Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-22085

Summary
Assigner-Linux
Assigner Org ID-416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At-16 Apr, 2025 | 14:12
Updated At-26 May, 2025 | 05:18
Rejected At-
Credits

RDMA/core: Fix use-after-free when rename device name

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix use-after-free when rename device name Syzbot reported a slab-use-after-free with the following call trace: ================================================================== BUG: KASAN: slab-use-after-free in nla_put+0xd3/0x150 lib/nlattr.c:1099 Read of size 5 at addr ffff888140ea1c60 by task syz.0.988/10025 CPU: 0 UID: 0 PID: 10025 Comm: syz.0.988 Not tainted 6.14.0-rc4-syzkaller-00859-gf77f12010f67 #0 Hardware name: Google Compute Engine, BIOS Google 02/12/2025 Call Trace: <TASK> __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120 print_address_description mm/kasan/report.c:408 [inline] print_report+0x16e/0x5b0 mm/kasan/report.c:521 kasan_report+0x143/0x180 mm/kasan/report.c:634 kasan_check_range+0x282/0x290 mm/kasan/generic.c:189 __asan_memcpy+0x29/0x70 mm/kasan/shadow.c:105 nla_put+0xd3/0x150 lib/nlattr.c:1099 nla_put_string include/net/netlink.h:1621 [inline] fill_nldev_handle+0x16e/0x200 drivers/infiniband/core/nldev.c:265 rdma_nl_notify_event+0x561/0xef0 drivers/infiniband/core/nldev.c:2857 ib_device_notify_register+0x22/0x230 drivers/infiniband/core/device.c:1344 ib_register_device+0x1292/0x1460 drivers/infiniband/core/device.c:1460 rxe_register_device+0x233/0x350 drivers/infiniband/sw/rxe/rxe_verbs.c:1540 rxe_net_add+0x74/0xf0 drivers/infiniband/sw/rxe/rxe_net.c:550 rxe_newlink+0xde/0x1a0 drivers/infiniband/sw/rxe/rxe.c:212 nldev_newlink+0x5ea/0x680 drivers/infiniband/core/nldev.c:1795 rdma_nl_rcv_skb drivers/infiniband/core/netlink.c:239 [inline] rdma_nl_rcv+0x6dd/0x9e0 drivers/infiniband/core/netlink.c:259 netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline] netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1339 netlink_sendmsg+0x8de/0xcb0 net/netlink/af_netlink.c:1883 sock_sendmsg_nosec net/socket.c:709 [inline] __sock_sendmsg+0x221/0x270 net/socket.c:724 ____sys_sendmsg+0x53a/0x860 net/socket.c:2564 ___sys_sendmsg net/socket.c:2618 [inline] __sys_sendmsg+0x269/0x350 net/socket.c:2650 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f42d1b8d169 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 ... RSP: 002b:00007f42d2960038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 00007f42d1da6320 RCX: 00007f42d1b8d169 RDX: 0000000000000000 RSI: 00004000000002c0 RDI: 000000000000000c RBP: 00007f42d1c0e2a0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000000 R14: 00007f42d1da6320 R15: 00007ffe399344a8 </TASK> Allocated by task 10025: kasan_save_stack mm/kasan/common.c:47 [inline] kasan_save_track+0x3f/0x80 mm/kasan/common.c:68 poison_kmalloc_redzone mm/kasan/common.c:377 [inline] __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394 kasan_kmalloc include/linux/kasan.h:260 [inline] __do_kmalloc_node mm/slub.c:4294 [inline] __kmalloc_node_track_caller_noprof+0x28b/0x4c0 mm/slub.c:4313 __kmemdup_nul mm/util.c:61 [inline] kstrdup+0x42/0x100 mm/util.c:81 kobject_set_name_vargs+0x61/0x120 lib/kobject.c:274 dev_set_name+0xd5/0x120 drivers/base/core.c:3468 assign_name drivers/infiniband/core/device.c:1202 [inline] ib_register_device+0x178/0x1460 drivers/infiniband/core/device.c:1384 rxe_register_device+0x233/0x350 drivers/infiniband/sw/rxe/rxe_verbs.c:1540 rxe_net_add+0x74/0xf0 drivers/infiniband/sw/rxe/rxe_net.c:550 rxe_newlink+0xde/0x1a0 drivers/infiniband/sw/rxe/rxe.c:212 nldev_newlink+0x5ea/0x680 drivers/infiniband/core/nldev.c:1795 rdma_nl_rcv_skb drivers/infiniband/core/netlink.c:239 [inline] rdma_nl_rcv+0x6dd/0x9e0 drivers/infiniband/core/netlink.c:259 netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline] netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1339 netlink_sendmsg+0x8de/0xcb0 net ---truncated---

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Linux
Assigner Org ID:416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At:16 Apr, 2025 | 14:12
Updated At:26 May, 2025 | 05:18
Rejected At:
â–¼CVE Numbering Authority (CNA)
RDMA/core: Fix use-after-free when rename device name

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix use-after-free when rename device name Syzbot reported a slab-use-after-free with the following call trace: ================================================================== BUG: KASAN: slab-use-after-free in nla_put+0xd3/0x150 lib/nlattr.c:1099 Read of size 5 at addr ffff888140ea1c60 by task syz.0.988/10025 CPU: 0 UID: 0 PID: 10025 Comm: syz.0.988 Not tainted 6.14.0-rc4-syzkaller-00859-gf77f12010f67 #0 Hardware name: Google Compute Engine, BIOS Google 02/12/2025 Call Trace: <TASK> __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120 print_address_description mm/kasan/report.c:408 [inline] print_report+0x16e/0x5b0 mm/kasan/report.c:521 kasan_report+0x143/0x180 mm/kasan/report.c:634 kasan_check_range+0x282/0x290 mm/kasan/generic.c:189 __asan_memcpy+0x29/0x70 mm/kasan/shadow.c:105 nla_put+0xd3/0x150 lib/nlattr.c:1099 nla_put_string include/net/netlink.h:1621 [inline] fill_nldev_handle+0x16e/0x200 drivers/infiniband/core/nldev.c:265 rdma_nl_notify_event+0x561/0xef0 drivers/infiniband/core/nldev.c:2857 ib_device_notify_register+0x22/0x230 drivers/infiniband/core/device.c:1344 ib_register_device+0x1292/0x1460 drivers/infiniband/core/device.c:1460 rxe_register_device+0x233/0x350 drivers/infiniband/sw/rxe/rxe_verbs.c:1540 rxe_net_add+0x74/0xf0 drivers/infiniband/sw/rxe/rxe_net.c:550 rxe_newlink+0xde/0x1a0 drivers/infiniband/sw/rxe/rxe.c:212 nldev_newlink+0x5ea/0x680 drivers/infiniband/core/nldev.c:1795 rdma_nl_rcv_skb drivers/infiniband/core/netlink.c:239 [inline] rdma_nl_rcv+0x6dd/0x9e0 drivers/infiniband/core/netlink.c:259 netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline] netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1339 netlink_sendmsg+0x8de/0xcb0 net/netlink/af_netlink.c:1883 sock_sendmsg_nosec net/socket.c:709 [inline] __sock_sendmsg+0x221/0x270 net/socket.c:724 ____sys_sendmsg+0x53a/0x860 net/socket.c:2564 ___sys_sendmsg net/socket.c:2618 [inline] __sys_sendmsg+0x269/0x350 net/socket.c:2650 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f42d1b8d169 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 ... RSP: 002b:00007f42d2960038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 00007f42d1da6320 RCX: 00007f42d1b8d169 RDX: 0000000000000000 RSI: 00004000000002c0 RDI: 000000000000000c RBP: 00007f42d1c0e2a0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000000 R14: 00007f42d1da6320 R15: 00007ffe399344a8 </TASK> Allocated by task 10025: kasan_save_stack mm/kasan/common.c:47 [inline] kasan_save_track+0x3f/0x80 mm/kasan/common.c:68 poison_kmalloc_redzone mm/kasan/common.c:377 [inline] __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394 kasan_kmalloc include/linux/kasan.h:260 [inline] __do_kmalloc_node mm/slub.c:4294 [inline] __kmalloc_node_track_caller_noprof+0x28b/0x4c0 mm/slub.c:4313 __kmemdup_nul mm/util.c:61 [inline] kstrdup+0x42/0x100 mm/util.c:81 kobject_set_name_vargs+0x61/0x120 lib/kobject.c:274 dev_set_name+0xd5/0x120 drivers/base/core.c:3468 assign_name drivers/infiniband/core/device.c:1202 [inline] ib_register_device+0x178/0x1460 drivers/infiniband/core/device.c:1384 rxe_register_device+0x233/0x350 drivers/infiniband/sw/rxe/rxe_verbs.c:1540 rxe_net_add+0x74/0xf0 drivers/infiniband/sw/rxe/rxe_net.c:550 rxe_newlink+0xde/0x1a0 drivers/infiniband/sw/rxe/rxe.c:212 nldev_newlink+0x5ea/0x680 drivers/infiniband/core/nldev.c:1795 rdma_nl_rcv_skb drivers/infiniband/core/netlink.c:239 [inline] rdma_nl_rcv+0x6dd/0x9e0 drivers/infiniband/core/netlink.c:259 netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline] netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1339 netlink_sendmsg+0x8de/0xcb0 net ---truncated---

Affected Products
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • drivers/infiniband/core/device.c
Default Status
unaffected
Versions
Affected
  • From 9cbed5aab5aeea420d0aa945733bf608449d44fb before 0d6460b9d2a3ee380940bdf47680751ef91cb88e (git)
  • From 9cbed5aab5aeea420d0aa945733bf608449d44fb before 56ec8580be5174b2b9774066e60f1aad56d201db (git)
  • From 9cbed5aab5aeea420d0aa945733bf608449d44fb before edf6b543e81ba68c6dbac2499ab362098a5a9716 (git)
  • From 9cbed5aab5aeea420d0aa945733bf608449d44fb before 1d6a9e7449e2a0c1e2934eee7880ba8bd1e464cd (git)
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • drivers/infiniband/core/device.c
Default Status
affected
Versions
Affected
  • 6.12
Unaffected
  • From 0 before 6.12 (semver)
  • From 6.12.23 through 6.12.* (semver)
  • From 6.13.11 through 6.13.* (semver)
  • From 6.14.2 through 6.14.* (semver)
  • From 6.15 through * (original_commit_for_fix)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://git.kernel.org/stable/c/0d6460b9d2a3ee380940bdf47680751ef91cb88e
N/A
https://git.kernel.org/stable/c/56ec8580be5174b2b9774066e60f1aad56d201db
N/A
https://git.kernel.org/stable/c/edf6b543e81ba68c6dbac2499ab362098a5a9716
N/A
https://git.kernel.org/stable/c/1d6a9e7449e2a0c1e2934eee7880ba8bd1e464cd
N/A
Hyperlink: https://git.kernel.org/stable/c/0d6460b9d2a3ee380940bdf47680751ef91cb88e
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/56ec8580be5174b2b9774066e60f1aad56d201db
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/edf6b543e81ba68c6dbac2499ab362098a5a9716
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/1d6a9e7449e2a0c1e2934eee7880ba8bd1e464cd
Resource: N/A
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-416CWE-416 Use After Free
Type: CWE
CWE ID: CWE-416
Description: CWE-416 Use After Free
Metrics
VersionBase scoreBase severityVector
3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At:16 Apr, 2025 | 15:16
Updated At:25 Apr, 2025 | 18:41

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix use-after-free when rename device name Syzbot reported a slab-use-after-free with the following call trace: ================================================================== BUG: KASAN: slab-use-after-free in nla_put+0xd3/0x150 lib/nlattr.c:1099 Read of size 5 at addr ffff888140ea1c60 by task syz.0.988/10025 CPU: 0 UID: 0 PID: 10025 Comm: syz.0.988 Not tainted 6.14.0-rc4-syzkaller-00859-gf77f12010f67 #0 Hardware name: Google Compute Engine, BIOS Google 02/12/2025 Call Trace: <TASK> __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120 print_address_description mm/kasan/report.c:408 [inline] print_report+0x16e/0x5b0 mm/kasan/report.c:521 kasan_report+0x143/0x180 mm/kasan/report.c:634 kasan_check_range+0x282/0x290 mm/kasan/generic.c:189 __asan_memcpy+0x29/0x70 mm/kasan/shadow.c:105 nla_put+0xd3/0x150 lib/nlattr.c:1099 nla_put_string include/net/netlink.h:1621 [inline] fill_nldev_handle+0x16e/0x200 drivers/infiniband/core/nldev.c:265 rdma_nl_notify_event+0x561/0xef0 drivers/infiniband/core/nldev.c:2857 ib_device_notify_register+0x22/0x230 drivers/infiniband/core/device.c:1344 ib_register_device+0x1292/0x1460 drivers/infiniband/core/device.c:1460 rxe_register_device+0x233/0x350 drivers/infiniband/sw/rxe/rxe_verbs.c:1540 rxe_net_add+0x74/0xf0 drivers/infiniband/sw/rxe/rxe_net.c:550 rxe_newlink+0xde/0x1a0 drivers/infiniband/sw/rxe/rxe.c:212 nldev_newlink+0x5ea/0x680 drivers/infiniband/core/nldev.c:1795 rdma_nl_rcv_skb drivers/infiniband/core/netlink.c:239 [inline] rdma_nl_rcv+0x6dd/0x9e0 drivers/infiniband/core/netlink.c:259 netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline] netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1339 netlink_sendmsg+0x8de/0xcb0 net/netlink/af_netlink.c:1883 sock_sendmsg_nosec net/socket.c:709 [inline] __sock_sendmsg+0x221/0x270 net/socket.c:724 ____sys_sendmsg+0x53a/0x860 net/socket.c:2564 ___sys_sendmsg net/socket.c:2618 [inline] __sys_sendmsg+0x269/0x350 net/socket.c:2650 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f42d1b8d169 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 ... RSP: 002b:00007f42d2960038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 00007f42d1da6320 RCX: 00007f42d1b8d169 RDX: 0000000000000000 RSI: 00004000000002c0 RDI: 000000000000000c RBP: 00007f42d1c0e2a0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000000 R14: 00007f42d1da6320 R15: 00007ffe399344a8 </TASK> Allocated by task 10025: kasan_save_stack mm/kasan/common.c:47 [inline] kasan_save_track+0x3f/0x80 mm/kasan/common.c:68 poison_kmalloc_redzone mm/kasan/common.c:377 [inline] __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394 kasan_kmalloc include/linux/kasan.h:260 [inline] __do_kmalloc_node mm/slub.c:4294 [inline] __kmalloc_node_track_caller_noprof+0x28b/0x4c0 mm/slub.c:4313 __kmemdup_nul mm/util.c:61 [inline] kstrdup+0x42/0x100 mm/util.c:81 kobject_set_name_vargs+0x61/0x120 lib/kobject.c:274 dev_set_name+0xd5/0x120 drivers/base/core.c:3468 assign_name drivers/infiniband/core/device.c:1202 [inline] ib_register_device+0x178/0x1460 drivers/infiniband/core/device.c:1384 rxe_register_device+0x233/0x350 drivers/infiniband/sw/rxe/rxe_verbs.c:1540 rxe_net_add+0x74/0xf0 drivers/infiniband/sw/rxe/rxe_net.c:550 rxe_newlink+0xde/0x1a0 drivers/infiniband/sw/rxe/rxe.c:212 nldev_newlink+0x5ea/0x680 drivers/infiniband/core/nldev.c:1795 rdma_nl_rcv_skb drivers/infiniband/core/netlink.c:239 [inline] rdma_nl_rcv+0x6dd/0x9e0 drivers/infiniband/core/netlink.c:259 netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline] netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1339 netlink_sendmsg+0x8de/0xcb0 net ---truncated---

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 6.12(inclusive) to 6.12.23(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 6.13(inclusive) to 6.13.11(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 6.14(inclusive) to 6.14.2(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-416Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-416
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://git.kernel.org/stable/c/0d6460b9d2a3ee380940bdf47680751ef91cb88e416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/1d6a9e7449e2a0c1e2934eee7880ba8bd1e464cd416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/56ec8580be5174b2b9774066e60f1aad56d201db416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/edf6b543e81ba68c6dbac2499ab362098a5a9716416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
Hyperlink: https://git.kernel.org/stable/c/0d6460b9d2a3ee380940bdf47680751ef91cb88e
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/1d6a9e7449e2a0c1e2934eee7880ba8bd1e464cd
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/56ec8580be5174b2b9774066e60f1aad56d201db
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/edf6b543e81ba68c6dbac2499ab362098a5a9716
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch

Change History

0
Information is not available yet

Similar CVEs

3188Records found
CVE-2024-4607
Matching Score-4
Assigner-Arm Limited
ShareView Details
Matching Score-4
Assigner-Arm Limited
CVSS Score-7.8||HIGH
EPSS-0.17% / 37.73%
||
7 Day CHG~0.00%
Published-05 Aug, 2024 | 11:33
Updated-30 Sep, 2024 | 16:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mali GPU Kernel Driver allows improper GPU memory processing operations

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r41p0 through r49p0; Valhall GPU Kernel Driver: from r41p0 through r49p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r49p0.

Action-Not Available
Vendor-Arm Limited
Product-bifrost_gpu_kernel_driver5th_gen_gpu_architecture_kernel_drivervalhall_gpu_kernel_driverBifrost GPU Kernel DriverArm 5th Gen GPU Architecture Kernel DriverValhall GPU Kernel Driverbifrost_gpu_kernel_drivervalhall_gpu_kernel_driverarm_5th_gen_gpu_architecture_kernel_driver
CWE ID-CWE-416
Use After Free
CVE-2025-26648
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.54% / 67.25%
||
7 Day CHG-0.03%
Published-08 Apr, 2025 | 17:23
Updated-13 Feb, 2026 | 19:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel Elevation of Privilege Vulnerability

Sensitive data storage in improperly locked memory in Windows Kernel allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_1507windows_server_2022_23h2windows_10_1607windows_10_21h2windows_server_2008windows_server_2012windows_server_2019windows_11_23h2windows_server_2022windows_11_24h2windows_10_1809windows_server_2025windows_server_2016windows_11_22h2windows_10_22h2Windows Server 2025Windows Server 2008 R2 Service Pack 1Windows 11 Version 23H2Windows Server 2012 (Server Core installation)Windows 10 Version 1809Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 version 22H3Windows Server 2016 (Server Core installation)Windows 10 Version 22H2Windows Server 2019Windows Server 2022Windows 10 Version 1607Windows 11 Version 24H2Windows Server 2025 (Server Core installation)Windows Server 2019 (Server Core installation)Windows Server 2016Windows 11 version 22H2Windows Server 2012 R2Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2012Windows Server 2012 R2 (Server Core installation)
CWE ID-CWE-416
Use After Free
CWE ID-CWE-591
Sensitive Data Storage in Improperly Locked Memory
CVE-2025-53151
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.61%
||
7 Day CHG~0.00%
Published-12 Aug, 2025 | 17:10
Updated-26 Feb, 2026 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel Elevation of Privilege Vulnerability

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_11_24h2windows_server_2019windows_server_2025windows_10_22h2windows_server_2022_23h2windows_11_22h2windows_server_2022windows_10_21h2windows_11_23h2windows_10_1809Windows Server 2019 (Server Core installation)Windows 10 Version 21H2Windows 11 version 22H2Windows 11 version 22H3Windows 10 Version 22H2Windows 11 Version 23H2Windows Server 2019Windows Server 2022Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2025Windows 11 Version 24H2Windows 10 Version 1809Windows Server 2025 (Server Core installation)
CWE ID-CWE-416
Use After Free
CVE-2024-53023
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.88%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Automotive Android OS

Memory corruption may occur while accessing a variable during extended back to back tests.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1010_firmwareqca6678aq_firmwareqcm8550_firmwaresdm429w_firmwaresw5100pwsa8832wsa8845_firmwareqca6595srv1lwcd9335srv1mqca6678aqqca8081_firmwarewcd9370ar8035_firmwareqca6696qam8620p_firmwarewsa8830_firmwarewcd9340_firmwarewcd9341_firmwarewcd9395_firmwareqcc710_firmwaresnapdragon_685_4g_mobilewsa8832_firmwaresa8195p_firmwareqca8337_firmwareqca8337qdu1110wcd9395qca6574au_firmwareqam8295pwcd9341qca6574auqru1032vision_intelligence_400_firmwaresa8620p_firmwarewcd9390wcn3950wsa8810_firmwarewsa8845h_firmwaresa9000p_firmwaresrv1hqca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwarewcn3660b_firmwaresa8295p_firmwaresa8770pqca6584auqcn6274_firmwareqcc710qru1062_firmwaresw5100_firmwaresa8540pqru1062qfw7114_firmwareqca6595_firmwareqcs7230fastconnect_6900fastconnect_7800_firmwaresnapdragon_w5\+_gen_1_wearable_firmwaresnapdragon_x72_5gqru1032_firmwareqep8111sa7255pqfw7114wcd9385_firmwarefastconnect_6900_firmwareqam8255p_firmwarewcd9380qam8255psxr2230psnapdragon_680_4g_mobilewsa8845sa6155psnapdragon_429_mobile_firmwarewsa8810qam8650pqdu1000_firmwarevideo_collaboration_vc5_platform_firmwaresa9000psrv1h_firmwaresw5100qca6595ausxr2250p_firmwareqdu1010snapdragon_662_mobile_firmwaresa6155p_firmwaresnapdragon_685_4g_mobile_firmwarewsa8840qca6688aqqam8295p_firmwaresrv1m_firmwareqcs8550_firmwareqdu1210_firmwarewcn3990_firmwaresnapdragon_8_gen_2_mobile_firmwareqfw7124_firmwareqca6698aq_firmwarewcd9385snapdragon_x35_5g_firmwaresnapdragon_680_4g_mobile_firmwaresa8255pqcs7230_firmwarewcd9390_firmwaresnapdragon_460_mobilesnapdragon_8_gen_2_mobileqep8111_firmwarewcd9370_firmwareqdx1011_firmwareqdu1110_firmwareqdu1000sa7255p_firmwareqca6574asnapdragon_8\+_gen_2_mobileqru1052wcn3620_firmwarewcn3660bqca6174asa8195pwcd9340qcs8250_firmwareqdu1210qamsrv1msnapdragon_auto_5g_modem-rf_gen_2qca6174a_firmwaresa8540p_firmwareqam8650p_firmwarevideo_collaboration_vc5_platformsm8550p_firmwaresxr2250pqcm8550wcn3988snapdragon_662_mobilesdm429wqam8620pqca6584au_firmwareqcn6274qca6574qfw7124sa8775psnapdragon_w5\+_gen_1_wearableqca6595au_firmwareqca6391_firmwaresxr2230p_firmwarewsa8835wsa8840_firmwareqdu1010_firmwaresw5100p_firmwaresa8775p_firmwareqamsrv1hqca6696_firmwarewsa8845hwcd9380_firmwareqca6574_firmwaresa8155p_firmwareqca8081sg4150psa8155pwcd9335_firmwarewsa8830qam8775pqca6797aqsm8550psnapdragon_x35_5gqcm4325_firmwaresa8620psa8255p_firmwaresnapdragon_x75_5gar8035qca6574a_firmwareqamsrv1m_firmwaresa8650p_firmwarewcn3620qcm4325snapdragon_x72_5g_firmwarewcd9375_firmwaresa7775pqca6391snapdragon_x75_5g_firmwaresrv1l_firmwareqcn6224snapdragon_429_mobileqca6698aqsa7775p_firmwaresg4150p_firmwareqru1052_firmwaresa8770p_firmwaresa8295pwcn3950_firmwareqcs8550fastconnect_7800sa8650pqam8775p_firmwaresnapdragon_8\+_gen_2_mobile_firmwareqca6688aq_firmwareqdx1011wcd9375wcn3988_firmwareqamsrv1h_firmwarewcn3990vision_intelligence_400wsa8835_firmwareqcs8250qdx1010snapdragon_460_mobile_firmwareqcn6224_firmwareSnapdragon
CWE ID-CWE-416
Use After Free
CVE-2025-24298
Matching Score-4
Assigner-OpenHarmony
ShareView Details
Matching Score-4
Assigner-OpenHarmony
CVSS Score-8.4||HIGH
EPSS-0.02% / 4.02%
||
7 Day CHG~0.00%
Published-11 Aug, 2025 | 02:55
Updated-12 Aug, 2025 | 16:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
liteos_a has an UAF vulnerability

in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through use after free.

Action-Not Available
Vendor-OpenAtom FoundationOpenHarmony (OpenAtom Foundation)
Product-openharmonyOpenHarmony
CWE ID-CWE-416
Use After Free
CVE-2025-24855
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.16%
||
7 Day CHG~0.00%
Published-14 Mar, 2025 | 00:00
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal.

Action-Not Available
Vendor-libxml2 (XMLSoft)
Product-libxsltlibxslt
CWE ID-CWE-416
Use After Free
CVE-2025-23414
Matching Score-4
Assigner-OpenHarmony
ShareView Details
Matching Score-4
Assigner-OpenHarmony
CVSS Score-3.8||LOW
EPSS-0.04% / 11.31%
||
7 Day CHG~0.00%
Published-04 Mar, 2025 | 03:44
Updated-11 Mar, 2025 | 16:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Arkcompiler Ets Runtime has an UAF vulnerability

in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios.

Action-Not Available
Vendor-OpenAtom FoundationOpenHarmony (OpenAtom Foundation)
Product-openharmonyOpenHarmony
CWE ID-CWE-416
Use After Free
CVE-2022-36847
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-4.9||MEDIUM
EPSS-0.02% / 4.96%
||
7 Day CHG~0.00%
Published-09 Sep, 2022 | 14:39
Updated-03 Aug, 2024 | 10:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free vulnerability in mtp_send_signal function of MTP driver prior to SMR Sep-2022 Release 1 allows attackers to perform malicious actions.

Action-Not Available
Vendor-Google LLCSamsung Electronics
Product-androidSamsung Mobile Devices
CWE ID-CWE-416
Use After Free
CVE-2025-24044
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.20% / 42.10%
||
7 Day CHG~0.00%
Published-11 Mar, 2025 | 16:58
Updated-13 Feb, 2026 | 19:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_11_24h2windows_server_2012windows_server_2025windows_11_23h2windows_10_21h2windows_server_2022windows_10_1607windows_server_2019windows_10_1507windows_11_22h2windows_server_2016windows_server_2022_23h2windows_10_22h2windows_10_1809Windows Server 2025Windows 11 Version 23H2Windows Server 2012 (Server Core installation)Windows 10 Version 1809Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 version 22H3Windows Server 2016 (Server Core installation)Windows 10 Version 22H2Windows Server 2019Windows Server 2022Windows 10 Version 1607Windows 11 Version 24H2Windows Server 2025 (Server Core installation)Windows Server 2019 (Server Core installation)Windows Server 2016Windows 11 version 22H2Windows Server 2012 R2Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2012Windows Server 2012 R2 (Server Core installation)
CWE ID-CWE-416
Use After Free
CVE-2025-23409
Matching Score-4
Assigner-OpenHarmony
ShareView Details
Matching Score-4
Assigner-OpenHarmony
CVSS Score-3.8||LOW
EPSS-0.04% / 11.31%
||
7 Day CHG~0.00%
Published-04 Mar, 2025 | 03:44
Updated-11 Mar, 2025 | 16:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Communication Dsoftbus has an UAF vulnerability

in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios.

Action-Not Available
Vendor-OpenAtom FoundationOpenHarmony (OpenAtom Foundation)
Product-openharmonyOpenHarmony
CWE ID-CWE-416
Use After Free
CVE-2025-22438
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 0.39%
||
7 Day CHG~0.00%
Published-02 Sep, 2025 | 22:11
Updated-26 Feb, 2026 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In afterKeyEventLockedInterruptable of InputDispatcher.cpp, there is a possible use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CVE-2022-36849
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-4.9||MEDIUM
EPSS-0.02% / 4.96%
||
7 Day CHG~0.00%
Published-09 Sep, 2022 | 14:39
Updated-03 Aug, 2024 | 10:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free vulnerability in sdp_mm_set_process_sensitive function of sdpmm driver prior to SMR Sep-2022 Release 1 allows attackers to perform malicious actions.

Action-Not Available
Vendor-Google LLCSamsung Electronics
Product-androidSamsung Mobile Devices
CWE ID-CWE-416
Use After Free
CVE-2022-36855
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 5.26%
||
7 Day CHG~0.00%
Published-09 Sep, 2022 | 14:40
Updated-03 Aug, 2024 | 10:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use after free vulnerability in iva_ctl driver prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.

Action-Not Available
Vendor-Google LLCSamsung Electronics
Product-androidSamsung Mobile Devices
CWE ID-CWE-416
Use After Free
CVE-2024-46973
Matching Score-4
Assigner-Imagination Technologies
ShareView Details
Matching Score-4
Assigner-Imagination Technologies
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.74%
||
7 Day CHG~0.00%
Published-28 Dec, 2024 | 04:56
Updated-28 Dec, 2024 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Exploitable kernel use-after-free on psServerMMUContext due to reference count mismanagement

Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.

Action-Not Available
Vendor-Imagination Technologies Limited
Product-Graphics DDK
CWE ID-CWE-416
Use After Free
CVE-2024-47033
Matching Score-4
Assigner-Google Devices
ShareView Details
Matching Score-4
Assigner-Google Devices
CVSS Score-7.4||HIGH
EPSS-0.03% / 10.07%
||
7 Day CHG~0.00%
Published-25 Oct, 2024 | 10:34
Updated-28 Oct, 2024 | 17:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In lwis_allocator_free of lwis_allocator.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroidpixel
CWE ID-CWE-416
Use After Free
CVE-2024-47017
Matching Score-4
Assigner-Google Devices
ShareView Details
Matching Score-4
Assigner-Google Devices
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.80%
||
7 Day CHG+0.01%
Published-25 Oct, 2024 | 10:34
Updated-28 Oct, 2024 | 17:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ufshc_scsi_cmd of ufs.c, there is a possible stack variable use after free due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroid
CWE ID-CWE-416
Use After Free
CVE-2024-45580
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.88%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in DSP Service

Memory corruption while handling multuple IOCTL calls from userspace for remote invocation.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-Snapdragon
CWE ID-CWE-416
Use After Free
CVE-2024-45583
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.6||MEDIUM
EPSS-0.07% / 20.91%
||
7 Day CHG+0.04%
Published-06 May, 2025 | 08:32
Updated-26 Feb, 2026 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Secure Processor

Memory corruption while handling multiple IOCTL calls from userspace to operate DMA operations.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_8_gen_3_mobilesnapdragon_8_gen_3_mobile_firmwarewcd9390_firmwarefastconnect_7800_firmwarewcd9395wsa8840wsa8845hwsa8845_firmwarewsa8840_firmwarewsa8845wcd9395_firmwarewsa8845h_firmwarewcd9390fastconnect_7800Snapdragon
CWE ID-CWE-416
Use After Free
CVE-2024-45562
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.6||MEDIUM
EPSS-0.07% / 20.91%
||
7 Day CHG+0.04%
Published-06 May, 2025 | 08:31
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in HLOS

Memory corruption during concurrent access to server info object due to unprotected critical field.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6678aq_firmwareqcs410_firmwaresa6150p_firmwaresd865_5gsdm429w_firmwaresw5100pqcs610_firmwarewcd9335sxr2130_firmwarewcd9370qca6678aqqca6696wcd9340_firmwaresa8530pwcd9341_firmwareqca6320sa4150p_firmwareqca6426qca6564auqcn9074sa4150pwsa8815_firmwaresa8195p_firmwareqca6426_firmwareqca9377_firmwareqca6574au_firmwareqam8295pwcd9341qca6574ausnapdragon_820_automotivesnapdragon_888\+_5g_mobile_firmwarewcn3950wsa8810_firmwaresnapdragon_870_5g_mobile_firmwaresa9000p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwarewcn3660b_firmwaresnapdragon_820_automotive_firmwarefastconnect_6800_firmwaresa8295p_firmwaresnapdragon_870_5g_mobilesd835_firmwaresa4155p_firmwarevideo_collaboration_vc1_platform_firmwaresa4155pc-v2x_9150qca6320_firmwaresnapdragon_xr2_5g_firmwaresw5100_firmwaresa8540pqca6310_firmwareqsm8250_firmwarefastconnect_6800fastconnect_7800_firmwarefastconnect_6900snapdragon_w5\+_gen_1_wearable_firmwarevideo_collaboration_vc1_platformsnapdragon_865_5g_mobile_firmwarewcd9385_firmwaresnapdragon_x55_5g_modem-rf_systemfastconnect_6900_firmwareqca6310wcd9380sa6145p_firmwaresnapdragon_xr2_5gsnapdragon_8_gen_1_mobile_firmwaresa8150pmsm8996au_firmwaresa6155pqca6564au_firmwaresnapdragon_429_mobile_firmwarewsa8810qsm8250sa9000psw5100snapdragon_888_5g_mobile_firmwarevideo_collaboration_vc3_platformqca6595ausnapdragon_888_5g_mobilec-v2x_9150_firmwaresa6155p_firmwareqca6688aqqam8295p_firmwaresd835wcn3990_firmwareqca6564a_firmwareqca6436_firmwareqca6698aq_firmwaresnapdragon_888\+_5g_mobilewcd9385mdm9650_firmwaresnapdragon_8_gen_1_mobileqca9367_firmwaresnapdragon_865\+_5g_mobilewcd9370_firmwaremdm9650qca9367sdx55_firmwaresnapdragon_x55_5g_modem-rf_system_firmwarewcn3660bqca6574asxr2130wcn3620_firmwareqca6174asa8195pwcd9340snapdragon_auto_5g_modem-rf_gen_2qca6174a_firmwaresa8540p_firmwaresnapdragon_835_mobile_pc_firmwarewcn3988sdm429wwcd9335_firmwarewcn3980_firmwareqca6436wsa8835qca6595au_firmwareqca6391_firmwaresw5100p_firmwareqca6696_firmwarewcd9380_firmwaresa6150pqcs410sa8155p_firmwarewsa8815qca6564asa8155pwsa8830qca9377sa6145pqcn9074_firmwareqca6574a_firmwaresdx55msm8996ausnapdragon_865_5g_mobilewcn3620snapdragon_835_mobile_pcqca6391snapdragon_865\+_5g_mobile_firmwaresnapdragon_429_mobileqca6698aqwcn3950_firmwaresa8530p_firmwaresa8295pfastconnect_7800sa8145p_firmwarewcn3680bsd865_5g_firmwareqca6688aq_firmwaresa8150p_firmwarewcn3988_firmwarevideo_collaboration_vc3_platform_firmwaresa8145pwcn3990wsa8835_firmwarewcn3980wsa8830_firmwarewcn3680b_firmwaresnapdragon_w5\+_gen_1_wearableqcs610Snapdragon
CWE ID-CWE-416
Use After Free
CVE-2025-47354
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 5.62%
||
7 Day CHG~0.00%
Published-09 Oct, 2025 | 03:18
Updated-26 Feb, 2026 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in DSP Service

Memory corruption while allocating buffers in DSP service.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qmp1000sm8750p_firmwaresm6475_firmwarewcn7861sm7435_firmwaresm8750psnapdragon_4_gen_2_mobile_platform_firmwarewcd9385wsa8845sw5100p_firmwarewsa8835_firmwarewsa8810fastconnect_7800_firmwaresm8750_firmwarewcn7881wcn7880_firmwarewsa8835wcd9395wcd9378_firmwarewcn7750wcn7860wcn7881_firmwarefastconnect_6700wsa8830wsa8840sm8735wcd9385_firmwaresw5100psnapdragon_6_gen_1_mobile_platformsnapdragon_w5\+_gen_1_wearable_platform_firmwarewsa8830_firmwarewsa8832_firmwarewcn6755_firmwarefastconnect_6700_firmwarewcd9375_firmwarewcn3988_firmwarewcn7860_firmwarewcd9380wcd9378sw5100wsa8832sxr2350pwcn3950_firmwarewcd9375fastconnect_6200_firmwarewcd9380_firmwaresm8735_firmwarefastconnect_7800snapdragon_6_gen_1_mobile_platform_firmwarewsa8815wcd9370sm7435sm6475wsa8815_firmwaresxr2330pwcd9395_firmwarewcn6755wsa8845hsw5100_firmwarewcn7880wcn3988sxr2330p_firmwarewsa8845_firmwaresnapdragon_4_gen_2_mobile_platformfastconnect_6200wcd9370_firmwarewsa8840_firmwarewcn7750_firmwareqmp1000_firmwaresnapdragon_w5\+_gen_1_wearable_platformsm8750wcn3950wsa8810_firmwarewcn7861_firmwarewsa8845h_firmwaresxr2350p_firmwareSnapdragon
CWE ID-CWE-416
Use After Free
CVE-2017-0263
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-17.77% / 95.03%
||
7 Day CHG+2.03%
Published-12 May, 2017 | 14:00
Updated-22 Oct, 2025 | 00:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-08-10||Apply updates per vendor instructions.

The kernel-mode drivers in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_7windows_10_1507windows_server_2012windows_server_2008windows_10_1703windows_10_1607windows_rt_8.1windows_8.1windows_server_2016windows_10_1511Microsoft WindowsWin32k
CWE ID-CWE-416
Use After Free
CVE-2024-45553
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.08%
||
7 Day CHG~0.00%
Published-06 Jan, 2025 | 10:33
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in DSP Services

Memory corruption can occur when process-specific maps are added to the global list. If a map is removed from the global list while another thread is using it for a process-specific task, issues may arise.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1010_firmwaresw5100pwcn6650qca6595wcd9370qca8081_firmwareqca6696qam8620p_firmwarewcd9340_firmwarewcd9395_firmwarewcn7881_firmwarewcn6450qcc710_firmwaresnapdragon_8\+_gen_1_mobilefastconnect_6700snapdragon_685_4g_mobilewsa8832_firmwareqca8337qdu1110wcd9395qca6574au_firmwaresnapdragon_x72_5g_modem-rfqam8295pqca6574auwcd9390sa8620p_firmwarewsa8810_firmwarewsa8845h_firmwaresa9000p_firmwaresrv1hsa8770pssg2115pqcc710fastconnect_6900snapdragon_w5\+_gen_1_wearable_firmwareqru1032_firmwareqep8111sa7255psm8635qfw7114wcd9385_firmwareqam8255p_firmwareqcs4490snapdragon_680_4g_mobilewsa8845sa6155pwsa8810qam8650pqdu1000_firmwarevideo_collaboration_vc5_platform_firmwaresa9000psrv1h_firmwareqca6595ausxr2250p_firmwareqdu1010snapdragon_662_mobile_firmwaresa6155p_firmwaresnapdragon_685_4g_mobile_firmwarewsa8840snapdragon_ar1_gen_1srv1m_firmwareqcs8550_firmwaresnapdragon_x35_5g_modem-rf_firmwareqdu1210_firmwaresnapdragon_8_gen_2_mobile_firmwareqfw7124_firmwaresnapdragon_4_gen_2_mobile_firmwaresnapdragon_695_5g_mobile_firmwareqcs4490_firmwaresm8635psnapdragon_460_mobilesnapdragon_8_gen_2_mobilewcd9370_firmwareqdu1110_firmwareqdu1000sa7255p_firmwareqca6574asnapdragon_8\+_gen_2_mobilesnapdragon_x72_5g_modem-rf_firmwareqca6174asa8195pwcd9340qcs8250_firmwareqdu1210talynplussnapdragon_auto_5g_modem-rf_gen_2sm8550p_firmwaresxr2250pwcn3988snapdragon_662_mobilesa8775pqca6574sxr2230p_firmwaresa8775p_firmwareqamsrv1hwsa8845hsa8155p_firmwaresa8155pwsa8830sm8550psm7675_firmwaresa8255p_firmwarear8035qamsrv1m_firmwaresm7635_firmwaresnapdragon_4_gen_2_mobilesa8650p_firmwarewcn6450_firmwareqcm4325srv1l_firmwareqcn6224qca6698aqwcn3950_firmwaresa7775p_firmwaresm7635qrb5165nssg2125p_firmwaresnapdragon_480\+_5g_mobilefastconnect_6200wcd9378snapdragon_480_5g_mobile_firmwaresm8635p_firmwareqdx1011fastconnect_6700_firmwaresnapdragon_x75_5g_modem-rf_firmwaresnapdragon_8_gen_3_mobileqcs8250snapdragon_695_5g_mobilefastconnect_6200_firmwarewsa8830_firmwaresnapdragon_460_mobile_firmwareqcn6224_firmwarewsa8845_firmwarewsa8832wcd9378_firmwaresnapdragon_480_5g_mobilesrv1lsm7675psrv1msnapdragon_x35_5g_modem-rfar8035_firmwaresm4635wsa8815_firmwaresa8195p_firmwareqca8337_firmwaresm4635_firmwareqcm4490_firmwareqru1032wcn3950flight_rb5_5gqca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaretalynplus_firmwaresa8295p_firmwareqca6584auqcn6274_firmwarewcn6755_firmwareqru1062_firmwaresw5100_firmwarewcn6650_firmwareqru1062snapdragon_8_gen_3_mobile_firmwareqfw7114_firmwareqca6595_firmwareqcs7230fastconnect_7800_firmwaresm8635_firmwarefastconnect_6900_firmwarerobotics_rb5_firmwarewcd9380qam8255psxr2230pwcn6755sxr1230psm6650wcn7881sw5100snapdragon_4_gen_1_mobile_firmwareqca6688aqqam8295p_firmwareqca6698aq_firmwarewcd9385snapdragon_8_gen_1_mobilesnapdragon_680_4g_mobile_firmwaresa8255pqcs7230_firmwaresxr1230p_firmwarewcd9390_firmwareqep8111_firmwareqdx1011_firmwareflight_rb5_5g_firmwaressg2125pqru1052qcm4490snapdragon_480\+_5g_mobile_firmwareqamsrv1mrobotics_rb5qca6174a_firmwarewcn7861_firmwarewcn7861qam8650p_firmwarevideo_collaboration_vc5_platformsm6650_firmwareqam8620pqca6584au_firmwareqcn6274qrb5165n_firmwareqfw7124wsa8835qca6595au_firmwareqca6391_firmwarewsa8840_firmwareqdu1010_firmwaresw5100p_firmwareqca6696_firmwarewcd9380_firmwareqca6574_firmwareqca8081wsa8815sg4150psd_8_gen1_5gqam8775pqca6797aqsnapdragon_ar2_gen_1_firmwaresnapdragon_x75_5g_modem-rfqcm4325_firmwaresa8620pqca6574a_firmwaresnapdragon_4_gen_1_mobilesd_8_gen1_5g_firmwarewcd9375_firmwaresa7775pqca6391snapdragon_ar1_gen_1_firmwaresg4150p_firmwareqru1052_firmwaresa8770p_firmwaresa8295pqcs8550fastconnect_7800sa8650pqam8775p_firmwaresnapdragon_8\+_gen_2_mobile_firmwareqca6688aq_firmwarewcd9375snapdragon_ar2_gen_1wcn3988_firmwareqamsrv1h_firmwaresm7675snapdragon_8\+_gen_1_mobile_firmwarewsa8835_firmwaressg2115p_firmwaresm7675p_firmwareqdx1010snapdragon_w5\+_gen_1_wearablesnapdragon_8_gen_1_mobile_firmwareSnapdragon
CWE ID-CWE-416
Use After Free
CVE-2024-45554
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 13.89%
||
7 Day CHG+0.03%
Published-06 May, 2025 | 08:31
Updated-26 Feb, 2026 | 18:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in DSP Service

Memory corruption during concurrent SSR execution due to race condition on the global maps list.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwaresnapdragon_429_mobile_firmwarefastconnect_7800_firmwaresnapdragon_888\+_5g_mobilewsa8835sw5100psnapdragon_888\+_5g_mobile_firmwarewcd9385_firmwarewcn3988_firmwaresdm429w_firmwarewsa8830wsa8835_firmwaresnapdragon_8_gen_1_mobile_firmwarewcn3980_firmwarewcn3980snapdragon_888_5g_mobile_firmwareqca6174asw5100_firmwarewsa8832_firmwaresw5100sxr2250pwcn3620_firmwarewcd9385sxr2230p_firmwaresxr2230pwcn3620wcn3988qca6174a_firmwaresxr2250p_firmwarewcd9380wsa8830_firmwaresnapdragon_429_mobilesw5100p_firmwarefastconnect_6900sdm429wfastconnect_6900_firmwaresnapdragon_8_gen_1_mobilesnapdragon_888_5g_mobilewsa8832wcn3660b_firmwarefastconnect_7800wcn3660bSnapdragon
CWE ID-CWE-416
Use After Free
CVE-2024-45566
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.91%
||
7 Day CHG+0.04%
Published-06 May, 2025 | 08:31
Updated-26 Feb, 2026 | 18:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Camera Driver

Memory corruption during concurrent buffer access due to modification of the reference count.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwaresd865_5g_firmwaresnapdragon_429_mobile_firmwarefastconnect_7800_firmwarewsa8835wsa8810snapdragon_xr2_5g_firmwaresnapdragon_865\+_5g_mobileqca6426sdm429w_firmwarewsa8830wsa8835_firmwaresnapdragon_8_gen_1_mobile_firmwarewsa8815_firmwaresnapdragon_865_5g_mobilesd865_5gsnapdragon_x55_5g_modem-rf_system_firmwaresxr2130wcn3620_firmwarewsa8810_firmwarefastconnect_6800qca6426_firmwareqca6391snapdragon_870_5g_mobilewcn3620snapdragon_x55_5g_modem-rf_systemwsa8830_firmwarewcd9380snapdragon_865_5g_mobile_firmwarefastconnect_6800_firmwaresnapdragon_429_mobilewsa8815qca6436_firmwareqca6436snapdragon_xr2_5gfastconnect_6900sdm429wsnapdragon_865\+_5g_mobile_firmwarefastconnect_6900_firmwaresnapdragon_8_gen_1_mobilesnapdragon_870_5g_mobile_firmwarefastconnect_7800wcn3660b_firmwaresxr2130_firmwareqca6391_firmwarewcn3660bSnapdragon
CWE ID-CWE-416
Use After Free
CVE-2024-45567
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.91%
||
7 Day CHG+0.04%
Published-06 May, 2025 | 08:32
Updated-26 Feb, 2026 | 18:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Camera Driver

Memory corruption while encoding JPEG format.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwaresnapdragon_429_mobile_firmwarefastconnect_7800_firmwarewcn3620_firmwarewcd9385wsa8835sxr2230p_firmwarewcn3660bwcd9385_firmwaresxr2230pwcn3620sdm429w_firmwarewsa8830wsa8830_firmwarewsa8835_firmwaresxr2250p_firmwarewcd9380snapdragon_8_gen_1_mobile_firmwaresnapdragon_429_mobilefastconnect_6900sdm429wfastconnect_6900_firmwaresnapdragon_8_gen_1_mobilewsa8832_firmwarewsa8832wcn3660b_firmwarefastconnect_7800sxr2250pSnapdragon
CWE ID-CWE-416
Use After Free
CVE-2024-45561
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.88%
||
7 Day CHG~0.00%
Published-03 Feb, 2025 | 16:51
Updated-12 Feb, 2025 | 20:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Windows WLAN Host

Memory corruption while handling IOCTL call from user-space to set latency level.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800_firmwarewsa8840sdm429wsc8380xp_firmwarewsa8845h_firmwareqca6420wcn3620_firmwarewsa8845wcd9380_firmwareqca6391_firmwaresc8180x-ad_firmwareqca6391wcn3660bsdm429w_firmwareqca6430wsa8845_firmwarewcd9340_firmwaresc8180x-acafsnapdragon_429_mobile_firmwarewsa8835wsa8845haqt1000_firmwarefastconnect_7800wcd9341_firmwareqcc2076_firmwarewcd9340wcd9341sc8180x-aaab_firmwareqcc2076fastconnect_6900fastconnect_6800snapdragon_7c\+_gen_3_computesnapdragon_429_mobilefastconnect_6700qcc2073snapdragon_7c\+_gen_3_compute_firmwarewsa8810_firmwarewcd9385_firmwarewsa8810fastconnect_6700_firmwaresc8180x-adqcc2073_firmwaresc8280xp-abbb_firmwaresc8180x-aaabqca6420_firmwarewsa8815fastconnect_6200_firmwareqca6430_firmwarewcd9380wsa8830wsa8815_firmwarefastconnect_6200wsa8830_firmwarewcn3620fastconnect_6900_firmwaresc8180x-acaf_firmwaresc8380xpaqt1000fastconnect_6800_firmwarewcd9385wsa8840_firmwarewcn3660b_firmwarewsa8835_firmwaresc8280xp-abbbSnapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-416
Use After Free
CVE-2024-45571
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.88%
||
7 Day CHG~0.00%
Published-03 Feb, 2025 | 16:51
Updated-12 Feb, 2025 | 20:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in WLAN Host Communication

Memory corruption may occour occur when stopping the WLAN interface after processing a WMI command from the interface.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800_firmwareipq6000_firmwareqcm6490_firmwareqcn6224_firmwareipq8076acsr8811_firmwareqca6574au_firmwareqcn6132_firmwareqam8775psa8195pqcs615qca6584ausnapdragon_x65_5g_modem-rf_firmwareqca9889_firmwareqcn5152sxr2230pipq6028qcn5022_firmwareqcc710_firmwaresxr2230p_firmwaresm7635_firmwareipq9574_firmwareqca6574ipq9048qcn5164_firmwareipq8070aqxm8083qcm8550qca6698aq_firmwareqcf8000_firmwareqcn5024_firmwareqca9888immersive_home_216qca8075qcn5122_firmwareqcn6412qcn9100ipq8173ipq8071aqcn6402qcf8001ipq8174_firmwareqcn5164qca8082_firmwaresnapdragon_8_gen_3_mobile_firmwareqam8255p_firmwarewcd9375ipq9570_firmwaresm6650qca8085sa6155pvideo_collaboration_vc3_platformqcn5052ipq5010_firmwareipq5028qcn5052_firmwarewsa8830_firmwareqca8081qcn9022immersive_home_316_firmwaresdx65m_firmwarewcd9385wsa8840_firmwareipq6028_firmwareqfw7124_firmwaresxr2250p_firmwarewsa8840qcn6402_firmwareipq8078a_firmwareqfw7124ipq6000qca6696immersive_home_3210_firmwareqca4024qca6595ipq9048_firmwareqca8337sa8155p_firmwareipq8071a_firmwareqam8650pqca8337_firmwareqcn9012ipq9570qcs8300sxr2330pqcf8000sfp_firmwareqcn9012_firmwareqcs5430_firmwareqcn9070_firmwareqcf8000qam8775p_firmwareqcn5154_firmwaresm8635p_firmwareipq8074aqcm5430qcs9100wcd9378sm7675_firmwareqca8085_firmwaresm8750pwsa8835sm8750p_firmwareqcn9024qca8081_firmwareqcn9074qca6797aq_firmwarefastconnect_7800wcd9340ipq8174qcn6112_firmwarewcd9378_firmwareqca6574auqca8084_firmwareqcn9024_firmwaresm6650_firmwareqca6584au_firmwareqca6777aqfastconnect_6700immersive_home_326qca6696_firmwaresnapdragon_x72_5g_modem-rf_firmwareqcs9100_firmwarewsa8832fastconnect_6700_firmwareipq5302wcd9390_firmwareqcn6274qcs615_firmwaresm8635immersive_home_216_firmwareipq5028_firmwareqca6554a_firmwareipq5332qca8082sm8635_firmwareqca6787aqipq6018_firmwareipq8072a_firmwareqcn9000_firmwareipq5300_firmwareqca6574a_firmwareqcf8000sfpqcn6023sdx55_firmwareqca9888_firmwareqca8075_firmwaresm8750_firmwareqxm8083_firmwareipq5332_firmwareipq6010ipq8078_firmwareqca6554aqca9889qcn5124ipq8070a_firmwareipq9554_firmwareqcs8300_firmwareqcs6490qcn6432_firmwaresxr2330p_firmwarewsa8835_firmwareqca8386_firmwarewcn7860qcs5430qca6787aq_firmwareqcn9074_firmwarewcn7881_firmwareqcn9100_firmwareqcs8550_firmwaresdx65mqcm6490ipq5312wcn7881qcn5154ipq9554qcn6274_firmwaresm8750snapdragon_x65_5g_modem-rfqca8084qcn9274_firmwarecsr8811qcn9000wcn6650ipq8173_firmwarewsa8845_firmwareqcn6412_firmwarevideo_collaboration_vc3_platform_firmwareqca6574_firmwareqcm8550_firmwarewcn6755_firmwarear8035wsa8845hipq9008_firmwaresa6155p_firmwarewcn6450_firmwareqcn6122_firmwareqcn6112wcn7880_firmwareipq9008wcd9395_firmwareqcn5122sm7635fastconnect_6900ipq9574qca6574aqcn9160qcn6432wcd9375_firmwarewcd9385_firmwareqam8650p_firmwareqcn9274qcn6422immersive_home_318_firmwareipq8078aqcn5152_firmwareqca6595_firmwaresdx55immersive_home_214snapdragon_x75_5g_modem-rf_firmwarewcd9380ipq5302_firmwareimmersive_home_326_firmwaresa8155pwcn7861_firmwarewsa8832_firmwareimmersive_home_214_firmwarewcn6755qca6564auimmersive_home_318qca6595au_firmwareqcs6490_firmwareipq8072aqcn6224qca6595auqam8255pipq5010ar8035_firmwaresa8195p_firmwaresm7675wsa8845h_firmwareimmersive_home_3210wsa8845wcn6650_firmwarewcd9380_firmwarewcn6450qcn5124_firmwaresm8635pipq8076wcd9370wcd9340_firmwareimmersive_home_316qca8386qca6678aqsnapdragon_x75_5g_modem-rfqca6564au_firmwareqcn6122qcn6132wcn7880qcn6024qca6797aqqca4024_firmwaresm7675pqcn5022qcs8550sxr2250pqcm5430_firmwareqcn5024sm7675p_firmwareipq6010_firmwareqcn6422_firmwareqcn6024_firmwareipq6018ipq8078ipq5300ipq8076_firmwareqcc710ipq5312_firmwareqcf8001_firmwaresnapdragon_8_gen_3_mobilesnapdragon_x72_5g_modem-rfqcn9160_firmwarewcn7861ipq8074a_firmwarewsa8830qcn6023_firmwarewcn7860_firmwareqca6777aq_firmwareqcn9070qca6678aq_firmwareqca6698aqfastconnect_6900_firmwareqcn9022_firmwareqcn9072_firmwareipq8076a_firmwareqfw7114wcd9390wcd9395qfw7114_firmwareqcn9072wcd9370_firmwareSnapdragon
CWE ID-CWE-416
Use After Free
CVE-2024-45564
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.91%
||
7 Day CHG+0.04%
Published-06 May, 2025 | 08:31
Updated-26 Feb, 2026 | 18:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in HLOS

Memory corruption during concurrent access to server info object due to incorrect reference count update.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800_firmwarewcd9341qam8295pqca6696_firmwaresnapdragon_888\+_5g_mobilesw5100pqca6678aqwcd9385_firmwarewcn3988_firmwaresnapdragon_865\+_5g_mobileqca6426sa9000pwsa8835_firmwareqca6678aq_firmwareqam8295p_firmwareqcs610snapdragon_w5\+_gen_1_wearable_firmwareqca6698aq_firmwarewcn3980qca6696sa8540p_firmwarec-v2x_9150_firmwaresnapdragon_888_5g_mobile_firmwareqca6174aqcs410sa6150p_firmwarewcn3620_firmwarewcd9385sa8530pqca6391sa8295pqca6688aq_firmwareqca9377qca6391_firmwareqca6174a_firmwaresnapdragon_x55_5g_modem-rf_systemwcn3620snapdragon_865_5g_mobile_firmwarefastconnect_6800_firmwaresa6155p_firmwaresnapdragon_429_mobilesa8195p_firmwaresw5100p_firmwaresnapdragon_xr2_5gqca6574au_firmwarewcd9370_firmwaresa8155p_firmwarefastconnect_6900sdm429wsnapdragon_865\+_5g_mobile_firmwarec-v2x_9150snapdragon_8_gen_1_mobileqca6595ausnapdragon_870_5g_mobile_firmwaresa8145p_firmwarewcn3680bqca6698aqsnapdragon_888_5g_mobilesa8150psxr2130_firmwarewcn3660bwsa8810wcd9380_firmwaresd865_5g_firmwaresnapdragon_w5\+_gen_1_wearablesnapdragon_429_mobile_firmwarevideo_collaboration_vc1_platform_firmwarewcd9341_firmwarewsa8835snapdragon_888\+_5g_mobile_firmwareqcn9074_firmwaresnapdragon_xr2_5g_firmwarewcd9370sdm429w_firmwarewsa8830sa9000p_firmwareqca6574auvideo_collaboration_vc3_platformsa6145psa8195psa6150psnapdragon_8_gen_1_mobile_firmwarewsa8815_firmwaresnapdragon_865_5g_mobileqca6595au_firmwareqca9367wcn3980_firmwarewcn3950_firmwaresa8530p_firmwaresa8540psa8295p_firmwaresd865_5gsw5100_firmwarevideo_collaboration_vc3_platform_firmwaresw5100qca6688aqqca9377_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresxr2130wsa8810_firmwarefastconnect_6800qca6426_firmwaresa8150p_firmwareqca9367_firmwaresnapdragon_870_5g_mobilewcn3950wcn3988wcn3680b_firmwarewsa8830_firmwarewcd9380wsa8815qcs610_firmwareqca6436_firmwareqca6436sa6155psa8155psnapdragon_auto_5g_modem-rf_gen_2sa8145pvideo_collaboration_vc1_platformfastconnect_6900_firmwaresa6145p_firmwareqcn9074wcn3660b_firmwarefastconnect_7800qcs410_firmwareSnapdragon
CWE ID-CWE-416
Use After Free
CVE-2024-43509
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.63% / 69.99%
||
7 Day CHG+0.12%
Published-08 Oct, 2024 | 17:35
Updated-08 Jul, 2025 | 15:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Graphics Component Elevation of Privilege Vulnerability

Windows Graphics Component Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2022_23h2windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_11_24h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607windows_11_23h2Windows Server 2022Windows 11 Version 24H2Windows Server 2019 (Server Core installation)Windows Server 2012 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows 10 Version 1507Windows 10 Version 1607Windows Server 2012 R2 (Server Core installation)Windows Server 2012Windows 10 Version 22H2Windows Server 2008 Service Pack 2 (Server Core installation)Windows 11 version 22H3Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 10 Version 21H2Windows Server 2019Windows Server 2008 R2 Service Pack 1Windows Server 2012 R2Windows Server 2008 Service Pack 2Windows 11 version 22H2Windows Server 2016Windows Server 2016 (Server Core installation)Windows 11 Version 23H2Windows 11 version 21H2Windows Server 2022, 23H2 Edition (Server Core installation)
CWE ID-CWE-416
Use After Free
CVE-2024-44285
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-8.4||HIGH
EPSS-1.01% / 76.93%
||
7 Day CHG~0.00%
Published-28 Oct, 2024 | 21:08
Updated-03 Nov, 2025 | 23:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18.1 and iPadOS 18.1, watchOS 11.1, visionOS 2.1, tvOS 18.1. An app may be able to cause unexpected system termination or corrupt kernel memory.

Action-Not Available
Vendor-Apple Inc.
Product-tvoswatchosipadosvisionosiphone_oswatchOStvOSvisionOSiOS and iPadOStvoswatchosipadosvisionosiphone_os
CWE ID-CWE-416
Use After Free
CVE-2024-43556
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.63% / 69.99%
||
7 Day CHG+0.12%
Published-08 Oct, 2024 | 17:36
Updated-30 Oct, 2025 | 16:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Graphics Component Elevation of Privilege Vulnerability

Windows Graphics Component Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_1507windows_11_22h2windows_server_2012windows_server_2008windows_10_21h2windows_11_23h2windows_11_24h2windows_server_2022windows_10_1607windows_10_22h2windows_server_2022_23h2windows_10_1809windows_server_2019windows_11_21h2windows_server_2016Windows Server 2022Windows 11 Version 24H2Windows Server 2019 (Server Core installation)Windows Server 2012 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows 10 Version 1507Windows 10 Version 1607Windows Server 2012 R2 (Server Core installation)Windows Server 2012Windows 10 Version 22H2Windows Server 2008 Service Pack 2 (Server Core installation)Windows 11 version 22H3Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 10 Version 21H2Windows Server 2019Windows Server 2008 R2 Service Pack 1Windows Server 2012 R2Windows Server 2008 Service Pack 2Windows 11 version 22H2Windows Server 2016Windows Server 2016 (Server Core installation)Windows 11 Version 23H2Windows 11 version 21H2Windows Server 2022, 23H2 Edition (Server Core installation)
CWE ID-CWE-416
Use After Free
CVE-2024-43061
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.88%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-03 Mar, 2025 | 12:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Audio

Memory corruption during voice activation, when sound model parameters are loaded from HLOS, and the received sound model list is empty in HLOS drive.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-Snapdragon
CWE ID-CWE-416
Use After Free
CVE-2024-43047
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-1.75% / 82.32%
||
7 Day CHG~0.00%
Published-07 Oct, 2024 | 12:59
Updated-28 Oct, 2025 | 13:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2024-10-29||Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Use After Free in DSP Service

Memory corruption while maintaining memory maps of HLOS memory.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_auto_5g_modem-rfwcn3990_firmwareqca6426_firmwareqcs6490sg4150p_firmwaresnapdragon_865_5g_mobile_firmwaresnapdragon_xr2_5g_firmwaresa8150p_firmwaresnapdragon_660_mobile_firmwarewcd9385sw5100p_firmwaresnapdragon_865_5g_mobilewsa8835_firmwaresnapdragon_680_4g_mobile_firmwarefastconnect_7800_firmwareqca6391_firmwareqca6698aq_firmwarewcd9341_firmwareqca6391sa4150pqca6595sa8145p_firmwaresd660fastconnect_6900qam8295p_firmwarefastconnect_6700qca6436_firmwareqam8295pwsa8830wcd9385_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwarewsa8830_firmwareqca6688aqsnapdragon_870_5g_mobilesg4150pqcs410snapdragon_x55_5g_modem-rf_firmwarefastconnect_6800_firmwaresnapdragon_xr2_5gqca6584au_firmwaresd660_firmwarewcd9380_firmwareqca6688aq_firmwaresnapdragon_888\+_5g_mobilesnapdragon_auto_5g_modem-rf_firmwaresa8155p_firmwareqca6595au_firmwaresa6155pqca6595auqcs410_firmwaresnapdragon_865\+_5g_mobileqca6426sw5100_firmwareqcs610wcd9370_firmwaresa6150p_firmwaresnapdragon_x55_5g_modem-rffastconnect_6900_firmwaresxr2130sw5100pwsa8810_firmwaresa8150psa4155pqca6174a_firmwaresnapdragon_660_mobilewcn3980_firmwaresnapdragon_685_4g_mobilesnapdragon_888\+_5g_mobile_firmwareqcs610_firmwarewsa8810qca6595_firmwareqca6574au_firmwarewsa8835sa6145pwcd9335_firmwaresa4150p_firmwareqca6174asnapdragon_8_gen_1_mobilewcd9341snapdragon_680_4g_mobilesa8195pwcn3980video_collaboration_vc3_platform_firmwareqca6584ausa8195p_firmwarefastconnect_6700_firmwaresa8295pwcd9375_firmwaresa6150pwcn3988_firmwaresa8155pwcd9380qca6574ausa4155p_firmwareqca6696_firmwarevideo_collaboration_vc1_platformsa6145p_firmwaresnapdragon_870_5g_mobile_firmwaresw5100wcn3950_firmwaresnapdragon_888_5g_mobile_firmwarewcd9375video_collaboration_vc3_platformwcn3990qca6436sa6155p_firmwaresnapdragon_auto_5g_modem-rf_gen_2snapdragon_865\+_5g_mobile_firmwaresd865_5gsnapdragon_685_4g_mobile_firmwaresxr2130_firmwarefastconnect_7800video_collaboration_vc1_platform_firmwarewsa8815qca6696sd865_5g_firmwarewcd9370wsa8815_firmwaresnapdragon_8_gen_1_mobile_firmwaresa8145pwcn3988wcd9335fastconnect_6800qca6698aqsa8295p_firmwareqcs6490_firmwarewcn3950snapdragon_888_5g_mobileSnapdragonqca6174a_firmwarewcn3990_firmwareqca6426_firmwaresg4150p_firmwarewcn3980_firmwaresa8150p_firmwareqcs610_firmwaresnapdragon_888\+_5g_mobile_platform_firmwaresw5100p_firmwarewsa8835_firmwarefastconnect_7800_firmwareqca6391_firmwareqca6595_firmwareqca6574au_firmwareqca6698aq_firmwarewcd9341_firmwarewcd9335_firmwaresa8145p_firmwareqam8295p_firmwaresa4150p_firmwaresnapdragon_865\+_5g_firmwareqca6436_firmwarewcd9385_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwarewsa8830_firmwarequalcomm_video_collaboration_vc1_platform_firmwarequalcomm_video_collaboration_vc3_platform_firmwaresnapdragon_660_mobile_platform_firmwaresa8195p_firmwarefastconnect_6700_firmwarewcd9375_firmwarewcn3988_firmwaresa4155p_firmwareqca6696_firmwaresa6145p_firmwarefastconnect_6800_firmwarewcn3950_firmwareqca6584au_firmwaresa6155p_firmwaresd660_firmwaresnapdragon_8_gen_1_mobile_platform_firmwarewcd9380_firmwaresnapdragon_870_5g_mobile_platform_firmwareqca6688aq_firmwaresnapdragon_680_4g_mobile_platform_firmwaresnapdragon_auto_5g_modem-rf_firmwaresa8155p_firmwaresnapdragon_865_5g_mobile_platform_firmwaresxr2130_firmwareqca6595au_firmwareqcs410_firmwaresd865_5g_firmwaresm6225-ad_firmwarewsa8815_firmwaresw5100_firmwarewcd9370_firmwaresa6150p_firmwaresnapdragon_xr2_5g_platform_firmwaresnapdragon_888_5g_mobile_platform_firmwarefastconnect_6900_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresa8295p_firmwareqcs6490_firmwarewsa8810_firmwareMultiple Chipsets
CWE ID-CWE-416
Use After Free
CVE-2024-43057
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.88%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in MProc

Memory corruption while processing command in Glink linux.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429w_firmwareqcs410_firmwaresa6150p_firmwaresd865_5gimmersive_home_214qcn9000_firmwareipq9574qcn6102_firmwaresw5100pqcn9022qcs610_firmwareipq6028_firmwarewcd9370qca8081_firmwaresnapdragon_429_firmwareqca8072qca6696wcd9340_firmwarewcd9341_firmwareipq5028_firmwareqcn6024qcc710_firmwareipq8076qca6426qcn6422_firmwareipq6018_firmwareqcn6023qcn5124_firmwaresnapdragon_888_5gqca8337qca6426_firmwareipq6000ipq9048ipq8078aqca6574au_firmwareipq8078a_firmwareqam8295pwcd9341ipq5312qca6574auwsa8810_firmwaresnapdragon_429qcn9100_firmwaresnapdragon_865\+_5gwcn3660b_firmwareqcn5122fsm20055fastconnect_6800_firmwaresnapdragon_865\+_5g_firmwareqcn6024_firmwaresnapdragon_x65_5gvideo_collaboration_vc1_platform_firmwaresnapdragon_888\+_5g_firmwarec-v2x_9150qcn9000qcc710qcn6132_firmwaresnapdragon_xr2_5g_firmwareqsm8250_firmwareqcn5054qcn6402fastconnect_6900snapdragon_w5\+_gen_1_wearable_firmwareqcn6432video_collaboration_vc1_platformimmersive_home_326_firmwareipq5332_firmwareqcn5052fsm10056_firmwaresnapdragon_x72_5gqfw7114wcd9385_firmwareipq9574_firmwareipq8074a_firmwareipq8076aqcn5164sa6155pqcn6100_firmwareqcn9160csr8811_firmwarewsa8810qca8075qcn5021qsm8250qca8085qcn6100snapdragon_865_5g_firmwaresa6155p_firmwareqfw7124_firmwareqca6436_firmwareqcn9012qcn9070ipq8070a_firmwareqcn5021_firmwareqcf8001qca8084sdx65mwcd9370_firmwareqca9367wcn3660bipq9570wcn3620_firmwaresa8195pqca6174awcd9340snapdragon_auto_5g_modem-rf_gen_2ipq5302qcn6122_firmwareqcn5154_firmwareipq9048_firmwaresnapdragon_x55_5g_firmwarewcn3988fsm20055_firmwareqcn5122_firmwareqcn9274qcn9024pmp8074ipq8076a_firmwareipq9570_firmwareqcn6412_firmwareqcn9024_firmwareqca8082sa6150pqcs410sa8155p_firmwaresa8155pqca8072_firmwarewsa8830snapdragon_870_5g_firmwareipq5312_firmwareqcf8000_firmwaresa6145psnapdragon_x65_5g_firmwareqcn9074_firmwareipq8174immersive_home_318_firmwareqcn6122ipq8174_firmwaresnapdragon_888\+_5gsnapdragon_x75_5gar8035ipq8072aimmersive_home_216_firmwarewcn3620snapdragon_x72_5g_firmwareimmersive_home_316qcf8000sfp_firmwareqcn6224ipq8071aqcn6112qca6698aqqxm8083wcn3950_firmwarewcn3680bsa8145p_firmwaresa8150p_firmwarevideo_collaboration_vc3_platform_firmwareqcn6023_firmwareqcn5164_firmwareipq8078qcn5152_firmwareipq9554_firmwarewsa8830_firmwareqcn9072qcn6224_firmwareqca8386_firmwareqca8082_firmwareimmersive_home_216sxr2130_firmwareqcn6432_firmwarear8035_firmwareqcn5022_firmwareqca4024_firmwareqca0000_firmwarefsm20056ipq9008ipq9554ipq9008_firmwareqcn9074ipq5300_firmwarewsa8815_firmwaresnapdragon_865_5gsa8195p_firmwareqca8337_firmwareqcn5054_firmwareqca9888ipq5332qca9377_firmwareipq8173ipq8072a_firmwareipq6010_firmwarewcn3950qcn6112_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareipq5028qca8085_firmwareqcn9070_firmwareqcf8001_firmwaresa8295p_firmwareqcn9022_firmwareipq5010_firmwareqcn6132ipq6018qcn9160_firmwareqcn6102qcn6274_firmwareqca6584aufsm10056sw5100_firmwarefsm20056_firmwareqfw7114_firmwarefastconnect_6800qca4024fastconnect_7800_firmwareqcn6422immersive_home_214_firmwareqxm8083_firmwareipq5302_firmwareipq5300ipq8070afastconnect_6900_firmwarewcd9380sa6145p_firmwaresnapdragon_xr2_5gsa8150pimmersive_home_3210qca8075_firmwaresnapdragon_888_5g_firmwareqcf8000qcn5052_firmwareipq6010sdx65m_firmwarevideo_collaboration_vc3_platformsw5100c-v2x_9150_firmwareqam8295p_firmwareqcn6402_firmwaresnapdragon_8_gen_1_firmwareqca6698aq_firmwarewcd9385qca9367_firmwareqca8084_firmwaresnapdragon_8_gen_1qcn5024sdx55_firmwareimmersive_home_326snapdragon_x55_5gipq8071a_firmwaresxr2130ipq6028snapdragon_870_5gqcn9100qca6174a_firmwaresdm429wipq8076_firmwarewcn3980_firmwareqcn6274qca6436qfw7124snapdragon_w5\+_gen_1_wearablewsa8835qca6584au_firmwareqca6391_firmwareqca0000sw5100p_firmwareqca6696_firmwarewcd9380_firmwareqca8081wsa8815qcn5124qca9377qcn5152qcn6412sdx55qcn9072_firmwareqca9888_firmwareipq8074aimmersive_home_3210_firmwareqca9889qcn5024_firmwareqca8386qca6391snapdragon_x75_5g_firmwareimmersive_home_318ipq5010qcn9274_firmwareqcn9012_firmwareipq8173_firmwaresa8295pipq6000_firmwarefastconnect_7800sd865_5g_firmwarepmp8074_firmwareipq8078_firmwareqca9889_firmwarewcn3988_firmwareimmersive_home_316_firmwareqcn5154sa8145pwsa8835_firmwarecsr8811qcn5022wcn3980wcn3680b_firmwareqcf8000sfpqcs610Snapdragon
CWE ID-CWE-416
Use After Free
CVE-2022-34707
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.61% / 69.56%
||
7 Day CHG~0.00%
Published-09 Aug, 2022 | 19:54
Updated-24 Jul, 2025 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_8.1windows_rt_8.1windows_server_2019windows_server_2022windows_server_2012windows_7windows_10windows_server_2016windows_server_2008windows_11Windows Server 2019 (Server Core installation)Windows Server 2022Windows 10 Version 21H2Windows Server 2019Windows 11 version 21H2Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1Windows Server 2016Windows Server 2016 (Server Core installation)Windows 10 Version 21H1Windows Server 2008 Service Pack 2Windows Server 2012 R2Windows Server 2012Windows Server version 20H2Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 (Server Core installation)Windows 7Windows Server 2008 Service Pack 2Windows 7 Service Pack 1Windows 10 Version 1809Windows Server 2012 R2 (Server Core installation)Windows 10 Version 1507Windows 10 Version 20H2Windows 10 Version 1607Windows 8.1
CWE ID-CWE-416
Use After Free
CVE-2024-43066
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.91%
||
7 Day CHG~0.00%
Published-07 Apr, 2025 | 10:15
Updated-06 Oct, 2025 | 20:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in HLOS

Memory corruption while handling file descriptor during listener registration/de-registration.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6426sa4155p_firmwareqca6698aq_firmwaresa8295p_firmwaresnapdragon_680_4g_mobile_platform_firmwaresnapdragon_xr2_5g_platform_firmwaresnapdragon_845_mobile_platform_firmwareqca6595au_firmwarewcn3620snapdragon_460_mobile_platformsd660_firmwarefastconnect_6200_firmwaresm4125_firmwaresnapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)qca6698aqwsa8830_firmwaresa6145p_firmwaresnapdragon_695_5g_mobile_platformsa8145p_firmwaresa4155psnapdragon_auto_5g_modem-rfsa6155_firmwareqam8295psnapdragon_x55_5g_modem-rf_systemsnapdragon_4_gen_1_mobile_platformwcd9335qcs8550_firmwaresnapdragon_870_5g_mobile_platform_\(sm8250-ac\)_firmwarefastconnect_6200qca6574aqam8295p_firmwarequalcomm_205_mobile_platform_firmwaresa8145pwcn3620_firmwaresw5100p_firmwarewsa8815_firmwaresnapdragon_820_automotive_platformsa8155_firmwaresdm429w_firmwareqca6595snapdragon_480\+_5g_mobile_platform_\(sm4350-ac\)_firmwareqca6564au_firmwarequalcomm_205_mobile_platformsnapdragon_429_mobile_platform_firmwaresnapdragon_865_5g_mobile_platformwsa8835snapdragon_660_mobile_platformmdm9650_firmwaresnapdragon_210_processor_firmwaresnapdragon_685_4g_mobile_platform_\(sm6225-ad\)wcn3988snapdragon_212_mobile_platformsnapdragon_auto_5g_modem-rf_firmwaresa8155vision_intelligence_400_platform_firmwarewcd9375sa6150p_firmwarefastconnect_7800_firmwarerobotics_rb3_platform_firmwaresnapdragon_660_mobile_platform_firmwaresw5100sm6370wcd9385_firmwarefastconnect_6700_firmwaresnapdragon_w5\+_gen_1_wearable_platform_firmwaresnapdragon_w5\+_gen_1_wearable_platformsxr2130sa8195p_firmwareqca6574ausxr2130_firmwarevision_intelligence_400_platformsnapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)_firmwaresa6150pwcn3610wcn3660bqca6564_firmwaresa4150p_firmwaresnapdragon_480_5g_mobile_platformsa8150p_firmwaresm6370_firmwareqcs410sa8155p_firmwaresnapdragon_845_mobile_platformqca6564qca6310_firmwarefastconnect_7800snapdragon_865_5g_mobile_platform_firmwaresnapdragon_x55_5g_modem-rf_system_firmwarewcn3660b_firmwarewcn3680bsnapdragon_212_mobile_platform_firmwaresw5100pvideo_collaboration_vc1_platform_firmwaresa6155p_firmwaresnapdragon_4_gen_1_mobile_platform_firmwareqca6310qca6574sxr1120snapdragon_480\+_5g_mobile_platform_\(sm4350-ac\)qca6436qcs610_firmwaresd660snapdragon_685_4g_mobile_platform_\(sm6225-ad\)_firmwareqca6574au_firmwareqca6574_firmwareqcs610wcn3990fastconnect_6800video_collaboration_vc1_platformfastconnect_6900qca6426_firmwaresnapdragon_auto_4g_modemwcd9335_firmwaresa8295pqca6696qcs410_firmwarewcd9341_firmwareqca6595_firmwarewcd9326_firmwaresnapdragon_460_mobile_platform_firmwareqcm6490mdm9650snapdragon_xr1_platform_firmwareqcs6490wcd9370sd865_5g_firmwarewsa8810_firmwaresa6155fastconnect_6800_firmwarewcn3910sa8195psnapdragon_429_mobile_platformfastconnect_6700sxr1120_firmwaresa8155psnapdragon_auto_4g_modem_firmwaresnapdragon_210_processorsnapdragon_870_5g_mobile_platform_\(sm8250-ac\)sg4150psnapdragon_820_automotive_platform_firmwaresdm429wqca6595auwcn3950wcn3990_firmwarewsa8835_firmwaresa6145pwsa8830sa6155pwcn3950_firmwarewcd9380wcn3980_firmwareqcm6490_firmwaresa4150pqca6335wcn3980qca6391wsa8815wcd9370_firmwareqcs6490_firmwareqca6564auwcd9341qcs8550sd865_5gsa8150psnapdragon_662_mobile_platform_firmwareqca6391_firmwareqca6335_firmwarewcd9340_firmwarewcd9340snapdragon_xr2_5g_platformwcn3610_firmwaresnapdragon_480_5g_mobile_platform_firmwarewcn3988_firmwarerobotics_rb3_platformwsa8810snapdragon_662_mobile_platformcsrb31024_firmwarecsrb31024wcd9375_firmwaresg4150p_firmwarewcn3680b_firmwaresnapdragon_695_5g_mobile_platform_firmwarewcd9385video_collaboration_vc3_platformfastconnect_6900_firmwaresm4125wcn3910_firmwareqca6436_firmwareqca6574a_firmwareqca6696_firmwarevideo_collaboration_vc3_platform_firmwaresnapdragon_xr1_platformsw5100_firmwarewcd9326wcd9380_firmwaresnapdragon_680_4g_mobile_platformSnapdragon
CWE ID-CWE-416
Use After Free
CVE-2021-41220
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 5.54%
||
7 Day CHG~0.00%
Published-05 Nov, 2021 | 22:20
Updated-04 Aug, 2024 | 03:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use after free in `CollectiveReduceV2`

TensorFlow is an open source platform for machine learning. In affected versions the async implementation of `CollectiveReduceV2` suffers from a memory leak and a use after free. This occurs due to the asynchronous computation and the fact that objects that have been `std::move()`d from are still accessed. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, as this version is the only one that is also affected.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-416
Use After Free
CVE-2022-34705
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.85% / 74.73%
||
7 Day CHG~0.00%
Published-09 Aug, 2022 | 19:53
Updated-04 Jun, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Defender Credential Guard Elevation of Privilege Vulnerability

Windows Defender Credential Guard Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2019windows_server_2022windows_10windows_server_2016windows_11Windows 10 Version 1809Windows 10 Version 21H1Windows Server 2022Windows Server 2019 (Server Core installation)Windows 10 Version 21H2Windows 10 Version 20H2Windows Server version 20H2Windows Server 2019Windows 11 version 21H2
CWE ID-CWE-416
Use After Free
CVE-2024-41160
Matching Score-4
Assigner-OpenHarmony
ShareView Details
Matching Score-4
Assigner-OpenHarmony
CVSS Score-8.8||HIGH
EPSS-0.06% / 19.94%
||
7 Day CHG~0.00%
Published-02 Sep, 2024 | 03:25
Updated-09 Sep, 2024 | 12:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Liteos-A has an use after free vulnerability

in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through use after free.

Action-Not Available
Vendor-OpenAtom FoundationOpenHarmony (OpenAtom Foundation)
Product-openharmonyOpenHarmonyopenharmony
CWE ID-CWE-416
Use After Free
CVE-2024-41157
Matching Score-4
Assigner-OpenHarmony
ShareView Details
Matching Score-4
Assigner-OpenHarmony
CVSS Score-8.8||HIGH
EPSS-0.09% / 26.21%
||
7 Day CHG~0.00%
Published-02 Sep, 2024 | 03:25
Updated-04 Sep, 2024 | 16:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Liteos-A has an use after free vulnerability

in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through use after free.

Action-Not Available
Vendor-OpenAtom FoundationOpenHarmony (OpenAtom Foundation)
Product-openharmonyOpenHarmonyopenharmony
CWE ID-CWE-416
Use After Free
CVE-2022-33225
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 12.97%
||
7 Day CHG~0.00%
Published-09 Feb, 2023 | 06:58
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use after free in Trusted Application Environment

Memory corruption due to use after free in trusted application environment.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6564au_firmwarewcd9380_firmwaresdm429wmsm8996au_firmwaresd429sdxr2_5gsd865_5gwcn6851_firmwareqca6564ausdx55m_firmwaremdm9628_firmwareqca6574ausd205sd429_firmwaremsm8996ausd205_firmwareqca6564a_firmwaresdm429w_firmwarewcd9340wsa8810_firmwarequalcomm215_firmwarewcd9380wsa8810sd870qca6390_firmwareqca6436qualcomm215wcn6851sd210_firmwareqca6574aqca6426apq8096ausd870_firmwareqca6391_firmwaresdxr2_5g_firmwareqca6390mdm9628wcd9340_firmwarewcn3660bwsa8815wcn6850apq8096au_firmwaresd210sd865_5g_firmwarewcn3620_firmwareqca6426_firmwarewcn3660b_firmwarewcn6850_firmwareqca6574a_firmwarewcn3620qca6574au_firmwarewsa8815_firmwarewcn3610_firmwareqca6564aqca6391sdx55mqca6436_firmwarewcn3610Snapdragonqca6564au_firmwarewcd9380_firmwaremsm8996au_firmwaresd870_firmwareqca6391_firmwaresdxr2_5g_firmwarewcn6851_firmwaresdx55m_firmwaremdm9628_firmwarewcd9340_firmwareapq8096au_firmwaresd429_firmwaresd205_firmwaresdm429w_firmwareqca6564a_firmwaresd865_5g_firmwarewcn3620_firmwareqca6426_firmwarewsa8810_firmwarequalcomm215_firmwarewcn3660b_firmwarewcn6850_firmwareqca6574a_firmwarewsa8815_firmwareqca6574au_firmwareqca6390_firmwarewcn3610_firmwaresd210_firmwareqca6436_firmware
CWE ID-CWE-416
Use After Free
CVE-2022-33263
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 10.54%
||
7 Day CHG~0.00%
Published-06 Jun, 2023 | 07:38
Updated-07 Jan, 2025 | 19:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use after free in Core

Memory corruption due to use after free in Core when multiple DCI clients register and deregister.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwareqam8255p_firmwarewcn3991wsa8830wcd9380_firmwaresw5100psnapdragon_w5\+_gen_1_wearable_platformwcn785x-5sm8350-ac_firmwaresm8150-acwsa8835wcn3950_firmwaresd_8_gen1_5gwcd9380sm4450_firmwareqca6420_firmwareqca6595au_firmwaresnapdragon_wear_4100\+_platform_firmwaresm8350wcd9370snapdragon_wear_4100\+_platformwcn685x-5_firmwarewcn685x-1sm8450wcn6750qca6430_firmwarewcn3998wcn3980wcd9385_firmwarewcn3950sd_8_gen1_5g_firmwarewcn3660bsd855wsa8815sm4450wcn3660b_firmwareqca6574au_firmwarewcn3680b_firmwareqca6595auwcn3998_firmwarewcn785x-5_firmwarewcn3980_firmwarewcn3610_firmwareqca6420snapdragon_w5\+_gen_1_wearable_platform_firmwaresm8475_firmwareaqt1000_firmwarewcn6740_firmwaresa6155p_firmwareqcs8155wsa8832_firmwareqca6698aqsm8350_firmwarewcn685x-5wcn3988_firmwareqca6430qca6797aq_firmwarewcn785x-1_firmwareqca6574ausa8155p_firmwaresa8195pwsa8810_firmwarewcd9341_firmwaresm8450_firmwaresw5100wsa8810wsa8832sa8255p_firmwaresa6155psw5100p_firmwaresm8150-ac_firmwareqca6698aq_firmwarewcn3680bsm8350-acwcn685x-1_firmwarewcd9385sm8150_firmwaresa8255pwcd9341wcn6740qca6797aqwcd9370_firmwareaqt1000sa8155pwsa8830_firmwaresd855_firmwaresm8150wcn785x-1wcn3988wsa8815_firmwarewsa8835_firmwaresa8195p_firmwareqcs8155_firmwaresw5100_firmwaresm8475wcn6750_firmwareqam8255pwcn3610Snapdragon
CWE ID-CWE-416
Use After Free
CVE-2021-37652
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.66%
||
7 Day CHG~0.00%
Published-12 Aug, 2021 | 21:15
Updated-04 Aug, 2024 | 01:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use after free in boosted trees creation in TensorFlow

TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation for `tf.raw_ops.BoostedTreesCreateEnsemble` can result in a use after free error if an attacker supplies specially crafted arguments. The [implementation](https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensorflow/core/kernels/boosted_trees/resource_ops.cc#L55) uses a reference counted resource and decrements the refcount if the initialization fails, as it should. However, when the code was written, the resource was represented as a naked pointer but later refactoring has changed it to be a smart pointer. Thus, when the pointer leaves the scope, a subsequent `free`-ing of the resource occurs, but this fails to take into account that the refcount has already reached 0, thus the resource has been already freed. During this double-free process, members of the resource object are accessed for cleanup but they are invalid as the entire resource has been freed. We have patched the issue in GitHub commit 5ecec9c6fbdbc6be03295685190a45e7eee726ab. The fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-416
Use After Free
CWE ID-CWE-415
Double Free
CVE-2024-38421
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.15% / 35.91%
||
7 Day CHG~0.00%
Published-04 Nov, 2024 | 10:04
Updated-07 Nov, 2024 | 19:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Graphics Linux

Memory corruption while processing GPU commands.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qam8255p_firmwarewsa8830qam8650pqam8775pqamsrv1mwsa8840wcn3950_firmwaresrv1l_firmwarewcn6755_firmwareqca6595au_firmwaresnapdragon_480_5g_mobile_platformvideo_collaboration_vc3_platformwcd9370qcs6125_firmwaresnapdragon_480\+_5g_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwareqamsrv1hwcd9385_firmwareqam8295pwcn7881_firmwarewcn3950fastconnect_6200qamsrv1h_firmwareqca6688aqqam8295p_firmwaresa9000p_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca6574au_firmwaresa7255pwsa8845h_firmwarewcd9375_firmwaresnapdragon_8_gen_3_mobile_platformqca6595auwcn7860snapdragon_w5\+_gen_1_wearable_platform_firmwaresa8620p_firmwaresa6155p_firmwarewcn7881qca6678aq_firmwaresa8775p_firmwareqcs6490wsa8840_firmwareqca6698aqsm4635qcs6125video_collaboration_vc5_platformsm8635wcn3988_firmwarewcn7880_firmwaresrv1hsa7775p_firmwaresa8195pwsa8810_firmwaresw5100wsa8845hwcn6755wcd9395_firmwaresa8255p_firmwaresm8750p_firmwaresm8750_firmwaresa6155pqcs7230qca6698aq_firmwaresa7775pqam8620pwcd9385sa8770p_firmwaresa8255pqam8775p_firmwareqca6696_firmwareqcs6490_firmwareqca6797aqwcd9375wcd9390wsa8830_firmwarewsa8815_firmwarewcn3988wsa8835_firmwaresa8195p_firmwarevideo_collaboration_vc5_platform_firmwaresa8295p_firmwarewcn7880sa8770pqcm6125_firmwareqca6688aq_firmwaresm4635_firmwaresw5100pwcd9378_firmwaresnapdragon_w5\+_gen_1_wearable_platformqca6595qcs7230_firmwarewsa8835qca6574snapdragon_4_gen_1_mobile_platform_firmwaresm8635_firmwareqca6574avideo_collaboration_vc3_platform_firmwarewcn3980wsa8845sa8650psa9000pqca6574_firmwarewsa8815wsa8845_firmwaresnapdragon_4_gen_1_mobile_platformqcs8250sm8750psa8775pqca6574a_firmwarefastconnect_6200_firmwarewcn3980_firmwareqca6391sa8295pfastconnect_7800qca6678aqwcn7861_firmwarewsa8832_firmwaresa8650p_firmwaresrv1h_firmwarevideo_collaboration_vc1_platform_firmwareqca6797aq_firmwareqca6574ausa8155p_firmwaresrv1lsa7255p_firmwareqcs8250_firmwareqcm6125wsa8810sa8620pwsa8832fastconnect_7800_firmwaresw5100p_firmwaresrv1m_firmwareqamsrv1m_firmwaresm8750qam8650p_firmwarewcn7860_firmwareqca6595_firmwarewcn7861wcd9395qca6696qca6391_firmwarewcd9370_firmwarewcd9390_firmwaresnapdragon_8_gen_3_mobile_platform_firmwaresa8155psnapdragon_695_5g_mobile_platformvideo_collaboration_vc1_platformsrv1msw5100_firmwareqam8620p_firmwarewcd9378qam8255psnapdragon_480\+_5g_mobile_platformSnapdragonqam8255p_firmwarequalcomm_video_collaboration_vc1_platform_firmwaresm4635_firmwarewcd9378_firmwareqcs7230_firmwarewcn3950_firmwaresrv1l_firmwarewcn6755_firmwareqca6595au_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresm8635_firmwareqcs6125_firmwaresnapdragon_480_5g_mobile_platform_firmwarequalcomm_video_collaboration_vc3_platform_firmwarewcd9385_firmwarewcn7881_firmwareqamsrv1h_firmwareqca6574_firmwarewsa8845_firmwareqam8295p_firmwaresa9000p_firmwareqca6574a_firmwarefastconnect_6200_firmwareqca6574au_firmwaresnapdragon_695_5g_mobile_platform_firmwarewcd9375_firmwarewsa8845h_firmwarewcn3980_firmwaresa8620p_firmwaresa6155p_firmwareqca6678aq_firmwaresa8775p_firmwarewcn7861_firmwaresa8650p_firmwarewsa8832_firmwarewsa8840_firmwaresrv1h_firmwareqca6797aq_firmwarewcn3988_firmwarewcn7880_firmwaresa8155p_firmwaresa7775p_firmwaresa7255p_firmwarewsa8810_firmwareqcs8250_firmwarefastconnect_7800_firmwarewcd9395_firmwaresa8255p_firmwaresm8750_firmwaresm8750p_firmwaresw5100p_firmwareqca6698aq_firmwareqamsrv1m_firmwaresrv1m_firmwareqam8650p_firmwaresa8770p_firmwareqam8775p_firmwareqca6696_firmwareqca6595_firmwareqcs6490_firmwarewcn7860_firmwareqca6391_firmwarewcd9370_firmwarequalcomm_video_collaboration_vc5_platform_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwarewsa8830_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresw5100_firmwareqam8620p_firmwaresa8295p_firmwareqca6688aq_firmwareqcm6125_firmware
CWE ID-CWE-416
Use After Free
CVE-2024-38249
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.63% / 69.92%
||
7 Day CHG~0.00%
Published-10 Sep, 2024 | 16:53
Updated-31 Dec, 2024 | 23:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Graphics Component Elevation of Privilege Vulnerability

Windows Graphics Component Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2022_23h2windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_11_24h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607windows_11_23h2Windows Server 2022Windows 10 Version 1607Windows 11 version 22H3Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server 2012 (Server Core installation)Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows 11 Version 23H2Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2Windows 11 Version 24H2
CWE ID-CWE-416
Use After Free
CVE-2024-38411
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.6||MEDIUM
EPSS-0.03% / 9.88%
||
7 Day CHG~0.00%
Published-03 Feb, 2025 | 16:51
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Computer Vision

Memory corruption while registering a buffer from user-space to kernel-space using IOCTL calls.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm8550_firmwarewsa8845_firmwarewsa8840wsa8845hwcd9380_firmwareqcs8550_firmwaresnapdragon_8_gen_2_mobile_firmwaresm8550pwcd9385wcd9395_firmwarewcd9390_firmwaresnapdragon_8_gen_2_mobilesnapdragon_8_gen_3_mobile_firmwarefastconnect_7800_firmwarefastconnect_6900sg8275pwcd9395wcd9385_firmwarefastconnect_6900_firmwareqcs8550sg8275p_firmwaresnapdragon_8\+_gen_2_mobilewcd9380fastconnect_7800snapdragon_8\+_gen_2_mobile_firmwarewcd9390wsa8845wsa8845h_firmwaresm8550p_firmwarevideo_collaboration_vc3_platform_firmwareqcm8550qcs6490_firmwareqcs6490snapdragon_8_gen_3_mobilewsa8840_firmwarevideo_collaboration_vc3_platformSnapdragon
CWE ID-CWE-416
Use After Free
CVE-2024-38402
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.21% / 42.53%
||
7 Day CHG-0.46%
Published-02 Sep, 2024 | 10:22
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in DSP Services

Memory corruption while processing IOCTL call for getting group info.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1010_firmwareqcm8550_firmwareqcs410_firmwaresa6150p_firmwaresw5100pqca6595qcs610_firmwarewcd9335wcd9370qca8081_firmwareqca6696qam8620p_firmwarewcd9340_firmwarewcd9341_firmwarewcd9395_firmwareqcn6024qcc710_firmwaresnapdragon_8\+_gen_1_mobilewcn6740_firmwarefastconnect_6700snapdragon_780g_5g_mobilesnapdragon_685_4g_mobilesa4150psnapdragon_782g_mobile_firmwarewsa8832_firmwareqca8337qdu1110wcd9395qca6574au_firmwaresnapdragon_x72_5g_modem-rfsm6370qam8295psnapdragon_x12_lte_firmwarewcd9341qca6574auwcd9390snapdragon_888\+_5g_mobile_firmwaresa8620p_firmwarewsa8810_firmwarewsa8845h_firmwarecsra6640snapdragon_778g_5g_mobile_firmwaresa9000p_firmwaresrv1hqcs5430qcn6024_firmwareqcm5430qcm5430_firmwarevideo_collaboration_vc1_platform_firmwaresa4155psa8770pqcm6125_firmwaressg2115pqcc710qsm8350_firmwarefastconnect_6900snapdragon_w5\+_gen_1_wearable_firmwarevideo_collaboration_vc1_platformqru1032_firmwareqep8111sa7255psm8635qfw7114wcd9385_firmwareqam8255p_firmwaresdx61snapdragon_x65_5g_modem-rfqcs4490snapdragon_680_4g_mobilewsa8845sa6155pqcm6125qca6564au_firmwarewsa8810qam8650pvideo_collaboration_vc5_platform_firmwaresa9000pqdu1000_firmwaresrv1h_firmwaresnapdragon_888_5g_mobile_firmwareqca6595ausnapdragon_888_5g_mobilesxr2250p_firmwaresm7315_firmwareqdu1010snapdragon_662_mobile_firmwaresa6155p_firmwaresnapdragon_685_4g_mobile_firmwarewsa8840srv1m_firmwareqcs8550_firmwaresnapdragon_782g_mobilesnapdragon_x35_5g_modem-rf_firmwareqdu1210_firmwaresnapdragon_8_gen_2_mobile_firmwareqfw7124_firmwaresnapdragon_4_gen_2_mobile_firmwareqcn9012snapdragon_695_5g_mobile_firmwareqcs4490_firmwaresnapdragon_7c\+_gen_3_compute_firmwaresnapdragon_x62_5g_modem-rf_firmwaresnapdragon_460_mobilesnapdragon_8_gen_2_mobilewcd9370_firmwareqdu1110_firmwareqdu1000sa7255p_firmwareqca6574asnapdragon_x72_5g_modem-rf_firmwaresnapdragon_8\+_gen_2_mobileqca6174asa8195pwcd9340qcs8250_firmwareqdu1210talynplussnapdragon_auto_5g_modem-rf_gen_2qcm6490sm8550p_firmwaresxr2250pqcm8550wcn3988sm6370_firmwaresnapdragon_662_mobileqcn9024sa8775pqca6574sxr2230p_firmwareqcn9011sa8775p_firmwareqamsrv1hsmart_audio_400qcn9024_firmwarewsa8845hsa6150pqcs410sa8155p_firmwareqca6564asa8155pwsa8830sm8550psa6145psa8255p_firmwarear8035qamsrv1m_firmwaresnapdragon_4_gen_2_mobileqrb5165m_firmwaresa8650p_firmwareqcm4325srv1l_firmwareqcn6224qca6698aqwcn3950_firmwaresa7775p_firmwaressg2125p_firmwareqrb5165nsnapdragon_480\+_5g_mobilefastconnect_6200sm7325p_firmwaresa8145p_firmwaresnapdragon_480_5g_mobile_firmwareqdx1011sa8150p_firmwarefastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwaresnapdragon_x75_5g_modem-rf_firmwaresnapdragon_8_gen_3_mobileqcs6490qcs8250snapdragon_695_5g_mobilesnapdragon_778g_5g_mobilefastconnect_6200_firmwarewsa8830_firmwaresnapdragon_460_mobile_firmwareqcn6224_firmwareqca6678aq_firmwarewsa8845_firmwarewsa8832sdx61_firmwaresnapdragon_480_5g_mobilesrv1lsrv1mqca6678aqsnapdragon_x35_5g_modem-rfar8035_firmwaresnapdragon_778g\+_5g_mobileqrb5165msa4150p_firmwaresd888_firmwaresnapdragon_x62_5g_modem-rfqca6564auqcs6125_firmwarewsa8815_firmwaresa8195p_firmwareqca8337_firmwaresnapdragon_x12_ltesg8275p_firmwareqca9377_firmwareqcm6490_firmwareqcm4490_firmwareqru1032wcn3950qcs6125flight_rb5_5gqca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_7c\+_gen_3_computetalynplus_firmwaresnapdragon_778g\+_5g_mobile_firmwaresa8295p_firmwaresmart_audio_400_firmwaresa4155p_firmwareqca6584ausd888qcn6274_firmwarewcn6755_firmwareqcn9011_firmwareqru1062_firmwaresw5100_firmwarewcn6740snapdragon_780g_5g_mobile_firmwareqru1062snapdragon_8_gen_3_mobile_firmwareqfw7114_firmwareqcs7230qca6595_firmwarefastconnect_7800_firmwaresm8635_firmwarefastconnect_6900_firmwarerobotics_rb5_firmwarewcd9380sa6145p_firmwareqam8255psxr2230psa8150pwcn6755snapdragon_auto_5g_modem-rf_firmwaresxr1230psw5100video_collaboration_vc3_platformsnapdragon_4_gen_1_mobile_firmwareqca6688aqqam8295p_firmwaresm7315qca6698aq_firmwareqca6564a_firmwarewcd9385snapdragon_888\+_5g_mobileqsm8350snapdragon_8_gen_1_mobilesnapdragon_680_4g_mobile_firmwaresa8255pqcs7230_firmwaresxr1230p_firmwarewcd9390_firmwareqep8111_firmwaresg8275pqdx1011_firmwaresnapdragon_auto_5g_modem-rfflight_rb5_5g_firmwaressg2125pqru1052qcm4490snapdragon_x65_5g_modem-rf_firmwarecsra6640_firmwaresnapdragon_480\+_5g_mobile_firmwareqamsrv1mrobotics_rb5qca6174a_firmwaresm7325pqam8650p_firmwarevideo_collaboration_vc5_platformqcs6490_firmwarewcd9335_firmwareqam8620pqrb5165n_firmwarewcn3980_firmwareqca6584au_firmwareqcn6274wsa8835wsa8840_firmwareqca6391_firmwareqfw7124qca6595au_firmwareqcs610qdu1010_firmwaresw5100p_firmwareqca6696_firmwarewcd9380_firmwareqca6574_firmwarecsra6620qca8081wsa8815mdm9628sg4150psd_8_gen1_5gqam8775pqca9377snapdragon_ar2_gen_1_firmwareqca6797aqmdm9628_firmwaresnapdragon_x75_5g_modem-rfqcm4325_firmwaresa8620pqca6574a_firmwaresnapdragon_4_gen_1_mobilesd_8_gen1_5g_firmwarewcd9375_firmwaresa7775pqca6391qcn9012_firmwareqcs5430_firmwaresg4150p_firmwareqru1052_firmwaresa8770p_firmwarecsra6620_firmwaresa8295pqcs8550fastconnect_7800sa8650pqam8775p_firmwaresnapdragon_8\+_gen_2_mobile_firmwarewcd9375qca6688aq_firmwaresnapdragon_ar2_gen_1wcn3988_firmwareqamsrv1h_firmwaresa8145psnapdragon_8\+_gen_1_mobile_firmwarewsa8835_firmwaressg2115p_firmwarewcn3980qdx1010snapdragon_w5\+_gen_1_wearablesnapdragon_8_gen_1_mobile_firmwareSnapdragonqam8255p_firmwareqca9377_firmwaretalynplus_firmwaresnapdragon_662_mobile_platform_firmwaresa6150p_firmwaresa8145p_firmwaresxr2230p_firmwaresg8275p_firmwaremdm9628_firmwareflight_rb5_5g_platform_firmwareqcn6224_firmwarewcn3950_firmwaresrv1l_firmwaresnapdragon_888_5g_mobile_platform_firmwaresa8150p_firmwarewcn6755_firmwareqca6595au_firmwarecsra6620_firmwarecsra6640_firmwareqcm5430_firmwareqcs6125_firmwaresnapdragon_460_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwareqca6584au_firmwareqep8111_firmwareqrb5165n_firmwarequalcomm_video_collaboration_vc3_platform_firmwarewcd9385_firmwareqcn6024_firmwareqamsrv1h_firmwaresd_8_gen1_5g_firmwareqsm8350_firmwareqam8295p_firmwareqcn9011_firmwaresa9000p_firmwaresm7315_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca6574au_firmwarewcd9375_firmwareqca8081_firmwarewsa8845h_firmwaresnapdragon_680_4g_mobile_platform_firmwareqca6564au_firmwaresa8620p_firmwaresa6155p_firmwaresnapdragon_auto_5g_modem-rf_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareqca6678aq_firmwaresmart_audio_400_platform_firmwaresa8775p_firmwareqrb5165m_firmwarewsa8840_firmwaresa4155p_firmwareqcs8550_firmwarewcn3988_firmwareqru1062_firmwaresa6145p_firmwaresa7775p_firmwarefastconnect_6700_firmwarewsa8810_firmwaresnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwarewcd9395_firmwareqdu1000_firmwareqca6698aq_firmwareqca6174a_firmwaresa8770p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqam8775p_firmwareqca6696_firmwareqcs6490_firmwaresnapdragon_x12_lte_modem_firmwareqru1052_firmwareqcc710_firmwarewsa8830_firmwarewsa8815_firmwarewsa8835_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresa8195p_firmwaresa8295p_firmwaresxr2250p_firmwaresg4150p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqca6688aq_firmwareqcm6125_firmwarequalcomm_video_collaboration_vc1_platform_firmwarerobotics_rb5_platform_firmwareqca8337_firmwarewcd9380_firmwaresnapdragon_778g_5g_mobile_platform_firmwareqcs7230_firmwareqdu1010_firmwaresxr1230p_firmwareqdu1110_firmwaresnapdragon_x72_5g_modem-rf_system_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaressg2125p_firmwaresm8635_firmwareqcn9012_firmwaresm6370_firmwareqfw7114_firmwarewcd9335_firmwareqcm4325_firmwareqca6574_firmwarewcd9340_firmwaresm7325p_firmwareqru1032_firmwarewsa8845_firmwareqca6574a_firmwarefastconnect_6200_firmwaresnapdragon_x62_5g_modem-rf_system_firmwarewcn3980_firmwarewcn6740_firmwareqcm4490_firmwaresnapdragon_x35_5g_modem-rf_system_firmwareqcn6274_firmwareqcs4490_firmwareqcm6490_firmwaresa8650p_firmwarewsa8832_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwaresrv1h_firmwareqca6797aq_firmwaresa8155p_firmwareqdx1011_firmwareqca6564a_firmwareqcn9024_firmwaresa7255p_firmwareqcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwareqdx1010_firmwaresw5100p_firmwareqcs610_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqamsrv1m_firmwaresrv1m_firmwareqam8650p_firmwareqca6595_firmwareqcs5430_firmwareqca6391_firmwaresa4150p_firmwarewcd9370_firmwaresm8550p_firmwarequalcomm_video_collaboration_vc5_platform_firmwaresd888_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwaresdx61_firmwaressg2115p_firmwaresw5100_firmwareqam8620p_firmwareqcs410_firmwareqfw7124_firmwareqdu1210_firmwarear8035_firmware
CWE ID-CWE-416
Use After Free
CVE-2022-33245
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 10.85%
||
7 Day CHG~0.00%
Published-07 Mar, 2023 | 04:43
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use after free in WLAN

Memory corruption in WLAN due to use after free

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sa6150p_firmwaresa8145p_firmwareqcs610csrb31024wcd9360_firmwaremdm9650csra6620wcn3950_firmwaresa8150p_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwaresa6155sd690_5gwcd9370csra6620_firmwarecsra6640_firmwareqca6564wcn3990_firmwaresa415mwcn3998qcn7605wcd9385_firmwarewcn3950wcn3660bsa8155qca6320_firmwareqca6574au_firmwaresdx55_firmwareqca6595ausa6155_firmwarewcd9375_firmwarewcn3998_firmwaresm7250p_firmwareqca6420wcd9360qca6564au_firmwaresa6155p_firmwareqca6310sa515m_firmwaresd429sa8155_firmwaresa415m_firmwareqcs405qca6430wcn3988_firmwareqcn9074sa6145p_firmwaresd429_firmwarewcd9340sa8195pwsa8810_firmwaresd765gsd765_firmwarewcn6851wcd9335sa6155pwcd9385wcd9341qca6696_firmwaresd750gwcd9375sd750g_firmwareapq8064auaqt1000sa8150pwsa8830_firmwaresd855_firmwarewcn3620_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewcn3620wsa8835_firmwaresa8195p_firmwareqcn7606_firmwareqca6564awcn3991wcd9380_firmwarewcn3990sdm429wmsm8996au_firmwareqca6564auwsa8835qca6574msm8996ausdm429w_firmwarewcd9380qcs410qca6574asd690_5g_firmwareqca6310_firmwareqca6430_firmwarewcd9335_firmwarewcn3980sa515mqca6574_firmwarewcd9340_firmwaresd855wsa8815wcn6850qca6320mdm9650_firmwareqca6175asd765wcn3660b_firmwareqca6574a_firmwaresd768g_firmwaresd835wcn3980_firmwareaqt1000_firmwareapq8064au_firmwarear8031_firmwarecsrb31024_firmwarewcn6851_firmwareqca6574ausa8155p_firmwareqca6564a_firmwarewcd9341_firmwarewsa8810qcn7605_firmwareqcs610_firmwaresa6145psd835_firmwareqca6564_firmwaresd768gapq8096auar8031qcs405_firmwaresa8145pqca6696wcd9370_firmwaresa6150psdx55apq8096au_firmwarecsra6640sa8155psm7250pqcn9074_firmwareqcs410_firmwareqca6175a_firmwareqcn7606Snapdragonwcn3991_firmwarewcd9380_firmwaresa6150p_firmwaresa8145p_firmwaremsm8996au_firmwarewcd9360_firmwaresdm429w_firmwarewcn3950_firmwaresa8150p_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwarecsra6620_firmwaresd690_5g_firmwarecsra6640_firmwarewcn3990_firmwareqca6310_firmwareqca6430_firmwarewcd9335_firmwarewcd9385_firmwareqca6574_firmwarewcd9340_firmwaremdm9650_firmwarewcn3660b_firmwareqca6320_firmwareqca6574a_firmwareqca6574au_firmwaresd768g_firmwaresdx55_firmwarewcd9375_firmwaresa6155_firmwarewcn3980_firmwarewcn3998_firmwaresm7250p_firmwareaqt1000_firmwareqca6564au_firmwaresa6155p_firmwaresa515m_firmwarear8031_firmwareapq8064au_firmwarecsrb31024_firmwarewcn6851_firmwaresa8155_firmwaresa415m_firmwarewcn3988_firmwaresa6145p_firmwaresa8155p_firmwaresd429_firmwareqca6564a_firmwarewsa8810_firmwarewcd9341_firmwaresd765_firmwareqcn7605_firmwareqcs610_firmwaresd835_firmwareqca6564_firmwareqca6696_firmwareqcs405_firmwaresd750g_firmwarewcd9370_firmwareapq8096au_firmwarewsa8830_firmwaresd855_firmwarewcn3620_firmwarewsa8815_firmwarewcn6850_firmwarewsa8835_firmwaresa8195p_firmwareqcn9074_firmwareqcs410_firmwareqcn7606_firmwareqca6175a_firmware
CWE ID-CWE-416
Use After Free
CVE-2024-38252
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.47% / 64.17%
||
7 Day CHG~0.00%
Published-10 Sep, 2024 | 16:53
Updated-31 Dec, 2024 | 23:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_1809windows_server_2016windows_server_2022_23h2windows_11_21h2windows_11_24h2windows_10_22h2windows_server_2022windows_11_22h2windows_10_21h1windows_server_2019windows_10_1607windows_11_23h2Windows Server 2022Windows 10 Version 1607Windows 10 Version 21H2Windows 11 version 22H3Windows 11 version 22H2Windows 11 Version 23H2Windows Server 2019 (Server Core installation)Windows Server 2022, 23H2 Edition (Server Core installation)Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server 2019Windows 10 Version 22H2Windows 11 Version 24H2Windows Server 2016
CWE ID-CWE-416
Use After Free
CVE-2022-33292
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.82%
||
7 Day CHG~0.00%
Published-02 May, 2023 | 05:08
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use after free in Qualcomm IPC

Memory corruption in Qualcomm IPC due to use after free while receiving the incoming packet and reposting it.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm6225sm6225-ad_firmwarewcn3950wcd9375wcd9370_firmwaresm6225_firmwarewcn3988_firmwarewcn3950_firmwarewcn3988wsa8810_firmwarewsa8810wcd9375_firmwaresm6225-adsg4150pwcd9370sg4150p_firmwareSnapdragon
CWE ID-CWE-416
Use After Free
  • Previous
  • 1
  • 2
  • ...
  • 60
  • 61
  • 62
  • 63
  • 64
  • Next
Details not found