published-14 Jan, 2020 | 23:11
Updated-04 Aug, 2024 | 06:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0624.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_10windows_server_2019windows_server_2008WindowsWindows 10 Version 1909 for x64-based SystemsWindows 10 Version 1903 for x64-based SystemsWindows ServerWindows 10 Version 1903 for ARM64-based SystemsWindows 10 Version 1909 for ARM64-based SystemsWindows Server, version 1909 (Server Core installation)Windows 10 Version 1903 for 32-bit SystemsWindows Server, version 1903 (Server Core installation)Windows 10 Version 1909 for 32-bit Systems
CWE ID-CWE-416
Use After Free
CVE-2020-0434
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 2.78%
||
7 Day CHG~0.00%
Published-17 Sep, 2020 | 18:46
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Pixel's use of the Catpipe library, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-150730508

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-0242
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 0.21%
||
7 Day CHG~0.00%
Published-11 Aug, 2020 | 19:27
Updated-04 Aug, 2024 | 05:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In reset of NuPlayerDriver.cpp, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the media server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-151643722

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-667
Improper Locking
CVE-2021-35130
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.04% / 13.16%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 10:11
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption in graphics support layer due to use after free condition in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwaresm6375wsa8830wcn3991sa6150p_firmwareqca8337_firmwaresa8145p_firmwareqcs610wcd9380_firmwaresw5100psd780gqca8337wcn6856_firmwaresd888sdx65wsa8835wcn3950_firmwarewcd9380sa8150p_firmwaresd888_5gqca6595au_firmwareqcs410wcd9370wcn6855_firmwareqca6174asm7325pwcd9335_firmwareqca9377wcn3980wcn3998wcn6750wcd9385_firmwareqam8295pwcn3950sm6375_firmwarewsa8815sm7325p_firmwarewcn6850qam8295p_firmwaresm7315_firmwareqca6574au_firmwareqca6595auqca8081_firmwaresdx12_firmwarewcd9375_firmwarewcn3998_firmwarewcn3980_firmwaresm7315qca6391sa8295pwcn6740_firmwaresd778gsa6155p_firmwaresdx65_firmwareqcs6490qcm6490_firmwaresa4155p_firmwaresd480_firmwarewcn6851_firmwarewcn3988_firmwareqca6574ausa6145p_firmwaresa8155p_firmwaresd778g_firmwaresa8195pwsa8810_firmwarewcd9341_firmwaresw5100sd480wsa8810wcn6855wcn6851wcd9335sa6155psw5100p_firmwareqca8081qcs610_firmwarewcn6856sa6145pqca6174a_firmwarewcd9385wcd9341qca6696_firmwareqcs6490_firmwaresa8145pwcn6740qca6696qca6391_firmwaresa4150p_firmwarear8035wcd9375sd780g_firmwarewcn6750_firmwaresa8150pwcd9370_firmwaresa6150psd888_firmwaresa8155pwsa8830_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresw5100_firmwaresdx12qcs410_firmwaresa8295p_firmwaresa4155psa4150par8035_firmwareSnapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2021-35077
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.10% / 26.81%
||
7 Day CHG~0.00%
Published-11 Feb, 2022 | 10:40
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible use after free scenario in compute offloads to DSP while multiple calls spawn a dynamic process in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwarewsa8830sa6150p_firmwaresa8145p_firmwareqcs2290_firmwareqca8337sdx65qcs4290wcn3950_firmwaresa8150p_firmwaresd765g_firmwareqcs2290qca6595au_firmwareqca6390_firmwaresd690_5gwcd9370qrb5165n_firmwareqca9377wcn3998wcd9385_firmwarewcn3950sd_8_gen1_5g_firmwaresm6375_firmwaresd662sd460_firmwaresm7315_firmwareqca6574au_firmwareqca6595auqca8081_firmwaresdx12_firmwarewcd9375_firmwaresm7250p_firmwarewcn3998_firmwareqrb5165nsd778gsa6155p_firmwaresm6225qcs6490qrb5165_firmwareqrb5165m_firmwaresd662_firmwarewcn3988_firmwaresa6145p_firmwaresd778g_firmwaresa8195pwsa8810_firmwaresd765gsd765_firmwarewcn6851wcd9335sa6155pqca8081qca6174a_firmwareqcs4290_firmwarewcd9385qca6696_firmwareqcs6490_firmwaresd750gsd870_firmwareqca6390ar8035sd750g_firmwarewcd9375sa8150pwcn3910_firmwarewsa8830_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresm8475wcn6750_firmwareqcm2290_firmwaresm6375wcn3991qca8337_firmwarewcd9380_firmwaresd780gsd865_5gsdx55m_firmwarewcn6856_firmwaresd888wsa8835qca6574wcd9380sd888_5gqca6574asd690_5g_firmwarewcn6855_firmwareqca6174asm7325pwcd9335_firmwarewcn6750qca6574_firmwarewsa8815sm7325p_firmwarewcn6850wcn3910sd765qca6574a_firmwaresd768g_firmwareqrb5165msm7315sd460qca6391sdx55mwcn6740_firmwaresdx65_firmwareqcm4290qcm6490_firmwareqrb5165sd480_firmwarewcn6851_firmwaresm6225_firmwareqca6574ausa8155p_firmwareqcm4290_firmwaresd480sd870wcn6855wsa8810wcn6856sa6145psd768gsa8145pwcn6740qca6696qca6391_firmwaresd780g_firmwarewcd9370_firmwaresa6150psd888_firmwaresa8155psm7250psdx12ar8035_firmwareqcm2290Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-416
Use After Free
CVE-2020-0026
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.68%
||
7 Day CHG~0.00%
Published-13 Feb, 2020 | 14:22
Updated-04 Aug, 2024 | 05:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Parcel::continueWrite of Parcel.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-140419401

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-35115
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.04% / 13.38%
||
7 Day CHG~0.00%
Published-01 Apr, 2022 | 04:40
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper handling of multiple session supported by PVM backend can lead to use after free in Snapdragon Auto, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-ar6003_firmwareqca6564au_firmwareqca6584ausa6155p_firmwaresa6150p_firmwaresa8145p_firmwaremsm8996au_firmwareqca6564ausdx55m_firmwaremdm9215mdm9615mqca6574ausa6145p_firmwaremdm8215m_firmwaresa8155p_firmwaremsm8996auqca6564a_firmwaresa8195psa8540p_firmwaresa8150p_firmwarewcd9341_firmwaresa6155psa8540pmdm8215mdm9310_firmwareqca6574asa6145pmdm8615m_firmwarewcd9341mdm8615mqca6584au_firmwareapq8096auqca6564aqca6696_firmwaresa8145pqca6696mdm9615mdm8215_firmwaremdm9615m_firmwaresa9000psa8150psa6150psdx55apq8096au_firmwaresa8155pmdm9615_firmwaremdm9215_firmwaresa9000p_firmwaremdm8215mqca6574a_firmwareqca6574au_firmwaresa8195p_firmwaresdx55_firmwarear6003sdx55mmdm9310Snapdragon Auto, Snapdragon Mobile
CWE ID-CWE-416
Use After Free
CVE-2021-34498
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.24% / 46.56%
||
7 Day CHG~0.00%
Published-14 Jul, 2021 | 17:54
Updated-19 Nov, 2024 | 14:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows GDI Elevation of Privilege Vulnerability

Windows GDI Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_10windows_server_2019windows_server_2008Windows 10 Version 1607Windows Server version 2004Windows 10 Version 21H1Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 8.1Windows Server 2012 (Server Core installation)Windows 7Windows Server version 20H2Windows 10 Version 1909Windows 7 Service Pack 1Windows 10 Version 20H2Windows Server 2016Windows 10 Version 2004Windows 10 Version 1507Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)
CWE ID-CWE-416
Use After Free
CVE-2021-34486
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-34.65% / 96.94%
||
7 Day CHG~0.00%
Published-12 Aug, 2021 | 18:11
Updated-30 Oct, 2025 | 19:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-04-18||Apply updates per vendor instructions.
Windows Event Tracing Elevation of Privilege Vulnerability

Windows Event Tracing Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_1909windows_10_21h1windows_server_2004windows_10_1809windows_server_2019windows_10_2004windows_server_20h2windows_10_20h2Windows Server 2019Windows 10 Version 2004Windows 10 Version 1809Windows Server version 20H2Windows Server 2019 (Server Core installation)Windows 10 Version 21H1Windows 10 Version 20H2Windows 10 Version 1909Windows Server version 2004Windows
CWE ID-CWE-416
Use After Free
CVE-2021-34403
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.25%
||
7 Day CHG~0.00%
Published-18 Jan, 2022 | 18:05
Updated-04 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA Linux distributions contain a vulnerability in nvmap ioctl, which allows any user with a local account to exploit a use-after-free condition, leading to code privilege escalation, loss of confidentiality and integrity, or denial of service.

Action-Not Available
Vendor-Google LLCNVIDIA Corporation
Product-shield_experienceandroidSHIELD TV
CWE ID-CWE-416
Use After Free
CVE-2023-21680
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.43% / 62.27%
||
7 Day CHG~0.00%
Published-10 Jan, 2023 | 00:00
Updated-01 Jan, 2025 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Win32k Elevation of Privilege Vulnerability

Windows Win32k Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_8.1windows_rt_8.1windows_11_21h2windows_7windows_10_22h2windows_server_2022windows_10_20h2windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows 10 Version 1607Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows 8.1Windows 7Windows Server 2012 (Server Core installation)Windows 7 Service Pack 1Windows 10 Version 20H2Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2
CWE ID-CWE-416
Use After Free
CVE-2025-10994
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-4.8||MEDIUM
EPSS-0.02% / 5.42%
||
7 Day CHG~0.00%
Published-26 Sep, 2025 | 02:02
Updated-29 Sep, 2025 | 13:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Open Babel gamessformat.cpp ReadMolecule use after free

A weakness has been identified in Open Babel up to 3.1.1. This affects the function GAMESSOutputFormat::ReadMolecule of the file gamessformat.cpp. This manipulation causes use after free. It is possible to launch the attack on the local host. The exploit has been made available to the public and could be exploited.

Action-Not Available
Vendor-openbabeln/a
Product-open_babelOpen Babel
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-416
Use After Free
CVE-2025-47381
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-Not Assigned
Published-02 Mar, 2026 | 16:53
Updated-03 Mar, 2026 | 04:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Automotive Audio

Memory Corruption while processing IOCTL calls when concurrent access to shared buffer occurs.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-Snapdragon
CWE ID-CWE-416
Use After Free
CVE-2022-29919
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.09% / 25.37%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:16
Updated-27 Jan, 2025 | 18:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in the Intel(R) VROC software before version 7.7.6.1003 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-virtual_raid_on_cpuIntel(R) VROC software
CWE ID-CWE-416
Use After Free
CVE-2021-31188
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-1.14% / 78.26%
||
7 Day CHG~0.00%
Published-11 May, 2021 | 19:11
Updated-03 Aug, 2024 | 22:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Graphics Component Elevation of Privilege Vulnerability

Windows Graphics Component Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_10windows_server_2019windows_server_2008Windows 10 Version 1607Windows Server version 2004Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 8.1Windows Server 2012 (Server Core installation)Windows 7Windows Server version 20H2Windows 10 Version 1909Windows 7 Service Pack 1Windows 10 Version 20H2Windows Server 2016Windows 10 Version 2004Windows 10 Version 1507Windows Server 2008 R2 Service Pack 1Windows 10 Version 1803Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server, version 1909 (Server Core installation)Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)
CWE ID-CWE-416
Use After Free
CVE-2023-21355
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.02% / 5.17%
||
7 Day CHG~0.00%
Published-30 Oct, 2023 | 16:56
Updated-06 Sep, 2024 | 19:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In libaudioclient, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CVE-2020-0233
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 2.78%
||
7 Day CHG~0.00%
Published-11 Jun, 2020 | 14:43
Updated-04 Aug, 2024 | 05:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In main of main.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-150225255

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0611
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.19%
||
7 Day CHG~0.00%
Published-27 Sep, 2021 | 11:20
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In m4u, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05425810.

Action-Not Available
Vendor-n/aGoogle LLCMediaTek Inc.
Product-mt6757cdmt6592hmt6873mt6893mt6799mt6580mt6750mt6582emt6755smt6595mt6757cmt6765mt6737mt6883mt6891mt6592tmt6853tmt6739mt6757mt6797mt6769mt6761mt6875mt6889mt6768mt6755mt6592_90mt6771mt6758mt6833mt6732mt6885mt6582tmt6735mt6750smt6753mt6762mt6795mt6877mt6582wmt6853androidmt6757chmt6589tdmt6592emt6589mt6582hmt6582_90mt6752mt6779mt6785mt6731mt6763mt6592wMT6580, MT6582E, MT6582H, MT6582T, MT6582W, MT6582_90, MT6589, MT6589TD, MT6592E, MT6592H, MT6592T, MT6592W, MT6592_90, MT6595, MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893
CWE ID-CWE-416
Use After Free
CVE-2021-31170
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.39% / 59.50%
||
7 Day CHG~0.00%
Published-11 May, 2021 | 19:11
Updated-03 Aug, 2024 | 22:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Graphics Component Elevation of Privilege Vulnerability

Windows Graphics Component Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2019windows_10Windows 10 Version 2004Windows Server version 2004Windows 10 Version 1803Windows Server 2019 (Server Core installation)Windows 10 Version 1809Windows Server, version 1909 (Server Core installation)Windows Server 2019Windows Server version 20H2Windows 10 Version 1909Windows 10 Version 20H2
CWE ID-CWE-416
Use After Free
CVE-2011-1236
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-1.05% / 77.38%
||
7 Day CHG~0.00%
Published-13 Apr, 2011 | 20:07
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_7windows_xpwindows_server_2008windows_server_2003windows_2003_serverwindows_vistan/a
CWE ID-CWE-416
Use After Free
CVE-2011-1874
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-1.03% / 77.13%
||
7 Day CHG~0.00%
Published-13 Jul, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Use After Free Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_7windows_xpwindows_server_2008windows_server_2003windows_2003_serverwindows_vistan/a
CWE ID-CWE-416
Use After Free
CVE-2025-0015
Matching Score-4
Assigner-Arm Limited
ShareView Details
Matching Score-4
Assigner-Arm Limited
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.55%
||
7 Day CHG~0.00%
Published-03 Feb, 2025 | 10:21
Updated-18 Dec, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mali GPU Kernel Driver allows improper GPU processing operations

Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to make improper GPU processing operations to gain access to already freed memory.This issue affects Valhall GPU Kernel Driver: from r48p0 through r49p1, from r50p0 through r52p0; Arm 5th Gen GPU Architecture Kernel Driver: from r48p0 through r49p1, from r50p0 through r52p0.

Action-Not Available
Vendor-Arm Limited
Product-valhall_gpu_kernel_driver5th_gen_gpu_architecture_kernel_driverArm 5th Gen GPU Architecture Kernel DriverValhall GPU Kernel Driver
CWE ID-CWE-416
Use After Free
CVE-2020-8750
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.44%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:07
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Kernel Mode Driver for Intel(R) TXE versions before 3.1.80 and 4.0.30 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-trusted_execution_engineIntel(R) TXE
CWE ID-CWE-416
Use After Free
CVE-2021-30980
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.59% / 68.96%
||
7 Day CHG~0.00%
Published-24 Aug, 2021 | 18:51
Updated-03 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. An application may be able to execute arbitrary code with kernel privileges.

Action-Not Available
Vendor-Apple Inc.
Product-iphone_oswatchosipadostvosmac_os_xmacoswatchOSmacOSiOS and iPadOS
CWE ID-CWE-416
Use After Free
CVE-2021-30902
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.08% / 22.85%
||
7 Day CHG~0.00%
Published-24 Aug, 2021 | 18:50
Updated-03 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8.1 and iPadOS 14.8.1, iOS 15.1 and iPadOS 15.1. A local attacker may be able to cause unexpected application termination or arbitrary code execution.

Action-Not Available
Vendor-Apple Inc.
Product-iphone_osipad_osipadosiOS and iPadOS
CWE ID-CWE-416
Use After Free
CVE-2025-0304
Matching Score-4
Assigner-OpenHarmony
ShareView Details
Matching Score-4
Assigner-OpenHarmony
CVSS Score-8.8||HIGH
EPSS-0.04% / 11.63%
||
7 Day CHG~0.00%
Published-07 Feb, 2025 | 09:21
Updated-12 Feb, 2025 | 19:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Liteos_a has an use after free vulnerability

in OpenHarmony v4.1.2 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through use after free.

Action-Not Available
Vendor-OpenAtom FoundationOpenHarmony (OpenAtom Foundation)
Product-openharmonyOpenHarmony
CWE ID-CWE-416
Use After Free
CVE-2025-0427
Matching Score-4
Assigner-Arm Limited
ShareView Details
Matching Score-4
Assigner-Arm Limited
CVSS Score-7.8||HIGH
EPSS-0.08% / 23.11%
||
7 Day CHG+0.05%
Published-02 May, 2025 | 09:58
Updated-12 May, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mali GPU Kernel Driver allows access to already freed memory

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform valid GPU processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r8p0 through r49p3, from r50p0 through r51p0; Valhall GPU Kernel Driver: from r19p0 through r49p3, from r50p0 through r53p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r49p3, from r50p0 through r53p0.

Action-Not Available
Vendor-Arm Limited
Product-5th_gen_gpu_architecture_kernel_drivervalhall_gpu_kernel_driverbifrost_gpu_kernel_driverArm 5th Gen GPU Architecture Kernel DriverBifrost GPU Kernel DriverValhall GPU Kernel Driver
CWE ID-CWE-416
Use After Free
CVE-2019-8526
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.54% / 67.20%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 17:33
Updated-23 Oct, 2025 | 18:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-05-08||Apply updates per vendor instructions.

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Mojave 10.14.4. An application may be able to gain elevated privileges.

Action-Not Available
Vendor-Apple Inc.
Product-mac_os_xmacOSmacOS
CWE ID-CWE-416
Use After Free
CVE-2021-30334
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.09% / 25.40%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 10:10
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible use after free due to lack of null check of DRM file status after file structure is freed in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055qca9377_firmwaresa6150p_firmwaresm6250p_firmwareqcs610qca8337wcd9360_firmwaresdx65wcn3950_firmwaresa8150p_firmwareqcs2290qca6595au_firmwaresa6155csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaresa415mwcn3998qam8295pwcn3950sd720gqsw8573_firmwaresd_8_gen1_5g_firmwaresm6375_firmwaresd460_firmwaresm7315_firmwareqca6574au_firmwarewcd9375_firmwarewcn3998_firmwareqca8081_firmwaresa6155_firmwaremsm8909wapq8009w_firmwarewcd9360wcn3999qrb5165_firmwareqrb5165m_firmwaresa4155p_firmwareqcs6125sa8155_firmwaresd662_firmwareqcs405sd765gsw5100fsm10056_firmwareqca6436wcn6851sa6155pqcs603_firmwareqca6696_firmwaresd750gsd870_firmwarewcn3910_firmwaresxr2150p_firmwaresa8150pwsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwarewcn3988sd660_firmwaresa8195p_firmwaresm8475sa8295p_firmwarewcn6750_firmwarewcn3610sm6375wcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwaresdm429wsw5100pqca6564ausdx55m_firmwarewcn6856_firmwareqet4101_firmwareqca6574wcd9380qcs410sd690_5g_firmwaresdx24_firmwareqcn9012_firmwarewcd9335_firmwaresd439_firmwareqsw8573qcs605wcn6850wcn3910qca6426_firmwaresd730sdx55msa8295pwcn6740_firmwaresd678_firmwarear8031_firmwareqrb5165wcn6851_firmwareqcs603qca6564a_firmwareapq8009wqcm4290_firmwaresd480sd870wcn6855sw5100p_firmwaresd210_firmwareqcs610_firmwareqsm8250sa6145psdxr1ar8031qcs405_firmwaresa8145pqca6391_firmwaresa4150p_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwaresa8155pcsra6640sd675sd439qet4101qcs8155_firmwaresa4155psxr2150par8035_firmwareqcm2290qsm8250_firmwarewcn3991_firmwaremdm9150_firmwarewsa8830sd678sa8145p_firmwareqcs2290_firmwarefsm10056csrb31024csra6620fsm10055_firmwareqcs4290sd765g_firmwareqca6390_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwareqca6564qca6426qrb5165n_firmwareqca9377wcd9385_firmwaresdxr2_5g_firmwaresd662qam8295p_firmwareqcn9011_firmwaresa8155sdx55_firmwareqca6595auwcn3999_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwareqrb5165nqca6564au_firmwaresd778gsa6155p_firmwareqcs8155sa515m_firmwareqcs6490sd429sdxr2_5gsa415m_firmwarewcn3988_firmwaresa6145p_firmwaresd205sd429_firmwaresd778g_firmwaresm6250sa8195psd765_firmwarewcd9335qca8081qca6174a_firmwareqcs4290_firmwarewcd9385qcs6490_firmwarear8035qca6390sd750g_firmwareaqt1000wcd9375sm6250_firmwaresda429wsd210wcn3620_firmwareqcm6490sd888_5g_firmwarewcn6850_firmwarewcn3620wsa8835_firmwareqcx315qca6564asa4150pqcm6125_firmwareqcm2290_firmwaresd_675sd780gsd865_5gsdx24qcn9012sd888msm8909w_firmwareqcx315_firmwarewsa8835sdm429w_firmwaresd665_firmwaresd888_5gsm6250pqca6574awcn6855_firmwareqca6174asm7325pwcn6750sa515mqca6574_firmwaresd855sm7325p_firmwaresd665sd765qca6574a_firmwaresd768g_firmwareqrb5165msm7315sd460qca6391sdxr1_firmwareaqt1000_firmwaresdx65_firmwareqcm4290csrb31024_firmwareqcm6490_firmwaresd480_firmwareqcn9011qca6574ausa8155p_firmwaresd205_firmwareqcm6125mdm9150wcn6856qca6564_firmwaresd768gwcn6740qca6696sa6150psm7250psd720g_firmwaresw5100_firmwareqcs410_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2025-54912
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.08%
||
7 Day CHG~0.00%
Published-09 Sep, 2025 | 17:01
Updated-20 Feb, 2026 | 16:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows BitLocker Elevation of Privilege Vulnerability

Use after free in Windows BitLocker allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_1507windows_server_2022windows_11_22h2windows_11_24h2windows_10_22h2windows_10_1607windows_10_21h2windows_11_23h2windows_server_2008windows_server_2012windows_server_2016windows_server_2019windows_server_2025windows_server_2022_23h2windows_10_1809Windows Server 2025Windows Server 2008 R2 Service Pack 1Windows 11 Version 23H2Windows Server 2012 (Server Core installation)Windows 10 Version 1809Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 version 22H3Windows Server 2016 (Server Core installation)Windows 10 Version 22H2Windows Server 2019Windows Server 2022Windows 10 Version 1607Windows 11 Version 24H2Windows Server 2025 (Server Core installation)Windows Server 2019 (Server Core installation)Windows Server 2016Windows 11 version 22H2Windows Server 2012 R2Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2012Windows Server 2012 R2 (Server Core installation)
CWE ID-CWE-416
Use After Free
CVE-2021-30337
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.04% / 10.76%
||
7 Day CHG~0.00%
Published-03 Jan, 2022 | 07:26
Updated-22 May, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible use after free when process shell memory is freed using IOCTL call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-ipq8072a_firmwaresa515m_firmwaresd662_firmwareqsw8573_firmwarewcn3998_firmwareqcn9074sd720g_firmwaresdm429w_firmwarecsr8811qrb5165n_firmwareqca9367_firmwaresd865_5g_firmwarear9380qcn5122_firmwaresa8155_firmwareqca9985wcd9326_firmwareipq4028wcn6850_firmwareqca9889_firmwareqca6574ipq8076_firmwareqcm6490_firmwarewcn3980sdx55sdx12sd845_firmwaresm6250sm6250_firmwareipq8065qca9880_firmwarepmp8074wcn3910mdm9640pmp8074_firmwaresa8195pipq8068_firmwareqca9888_firmwarewcd9330_firmwareqca6696qca4024_firmwareapq8017_firmwaresda429wwcn3910_firmwareqca6390sm8450pqet4101qca8072_firmwaresd678_firmwarecsra6640_firmwareqcs4290ipq8174qca6436_firmwaresdx55m_firmwaresd855_firmwarewcd9326wcn3991_firmwarewcd9335qcn5021qcn9100qcn5064wcn3615_firmwareqcs610sd865_5gsa8150pqca7500wcn3680b_firmwareipq8078awcn3990mdm9650wcn3988qca6174asm6250pcsra6640qsw8573ipq8173sm7250p_firmwaresd675qca9990sm8450sm8450p_firmwareqcs2290_firmwareipq6018_firmwareipq8071_firmwaremdm9628_firmwaresdw2500qca6574aqcs410_firmwareapq8009wqcn5052_firmwaremdm9640_firmwareipq4018qca6564_firmwareqca8072sa6155_firmwaremsm8996auqca9990_firmwareqcs410sd210_firmwareqca9992sd768g_firmwarewcd9360_firmwarewcn3999_firmwarewcd9341_firmwareqcn9074_firmwaresd_675wcn6750_firmwaresd690_5g_firmwarewcn3999qca6428sd205_firmwaresa8150p_firmwareqcn5054_firmwareqca9980msm8996au_firmwarewcn6856qcn9024_firmwareqca6426_firmwareipq8070awcn3610mdm9628sd870apq8009w_firmwareqca6436qcs4290_firmwareqca6595au_firmwareqca6584_firmwareqca6391_firmwarewsa8835qca6390_firmwarewcd9340wcd9375_firmwareipq8070_firmwareqca6564a_firmwarear8035wcd9380_firmwarewcd9385qcn5122sd750g_firmwaremdm9150_firmwarewcn3660bsa8145psdx20qcs6490qca6574auqca8337_firmwareapq8096auwsa8830_firmwarewcn3615qcn5164_firmwareqcn6023sa6145p_firmwaremdm9607_firmwareipq5018qcn9070qcn5022_firmwarequalcomm215csra6620_firmwareqca6574a_firmwareipq8078a_firmwareqrb5165sd765wcn6851_firmwaresd665sd460_firmwaresd429sd870_firmwareqca6564au_firmwarewcn6850wsa8815_firmwarewsa8815qet4101_firmwareipq8070apq8009wcn3998qca7500_firmwareqcs6490_firmwareqcs605sd765_firmwaremsm8909w_firmwaresd768gqca8075_firmwareqcm6490ipq8076asdx55_firmwarewcn6855_firmwaremdm9607qca9985_firmwaresa8155p_firmwareipq5018_firmwaresdx55mqcn9022_firmwareqca9888qca9994wcn6855sdx20_firmwareapq8017sd765gsd460qca9377_firmwareipq8074a_firmwareqcs603qcs603_firmwareipq8074ipq4028_firmwaresd660_firmwareqcn6024ar9380_firmwareqca6574_firmwareqca8075qcn9000wcn3950ipq8070a_firmwarewcd9340_firmwarewsa8810qcm2290_firmwarewcn3980_firmwareqcm2290wcd9330sdxr1_firmwareqca6564auwcn3620ipq8074aqcx315_firmwareqcn6132ipq8071a_firmwareqcn5024qcm4290_firmwarewcn3620_firmwareaqt1000_firmwareapq8096au_firmwareqca9880qcn9012_firmwareqcn5550_firmwaresa415mqca6438_firmwareipq8076wcn3660b_firmwareqca6564aipq8074_firmwareqca9886sdx12_firmwarefsm10056wcn6856_firmwaremdm9206wcd9341mdm9250sa8155ipq4019wcd9370qcn6122qca9980_firmwaresd429_firmwaresd678ar8035_firmwaresd675_firmwareipq5010_firmwareqcn5152_firmwareqca9898_firmwareqcs405_firmwaremdm9650_firmwaresa6150p_firmwareqcn5052ipq5028sdx24ipq8072aipq6000_firmwareipq8076a_firmwareipq6010_firmwaresa8195p_firmwareqcn9024wcd9335_firmwareqca6426ipq8071sd720gqcn5064_firmwareqcs2290sd765g_firmwarewcd9380qcn9070_firmwareqca8337qcs610_firmwareqca6564qcn6132_firmwareqca6428_firmwaresdxr2_5g_firmwaresm7250pqcn5154_firmwareipq8072_firmwarewsa8830qca9984sa415m_firmwareqca6584ausd730fsm10055wcd9370_firmwareipq6028qcn5024_firmwarecsra6620sm6250p_firmwareqcn5124qca6696_firmwarefsm10056_firmwareqca6438wsa8835_firmwareqcn5550sdm429wwcd9385_firmwarewcn3990_firmwaresd665_firmwaresd845qcm4290ipq8068qcn9072qcn9072_firmwaresdxr1sa6155sd750gmdm9250_firmwaresd855qca9367ipq8078_firmwaresda429w_firmwaresa8145p_firmwaresa6145pqca6584qca9886_firmwarequalcomm215_firmwareqrb5165nqca9984_firmwarewcd9375sa6150pqca9889sa6155p_firmwaremdm9206_firmwaresm8450_firmwareipq8174_firmwarewcn3991qcn6024_firmwareqcn5164qcn5154sd205qca9994_firmwareipq4029mdm9150wcn3988_firmwareqca9992_firmwarear8031_firmwarecsrb31024qsm8250_firmwareqca9377qrb5165_firmwaresa8155pipq8078qcn9012ipq8064_firmwaresm6225qca6174a_firmwareqcn6122_firmwareipq6010ipq4019_firmwareipq8071aipq4018_firmwareipq6018qca8081_firmwarewcd9360qcn9000_firmwareipq5010csrb31024_firmwareqcn5124_firmwaresd730_firmwarewcn3950_firmwareqca6584au_firmwareipq4029_firmwareqcn5054ipq6028_firmwareipq5028_firmwarewcn6750qcn5152qcx315sd662apq8009_firmwaremsm8909wipq8064wsa8810_firmwareqca6574au_firmwaresdxr2_5gwcn3680bar8031sdw2500_firmwarecsr8811_firmwaresm6225_firmwareipq8065_firmwareqca9898qcn6023_firmwareipq8173_firmwareqcn5021_firmwarefsm10055_firmwareqca8081qca6391ipq8072ipq6000qca4024sa6155pqcn9022qca6595ausa515mqcs605_firmwarewcn3610_firmwareqcn5022aqt1000qcs405sdx24_firmwaresd690_5gwcn6851qsm8250sd210sd660qcn9100_firmwaresd_675_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-416
Use After Free
CVE-2025-54102
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.08% / 24.69%
||
7 Day CHG~0.00%
Published-09 Sep, 2025 | 17:00
Updated-26 Feb, 2026 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Connected Devices Platform Service Elevation of Privilege Vulnerability

Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2022windows_11_22h2windows_11_24h2windows_10_22h2windows_10_1607windows_10_21h2windows_11_23h2windows_server_2016windows_server_2019windows_server_2025windows_server_2022_23h2windows_10_1809Windows Server 2019 (Server Core installation)Windows 10 Version 21H2Windows 10 Version 22H2Windows 11 Version 23H2Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2025 (Server Core installation)Windows 11 version 22H2Windows 11 version 22H3Windows 10 Version 1607Windows Server 2019Windows Server 2022Windows Server 2025Windows Server 2016 (Server Core installation)Windows 11 Version 24H2Windows Server 2016Windows 10 Version 1809
CWE ID-CWE-416
Use After Free
CVE-2022-22090
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.04% / 13.16%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 09:40
Updated-03 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption in audio due to use after free while managing buffers from internal cache in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm8475_firmwaresm7450_firmwarewcd9380_firmwarewsa8830sdx65_firmwarewcn7851wsa8832_firmwaresd865_5gwcn6851_firmwarewcn6856_firmwaresdx65wsa8835wsa8810_firmwarewcd9380sd888_5gwsa8810wsa8832wcn6855wcn6851wcd9370wcn7851_firmwarewcn6856wcn6855_firmwarewcd9385wcn6750wcd9385_firmwarewcd9375wcd9370_firmwarewcn6750_firmwaresd_8_gen1_5g_firmwarewsa8815wcn6850wsa8830_firmwaresd865_5g_firmwarewsa8815_firmwaresd888_5g_firmwarewcn6850_firmwarewcn7850_firmwarewcn7850wsa8835_firmwaresm7450wcd9375_firmwaresm8475sm8475p_firmwaresm8475pSnapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile
CWE ID-CWE-416
Use After Free
CVE-2023-46691
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-7.9||HIGH
EPSS-0.08% / 23.69%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-28 Aug, 2025 | 01:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Intel(R) Power Gadget software for Windows all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel CorporationMicrosoft Corporation
Product-windowspower_gadgetIntel(R) Power Gadget software for Windowspower_gadget_software
CWE ID-CWE-416
Use After Free
CVE-2023-43521
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 8.44%
||
7 Day CHG~0.00%
Published-06 May, 2024 | 14:32
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in HLOS

Memory corruption when multiple listeners are being registered with the same file descriptor.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sw5100pqcs410_firmwaresa6150p_firmwaresd865_5gqcs610_firmwaresxr2130_firmwaresrv1mqca8081_firmwarewcd9370ar8035_firmwareqca6696wcd9340_firmwarewcd9341_firmwareqcc710_firmwareqca6426wcn3610qcn9074wsa8815_firmwaresnapdragon_wear_4100\+_firmwaresa8195p_firmwareqca8337_firmwareqca8337qca6426_firmwareqca6574au_firmwaresnapdragon_x72_5g_modem-rfqam8295pwcd9341qca6574ausa8620p_firmwarewcn3950wsa8810_firmwaresnapdragon_870_5g_mobile_firmwaresa9000p_firmwaresrv1hsnapdragon_auto_5g_modem-rf_gen_2_firmwarewcn3660b_firmwarefastconnect_6800_firmwaresa8295p_firmwaresnapdragon_870_5g_mobilevideo_collaboration_vc1_platform_firmwaresa8770pc-v2x_9150qca6584auqcn6274_firmwareqcc710snapdragon_xr2_5g_firmwaresw5100_firmwarefastconnect_6800qfw7114_firmwaresnapdragon_wear_4100\+fastconnect_7800_firmwarefastconnect_6900snapdragon_w5\+_gen_1_wearable_firmwarevideo_collaboration_vc1_platformsnapdragon_865_5g_mobile_firmwaresa7255pqfw7114fastconnect_6900_firmwareqam8255p_firmwarewcd9380sa6145p_firmwareqam8255psnapdragon_xr2_5gsnapdragon_8_gen_1_mobile_firmwaresa8150psa6155pwsa8810qam8650psa9000psrv1h_firmwaresw5100video_collaboration_vc3_platformc-v2x_9150_firmwaresa6155p_firmwareqam8295p_firmwaresrv1m_firmwaresnapdragon_x55_5g_modem-rfqfw7124_firmwareqca6698aq_firmwareqca6436_firmwaresnapdragon_8_gen_1_mobilesnapdragon_x55_5g_modem-rf_firmwarewcn3610_firmwaresa8255psnapdragon_865\+_5g_mobilewcd9370_firmwaresa7255p_firmwaresnapdragon_x72_5g_modem-rf_firmwarewcn3660bsxr2130qca6174asa8195pwcd9340qamsrv1msnapdragon_auto_5g_modem-rf_gen_2qca6174a_firmwareqam8650p_firmwarewcn3988qca6584au_firmwarewcn3980_firmwareqcn6274qca6436qfw7124sa8775psnapdragon_w5\+_gen_1_wearablewsa8835qca6391_firmwaresw5100p_firmwaresa8775p_firmwareqamsrv1hqca6696_firmwarewcd9380_firmwaresa6150pqcs410sa8155p_firmwareqca8081wsa8815sa8155pwsa8830qam8775psa6145psnapdragon_x75_5g_modem-rfqcn9074_firmwaresa8620psa8255p_firmwarear8035qamsrv1m_firmwaresa8650p_firmwaresnapdragon_865_5g_mobileqca6391qcn6224snapdragon_865\+_5g_mobile_firmwareqca6698aqwcn3950_firmwaresa8770p_firmwaresa8295pfastconnect_7800sa8145p_firmwaresa8650pqam8775p_firmwaresd865_5g_firmwarewcn3680bsa8150p_firmwarewcn3988_firmwareqamsrv1h_firmwarevideo_collaboration_vc3_platform_firmwaresa8145psnapdragon_x75_5g_modem-rf_firmwarewsa8835_firmwarewcn3980wsa8830_firmwarewcn3680b_firmwareqcn6224_firmwareqcs610Snapdragonqam8255p_firmwarequalcomm_video_collaboration_vc1_platform_firmwareqca8337_firmwarewcd9380_firmwaresa6150p_firmwaresa8145p_firmwareqcn6224_firmwarewcn3950_firmwaresa8150p_firmwaresnapdragon_x72_5g_modem-rf_system_firmwareqca6584au_firmwarec-v2x_9150_firmwareqfw7114_firmwarequalcomm_video_collaboration_vc3_platform_firmwareqamsrv1h_firmwarewcd9340_firmwareqam8295p_firmwaresnapdragon_xr2_5g_platform_firmwareqca6426_firmwarewcn3660b_firmwaresa9000p_firmwarewcn3680b_firmwareqca6574au_firmwareqca8081_firmwarewcn3980_firmwaresnapdragon_x55_5g_modem-rf_system_firmwarewcn3610_firmwareqca6436_firmwaresa8620p_firmwaresa6155p_firmwareqcn6274_firmwaresa8775p_firmwaresa8650p_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwaresrv1h_firmwarewcn3988_firmwaresa6145p_firmwaresa8155p_firmwaresa7255p_firmwarewsa8810_firmwarewcd9341_firmwarefastconnect_7800_firmwaresa8255p_firmwaresw5100p_firmwareqcs610_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqca6698aq_firmwareqamsrv1m_firmwaresrv1m_firmwareqca6174a_firmwareqam8650p_firmwaresa8770p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqam8775p_firmwaresxr2130_firmwareqca6696_firmwareqca6391_firmwarewcd9370_firmwareqcc710_firmwarewsa8830_firmwaresd865_5g_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwaresw5100_firmwareqcn9074_firmwarefastconnect_6800_firmwareqcs410_firmwaresa8295p_firmwareqfw7124_firmwarear8035_firmware
CWE ID-CWE-416
Use After Free
CVE-2023-43544
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 10.87%
||
7 Day CHG~0.00%
Published-03 Jun, 2024 | 10:05
Updated-27 Jan, 2025 | 19:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Audio

Memory corruption when IPC callback handle is used after it has been released during register callback by another thread.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6584au_firmwarewsa8835wsa8835_firmwarewcn3988_firmwareqca8337_firmwaresa9000pqfw7124_firmwaresnapdragon_w5\+_gen_1_wearablewsa8830qcc710qca6698aqqca8081_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqca6584auqcn6224_firmwareqfw7114_firmwareqca8081sa8770p_firmwaresnapdragon_w5\+_gen_1_wearable_firmwaresw5100_firmwaresnapdragon_x75_5g_modem-rfqcn6224qcn6274_firmwareqfw7114fastconnect_7800qca6698aq_firmwaresa9000p_firmwareqam8255par8035fastconnect_7800_firmwaresw5100p_firmwaresa8255p_firmwaresnapdragon_auto_5g_modem-rf_gen_2sw5100pwcd9340sa8775pqca8337wcn3980_firmwareqcc710_firmwarear8035_firmwareqcn6274qfw7124wcn3980qam8255p_firmwarewcd9340_firmwaresa8255psa8775p_firmwarewcn3988qam8775psa8770pwsa8830_firmwaresw5100qam8775p_firmwaresnapdragon_x75_5g_modem-rf_firmwareSnapdragonqam8255p_firmwareqca8337_firmwaresa8770p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqam8775p_firmwareqca6584au_firmwareqcn6274_firmwaresa8775p_firmwareqfw7114_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewcd9340_firmwarewcn3988_firmwareqcc710_firmwareqcn6224_firmwarewsa8830_firmwaresa9000p_firmwarewsa8835_firmwarefastconnect_7800_firmwaresw5100_firmwareqca8081_firmwarewcn3980_firmwaresa8255p_firmwareqfw7124_firmwaresw5100p_firmwarear8035_firmwareqca6698aq_firmwaresnapdragon_w5\+_gen_1_wearable_platform_firmware
CWE ID-CWE-416
Use After Free
CVE-2021-26900
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-5.33% / 89.92%
||
7 Day CHG~0.00%
Published-11 Mar, 2021 | 15:44
Updated-03 Aug, 2024 | 20:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Win32k Elevation of Privilege Vulnerability

Windows Win32k Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_10Windows 10 Version 2004Windows Server version 2004Windows Server, version 1909 (Server Core installation)Windows Server version 20H2Windows 10 Version 1909Windows 10 Version 20H2
CWE ID-CWE-416
Use After Free
CVE-2023-43514
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.11% / 29.83%
||
7 Day CHG~0.00%
Published-02 Jan, 2024 | 05:38
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in DSP Services

Memory corruption while invoking IOCTLs calls from user space for internal mem MAP and internal mem UNMAP.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1010_firmwareqcm8550_firmwaresw5100pwsa8845_firmwareqca6595wcd9370qca8081_firmwarear8035_firmwareqca6696wsa8830_firmwarewcd9340_firmwaresnapdragon_w5\+_gen_1_wearable_platform_firmwarewcd9395_firmwareqcc710_firmwarefastconnect_6700wsa8815_firmwaresa8195p_firmwareqca8337_firmwareqca8337qdu1110wcd9395snapdragon_680_4g_mobile_platformsg8275p_firmwareqcm6490_firmwareqca6574au_firmwareqam8295pqca6574auqru1032wcd9390flight_rb5_5g_platformwcn3950wsa8810_firmwarewsa8845h_firmwareqca6797aq_firmwaresa8295p_firmwaresnapdragon_695_5g_mobile_platformsnapdragon_4_gen_1_mobile_platform_firmwareqcn6274_firmwareqcc710qru1062_firmwaresw5100_firmwaresnapdragon_480\+_5g_mobile_platform_firmwareqru1062snapdragon_695_5g_mobile_platform_firmwareqfw7114_firmwareqca6595_firmwareqcs7230fastconnect_7800_firmwarefastconnect_6900snapdragon_685_4g_mobile_platform_firmwareqru1032_firmwareqfw7114wcd9385_firmwarefastconnect_6900_firmwareqam8255p_firmwarewcd9380qam8255psnapdragon_4_gen_1_mobile_platformsnapdragon_685_4g_mobile_platformsnapdragon_8\+_gen_2_mobile_platform_firmwarewsa8845sa6155pwsa8810qam8650pqdu1000_firmwarevideo_collaboration_vc5_platform_firmwaresnapdragon_8\+_gen_2_mobile_platformsw5100qca6595auvideo_collaboration_vc3_platformqdu1010sa6155p_firmwarewsa8840qam8295p_firmwareqcs8550_firmwareqdu1210_firmwareqfw7124_firmwareqca6698aq_firmwarewcd9385snapdragon_8_gen_2_mobile_platformsa8255pqcs7230_firmwarewcd9390_firmwaresg8275pwcd9370_firmwareqdx1011_firmwareqdu1110_firmwareqdu1000qca6574aqru1052sa8195pwcd9340qcs8250_firmwareqdu1210qcm6490qam8650p_firmwarevideo_collaboration_vc5_platformsm8550p_firmwareqcm8550wcn3988qcs6490_firmwarewcn3980_firmwareqcn6274qca6574qfw7124qrb5165n_firmwaresnapdragon_480_5g_mobile_platform_firmwareqca6595au_firmwareqca6391_firmwaresnapdragon_x75_5g_modem-rf_systemwsa8835wsa8840_firmwareqdu1010_firmwaresw5100p_firmwareqca6696_firmwarewsa8845hwcd9380_firmwareqca6574_firmwaresa8155p_firmwareqca8081wsa8815sg4150psa8155pwsa8830qam8775pqca6797aqsm8550pqcm4325_firmwaresa8255p_firmwareflight_rb5_5g_platform_firmwarear8035qca6574a_firmwaresnapdragon_480\+_5g_mobile_platformqcm4325wcd9375_firmwarerobotics_rb5_platformqca6391qcn6224qca6698aqsg4150p_firmwaresnapdragon_480_5g_mobile_platformqru1052_firmwareqrb5165nsa8295psnapdragon_8_gen_2_mobile_platform_firmwarewcn3950_firmwarerobotics_rb5_platform_firmwareqcs8550fastconnect_6200fastconnect_7800qam8775p_firmwareqdx1011wcd9375snapdragon_w5\+_gen_1_wearable_platformwcn3988_firmwarefastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwarewsa8835_firmwaresnapdragon_680_4g_mobile_platform_firmwaresnapdragon_x75_5g_modem-rf_system_firmwareqcs6490qcs8250wcn3980fastconnect_6200_firmwareqdx1010qcn6224_firmwareSnapdragonsnapdragon
CWE ID-CWE-416
Use After Free
CVE-2023-4295
Matching Score-4
Assigner-Arm Limited
ShareView Details
Matching Score-4
Assigner-Arm Limited
CVSS Score-7.8||HIGH
EPSS-0.15% / 35.03%
||
7 Day CHG~0.00%
Published-07 Nov, 2023 | 15:42
Updated-16 Dec, 2025 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mali GPU Kernel Driver allows improper GPU memory processing operations

A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory.

Action-Not Available
Vendor-Arm Limited
Product-mali_gpu_kernel_drivervalhall_gpu_kernel_driverArm 5th Gen GPU Architecture Kernel DriverValhall GPU Kernel Driver
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-416
Use After Free
CVE-2023-42892
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.84%
||
7 Day CHG~0.00%
Published-28 Mar, 2024 | 15:39
Updated-04 Nov, 2025 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.6.3, macOS Sonoma 14.2, macOS Monterey 12.7.2. A local attacker may be able to elevate their privileges.

Action-Not Available
Vendor-Apple Inc.
Product-macosmacOSmacos
CWE ID-CWE-416
Use After Free
CVE-2023-40084
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.71%
||
7 Day CHG~0.00%
Published-04 Dec, 2023 | 22:40
Updated-02 Aug, 2024 | 18:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In run of MDnsSdListener.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CVE-2023-40140
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.85%
||
7 Day CHG~0.00%
Published-27 Oct, 2023 | 20:22
Updated-09 Sep, 2024 | 20:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In android_view_InputDevice_create of android_view_InputDevice.cpp, there is a possible way to execute arbitrary code due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroid
CWE ID-CWE-416
Use After Free
CVE-2023-40115
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.8||CRITICAL
EPSS-0.05% / 13.96%
||
7 Day CHG~0.00%
Published-15 Feb, 2024 | 22:31
Updated-13 Dec, 2024 | 20:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In readLogs of StatsService.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroid
CWE ID-CWE-416
Use After Free
CVE-2023-40107
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.4||HIGH
EPSS-0.02% / 5.32%
||
7 Day CHG~0.00%
Published-15 Feb, 2024 | 22:31
Updated-13 Dec, 2024 | 21:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ARTPWriter of ARTPWriter.cpp, there is a possible use after free due to uninitialized data. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroid
CWE ID-CWE-416
Use After Free
CVE-2023-40100
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-8.4||HIGH
EPSS-0.02% / 5.02%
||
7 Day CHG~0.00%
Published-15 Feb, 2024 | 22:31
Updated-16 Dec, 2024 | 19:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In discovery_thread of Dns64Configuration.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroid
CWE ID-CWE-416
Use After Free
CVE-2023-38139
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.58% / 68.76%
||
7 Day CHG~0.00%
Published-12 Sep, 2023 | 16:58
Updated-30 Oct, 2025 | 18:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows 11 version 21H2Windows Server 2016 (Server Core installation)Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2019 (Server Core installation)Windows 10 Version 22H2Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2012 (Server Core installation)Windows Server 2022Windows Server 2019Windows 10 Version 1507Windows 10 Version 1607Windows 10 Version 21H2Windows Server 2008 Service Pack 2Windows Server 2012 R2Windows 10 Version 1809Windows 11 version 22H2Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows Server 2008 R2 Service Pack 1Windows Server 2016
CWE ID-CWE-416
Use After Free
CVE-2023-38161
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.54%
||
7 Day CHG~0.00%
Published-12 Sep, 2023 | 16:58
Updated-30 Oct, 2025 | 18:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows GDI Elevation of Privilege Vulnerability

Windows GDI Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows 11 version 21H2Windows Server 2016 (Server Core installation)Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2019 (Server Core installation)Windows 10 Version 22H2Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2012 (Server Core installation)Windows Server 2022Windows Server 2019Windows 10 Version 1507Windows 10 Version 1607Windows 10 Version 21H2Windows Server 2008 Service Pack 2Windows Server 2012 R2Windows 10 Version 1809Windows 11 version 22H2Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows Server 2008 R2 Service Pack 1Windows Server 2016
CWE ID-CWE-416
Use After Free
CVE-2023-39070
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.71%
||
7 Day CHG~0.00%
Published-11 Sep, 2023 | 00:00
Updated-26 Sep, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in Cppcheck 2.12 dev allows a local attacker to execute arbitrary code via the removeContradiction parameter in token.cpp:1934.

Action-Not Available
Vendor-cppchecksolutionsn/a
Product-cppcheckn/a
CWE ID-CWE-416
Use After Free
  • Previous
  • 1
  • 2
  • ...
  • 55
  • 56
  • 57
  • ...
  • 63
  • 64
  • Next
Details not found