Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-38500

Summary
Assigner-Linux
Assigner Org ID-416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At-12 Aug, 2025 | 16:02
Updated At-03 Nov, 2025 | 17:39
Rejected At-
Credits

xfrm: interface: fix use-after-free after changing collect_md xfrm interface

In the Linux kernel, the following vulnerability has been resolved: xfrm: interface: fix use-after-free after changing collect_md xfrm interface collect_md property on xfrm interfaces can only be set on device creation, thus xfrmi_changelink() should fail when called on such interfaces. The check to enforce this was done only in the case where the xi was returned from xfrmi_locate() which doesn't look for the collect_md interface, and thus the validation was never reached. Calling changelink would thus errornously place the special interface xi in the xfrmi_net->xfrmi hash, but since it also exists in the xfrmi_net->collect_md_xfrmi pointer it would lead to a double free when the net namespace was taken down [1]. Change the check to use the xi from netdev_priv which is available earlier in the function to prevent changes in xfrm collect_md interfaces. [1] resulting oops: [ 8.516540] kernel BUG at net/core/dev.c:12029! [ 8.516552] Oops: invalid opcode: 0000 [#1] SMP NOPTI [ 8.516559] CPU: 0 UID: 0 PID: 12 Comm: kworker/u80:0 Not tainted 6.15.0-virtme #5 PREEMPT(voluntary) [ 8.516565] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 8.516569] Workqueue: netns cleanup_net [ 8.516579] RIP: 0010:unregister_netdevice_many_notify+0x101/0xab0 [ 8.516590] Code: 90 0f 0b 90 48 8b b0 78 01 00 00 48 8b 90 80 01 00 00 48 89 56 08 48 89 32 4c 89 80 78 01 00 00 48 89 b8 80 01 00 00 eb ac 90 <0f> 0b 48 8b 45 00 4c 8d a0 88 fe ff ff 48 39 c5 74 5c 41 80 bc 24 [ 8.516593] RSP: 0018:ffffa93b8006bd30 EFLAGS: 00010206 [ 8.516598] RAX: ffff98fe4226e000 RBX: ffffa93b8006bd58 RCX: ffffa93b8006bc60 [ 8.516601] RDX: 0000000000000004 RSI: 0000000000000000 RDI: dead000000000122 [ 8.516603] RBP: ffffa93b8006bdd8 R08: dead000000000100 R09: ffff98fe4133c100 [ 8.516605] R10: 0000000000000000 R11: 00000000000003d2 R12: ffffa93b8006be00 [ 8.516608] R13: ffffffff96c1a510 R14: ffffffff96c1a510 R15: ffffa93b8006be00 [ 8.516615] FS: 0000000000000000(0000) GS:ffff98fee73b7000(0000) knlGS:0000000000000000 [ 8.516619] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 8.516622] CR2: 00007fcd2abd0700 CR3: 000000003aa40000 CR4: 0000000000752ef0 [ 8.516625] PKRU: 55555554 [ 8.516627] Call Trace: [ 8.516632] <TASK> [ 8.516635] ? rtnl_is_locked+0x15/0x20 [ 8.516641] ? unregister_netdevice_queue+0x29/0xf0 [ 8.516650] ops_undo_list+0x1f2/0x220 [ 8.516659] cleanup_net+0x1ad/0x2e0 [ 8.516664] process_one_work+0x160/0x380 [ 8.516673] worker_thread+0x2aa/0x3c0 [ 8.516679] ? __pfx_worker_thread+0x10/0x10 [ 8.516686] kthread+0xfb/0x200 [ 8.516690] ? __pfx_kthread+0x10/0x10 [ 8.516693] ? __pfx_kthread+0x10/0x10 [ 8.516697] ret_from_fork+0x82/0xf0 [ 8.516705] ? __pfx_kthread+0x10/0x10 [ 8.516709] ret_from_fork_asm+0x1a/0x30 [ 8.516718] </TASK>

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Linux
Assigner Org ID:416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At:12 Aug, 2025 | 16:02
Updated At:03 Nov, 2025 | 17:39
Rejected At:
▼CVE Numbering Authority (CNA)
xfrm: interface: fix use-after-free after changing collect_md xfrm interface

In the Linux kernel, the following vulnerability has been resolved: xfrm: interface: fix use-after-free after changing collect_md xfrm interface collect_md property on xfrm interfaces can only be set on device creation, thus xfrmi_changelink() should fail when called on such interfaces. The check to enforce this was done only in the case where the xi was returned from xfrmi_locate() which doesn't look for the collect_md interface, and thus the validation was never reached. Calling changelink would thus errornously place the special interface xi in the xfrmi_net->xfrmi hash, but since it also exists in the xfrmi_net->collect_md_xfrmi pointer it would lead to a double free when the net namespace was taken down [1]. Change the check to use the xi from netdev_priv which is available earlier in the function to prevent changes in xfrm collect_md interfaces. [1] resulting oops: [ 8.516540] kernel BUG at net/core/dev.c:12029! [ 8.516552] Oops: invalid opcode: 0000 [#1] SMP NOPTI [ 8.516559] CPU: 0 UID: 0 PID: 12 Comm: kworker/u80:0 Not tainted 6.15.0-virtme #5 PREEMPT(voluntary) [ 8.516565] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 8.516569] Workqueue: netns cleanup_net [ 8.516579] RIP: 0010:unregister_netdevice_many_notify+0x101/0xab0 [ 8.516590] Code: 90 0f 0b 90 48 8b b0 78 01 00 00 48 8b 90 80 01 00 00 48 89 56 08 48 89 32 4c 89 80 78 01 00 00 48 89 b8 80 01 00 00 eb ac 90 <0f> 0b 48 8b 45 00 4c 8d a0 88 fe ff ff 48 39 c5 74 5c 41 80 bc 24 [ 8.516593] RSP: 0018:ffffa93b8006bd30 EFLAGS: 00010206 [ 8.516598] RAX: ffff98fe4226e000 RBX: ffffa93b8006bd58 RCX: ffffa93b8006bc60 [ 8.516601] RDX: 0000000000000004 RSI: 0000000000000000 RDI: dead000000000122 [ 8.516603] RBP: ffffa93b8006bdd8 R08: dead000000000100 R09: ffff98fe4133c100 [ 8.516605] R10: 0000000000000000 R11: 00000000000003d2 R12: ffffa93b8006be00 [ 8.516608] R13: ffffffff96c1a510 R14: ffffffff96c1a510 R15: ffffa93b8006be00 [ 8.516615] FS: 0000000000000000(0000) GS:ffff98fee73b7000(0000) knlGS:0000000000000000 [ 8.516619] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 8.516622] CR2: 00007fcd2abd0700 CR3: 000000003aa40000 CR4: 0000000000752ef0 [ 8.516625] PKRU: 55555554 [ 8.516627] Call Trace: [ 8.516632] <TASK> [ 8.516635] ? rtnl_is_locked+0x15/0x20 [ 8.516641] ? unregister_netdevice_queue+0x29/0xf0 [ 8.516650] ops_undo_list+0x1f2/0x220 [ 8.516659] cleanup_net+0x1ad/0x2e0 [ 8.516664] process_one_work+0x160/0x380 [ 8.516673] worker_thread+0x2aa/0x3c0 [ 8.516679] ? __pfx_worker_thread+0x10/0x10 [ 8.516686] kthread+0xfb/0x200 [ 8.516690] ? __pfx_kthread+0x10/0x10 [ 8.516693] ? __pfx_kthread+0x10/0x10 [ 8.516697] ret_from_fork+0x82/0xf0 [ 8.516705] ? __pfx_kthread+0x10/0x10 [ 8.516709] ret_from_fork_asm+0x1a/0x30 [ 8.516718] </TASK>

Affected Products
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • net/xfrm/xfrm_interface_core.c
Default Status
unaffected
Versions
Affected
  • From abc340b38ba25cd6c7aa2c0bd9150d30738c82d0 before a8d4748b954584ab7bd800f1a4e46d5b0eeb5ce4 (git)
  • From abc340b38ba25cd6c7aa2c0bd9150d30738c82d0 before bfebdb85496e1da21d3cf05de099210915c3e706 (git)
  • From abc340b38ba25cd6c7aa2c0bd9150d30738c82d0 before 5918c3f4800a3aef2173865e5903370f21e24f47 (git)
  • From abc340b38ba25cd6c7aa2c0bd9150d30738c82d0 before 69a31f7a6a81f5ffd3812c442e09ff0be22960f1 (git)
  • From abc340b38ba25cd6c7aa2c0bd9150d30738c82d0 before a90b2a1aaacbcf0f91d7e4868ad6c51c5dee814b (git)
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • net/xfrm/xfrm_interface_core.c
Default Status
affected
Versions
Affected
  • 6.1
Unaffected
  • From 0 before 6.1 (semver)
  • From 6.1.148 through 6.1.* (semver)
  • From 6.6.101 through 6.6.* (semver)
  • From 6.12.41 through 6.12.* (semver)
  • From 6.15.9 through 6.15.* (semver)
  • From 6.16 through * (original_commit_for_fix)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://git.kernel.org/stable/c/a8d4748b954584ab7bd800f1a4e46d5b0eeb5ce4
N/A
https://git.kernel.org/stable/c/bfebdb85496e1da21d3cf05de099210915c3e706
N/A
https://git.kernel.org/stable/c/5918c3f4800a3aef2173865e5903370f21e24f47
N/A
https://git.kernel.org/stable/c/69a31f7a6a81f5ffd3812c442e09ff0be22960f1
N/A
https://git.kernel.org/stable/c/a90b2a1aaacbcf0f91d7e4868ad6c51c5dee814b
N/A
Hyperlink: https://git.kernel.org/stable/c/a8d4748b954584ab7bd800f1a4e46d5b0eeb5ce4
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/bfebdb85496e1da21d3cf05de099210915c3e706
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/5918c3f4800a3aef2173865e5903370f21e24f47
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/69a31f7a6a81f5ffd3812c442e09ff0be22960f1
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/a90b2a1aaacbcf0f91d7e4868ad6c51c5dee814b
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-416CWE-416 Use After Free
Type: CWE
CWE ID: CWE-416
Description: CWE-416 Use After Free
Metrics
VersionBase scoreBase severityVector
3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
N/A
Hyperlink: https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
Resource: N/A
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At:12 Aug, 2025 | 16:15
Updated At:07 Jan, 2026 | 16:26

In the Linux kernel, the following vulnerability has been resolved: xfrm: interface: fix use-after-free after changing collect_md xfrm interface collect_md property on xfrm interfaces can only be set on device creation, thus xfrmi_changelink() should fail when called on such interfaces. The check to enforce this was done only in the case where the xi was returned from xfrmi_locate() which doesn't look for the collect_md interface, and thus the validation was never reached. Calling changelink would thus errornously place the special interface xi in the xfrmi_net->xfrmi hash, but since it also exists in the xfrmi_net->collect_md_xfrmi pointer it would lead to a double free when the net namespace was taken down [1]. Change the check to use the xi from netdev_priv which is available earlier in the function to prevent changes in xfrm collect_md interfaces. [1] resulting oops: [ 8.516540] kernel BUG at net/core/dev.c:12029! [ 8.516552] Oops: invalid opcode: 0000 [#1] SMP NOPTI [ 8.516559] CPU: 0 UID: 0 PID: 12 Comm: kworker/u80:0 Not tainted 6.15.0-virtme #5 PREEMPT(voluntary) [ 8.516565] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 8.516569] Workqueue: netns cleanup_net [ 8.516579] RIP: 0010:unregister_netdevice_many_notify+0x101/0xab0 [ 8.516590] Code: 90 0f 0b 90 48 8b b0 78 01 00 00 48 8b 90 80 01 00 00 48 89 56 08 48 89 32 4c 89 80 78 01 00 00 48 89 b8 80 01 00 00 eb ac 90 <0f> 0b 48 8b 45 00 4c 8d a0 88 fe ff ff 48 39 c5 74 5c 41 80 bc 24 [ 8.516593] RSP: 0018:ffffa93b8006bd30 EFLAGS: 00010206 [ 8.516598] RAX: ffff98fe4226e000 RBX: ffffa93b8006bd58 RCX: ffffa93b8006bc60 [ 8.516601] RDX: 0000000000000004 RSI: 0000000000000000 RDI: dead000000000122 [ 8.516603] RBP: ffffa93b8006bdd8 R08: dead000000000100 R09: ffff98fe4133c100 [ 8.516605] R10: 0000000000000000 R11: 00000000000003d2 R12: ffffa93b8006be00 [ 8.516608] R13: ffffffff96c1a510 R14: ffffffff96c1a510 R15: ffffa93b8006be00 [ 8.516615] FS: 0000000000000000(0000) GS:ffff98fee73b7000(0000) knlGS:0000000000000000 [ 8.516619] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 8.516622] CR2: 00007fcd2abd0700 CR3: 000000003aa40000 CR4: 0000000000752ef0 [ 8.516625] PKRU: 55555554 [ 8.516627] Call Trace: [ 8.516632] <TASK> [ 8.516635] ? rtnl_is_locked+0x15/0x20 [ 8.516641] ? unregister_netdevice_queue+0x29/0xf0 [ 8.516650] ops_undo_list+0x1f2/0x220 [ 8.516659] cleanup_net+0x1ad/0x2e0 [ 8.516664] process_one_work+0x160/0x380 [ 8.516673] worker_thread+0x2aa/0x3c0 [ 8.516679] ? __pfx_worker_thread+0x10/0x10 [ 8.516686] kthread+0xfb/0x200 [ 8.516690] ? __pfx_kthread+0x10/0x10 [ 8.516693] ? __pfx_kthread+0x10/0x10 [ 8.516697] ret_from_fork+0x82/0xf0 [ 8.516705] ? __pfx_kthread+0x10/0x10 [ 8.516709] ret_from_fork_asm+0x1a/0x30 [ 8.516718] </TASK>

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 6.1(inclusive) to 6.1.148(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 6.2(inclusive) to 6.6.101(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 6.7(inclusive) to 6.12.41(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 6.13(inclusive) to 6.15.9(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>6.16
cpe:2.3:o:linux:linux_kernel:6.16:rc1:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>6.16
cpe:2.3:o:linux:linux_kernel:6.16:rc2:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>6.16
cpe:2.3:o:linux:linux_kernel:6.16:rc3:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>6.16
cpe:2.3:o:linux:linux_kernel:6.16:rc4:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>6.16
cpe:2.3:o:linux:linux_kernel:6.16:rc5:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>6.16
cpe:2.3:o:linux:linux_kernel:6.16:rc6:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>6.16
cpe:2.3:o:linux:linux_kernel:6.16:rc7:*:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>11.0
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-416Primarynvd@nist.gov
CWE-416Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-416
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-416
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://git.kernel.org/stable/c/5918c3f4800a3aef2173865e5903370f21e24f47416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/69a31f7a6a81f5ffd3812c442e09ff0be22960f1416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/a8d4748b954584ab7bd800f1a4e46d5b0eeb5ce4416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/a90b2a1aaacbcf0f91d7e4868ad6c51c5dee814b416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/bfebdb85496e1da21d3cf05de099210915c3e706416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Hyperlink: https://git.kernel.org/stable/c/5918c3f4800a3aef2173865e5903370f21e24f47
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/69a31f7a6a81f5ffd3812c442e09ff0be22960f1
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/a8d4748b954584ab7bd800f1a4e46d5b0eeb5ce4
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/a90b2a1aaacbcf0f91d7e4868ad6c51c5dee814b
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/bfebdb85496e1da21d3cf05de099210915c3e706
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

3838Records found
CVE-2025-61662
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.01% / 3.08%
||
7 Day CHG~0.00%
Published-18 Nov, 2025 | 18:20
Updated-21 Jan, 2026 | 14:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Grub2: missing unregister call for gettext command may lead to use-after-free

A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can exploit this condition by invoking the orphaned command, causing the application to access a memory location that is no longer valid. An attacker could exploit this vulnerability to cause grub to crash, leading to a Denial of Service. Possible data integrity or confidentiality compromise is not discarded.

Action-Not Available
Vendor-GNURed Hat, Inc.
Product-grub2Red Hat OpenShift Container Platform 4Red Hat Enterprise Linux 10Red Hat Enterprise Linux 7grub2Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9
CWE ID-CWE-416
Use After Free
CVE-2025-60707
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 22.54%
||
7 Day CHG~0.00%
Published-11 Nov, 2025 | 17:59
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Multimedia Class Scheduler Service (MMCSS) Driver Elevation of Privilege Vulnerability

Use after free in Multimedia Class Scheduler Service (MMCSS) allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2019windows_11_24h2windows_server_2022_23h2windows_server_2025windows_10_21h2windows_11_25h2windows_10_1809windows_11_23h2windows_server_2022windows_10_22h2Windows Server 2019 (Server Core installation)Windows 11 Version 25H2Windows 10 Version 21H2Windows 11 version 22H3Windows 10 Version 22H2Windows 11 Version 23H2Windows Server 2019Windows Server 2022Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2025Windows 11 Version 24H2Windows 10 Version 1809Windows Server 2025 (Server Core installation)
CWE ID-CWE-416
Use After Free
CVE-2024-32503
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.4||HIGH
EPSS-0.17% / 37.72%
||
7 Day CHG~0.00%
Published-07 Jun, 2024 | 15:51
Updated-13 Feb, 2025 | 15:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 850, Exynos 1080, Exynos 2100, Exynos 1280, Exynos 1380, Exynos 1330, Exynos W920, Exynos W930. The mobile processor lacks proper memory deallocation checking, which can result in a UAF (Use-After-Free) vulnerability.

Action-Not Available
Vendor-n/aSamsung
Product-exynos_w930_firmwareexynos_1280exynos_850exynos_1380exynos_1080exynos_w920exynos_850_firmwareexynos_1330exynos_1080_firmwareexynos_2100_firmwareexynos_1330_firmwareexynos_2100exynos_1280_firmwareexynos_1380_firmwareexynos_w920_firmwareexynos_w930n/aexynos_1330exynos_2100exynos_1280exynos_1380exynos_850exynos_1080exynos_w920exynos_w930
CWE ID-CWE-762
Mismatched Memory Management Routines
CWE ID-CWE-416
Use After Free
CVE-2024-32927
Matching Score-4
Assigner-Google Devices
ShareView Details
Matching Score-4
Assigner-Google Devices
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.68%
||
7 Day CHG~0.00%
Published-19 Aug, 2024 | 16:47
Updated-20 Aug, 2024 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In sendDeviceState_1_6 of RadioExt.cpp, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroid
CWE ID-CWE-416
Use After Free
CVE-2024-32900
Matching Score-4
Assigner-Google Devices
ShareView Details
Matching Score-4
Assigner-Google Devices
CVSS Score-9.8||CRITICAL
EPSS-0.07% / 22.28%
||
7 Day CHG+0.02%
Published-13 Jun, 2024 | 21:01
Updated-19 Aug, 2024 | 14:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In lwis_fence_signal of lwis_debug.c, there is a possible Use after Free due to improper locking. This could lead to local escalation of privilege from hal_camera_default SELinux label with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroid
CWE ID-CWE-667
Improper Locking
CWE ID-CWE-416
Use After Free
CVE-2024-33034
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.15% / 35.89%
||
7 Day CHG~0.00%
Published-05 Aug, 2024 | 14:21
Updated-20 Nov, 2024 | 13:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Graphics Linux

Memory corruption can occur if VBOs hold outdated or invalid GPU SMMU mappings, especially when the binding and reclaiming of memory buffers are performed at the same time.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qam8255p_firmwaresnapdragon_8_gen_1_mobile_platformtalynplus_firmwaresnapdragon_662_mobile_platform_firmwarewsa8830sxr2230p_firmwareqam8650psg8275p_firmwareqam8775pqamsrv1mflight_rb5_5g_platformflight_rb5_5g_platform_firmwarewsa8840wcn3950_firmwaresrv1l_firmwareqca6595au_firmwarevideo_collaboration_vc3_platformsnapdragon_480_5g_mobile_platformwcd9370ssg2115pqcm5430_firmwareqcs6125_firmwaresnapdragon_460_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwaresnapdragon_480\+_5g_mobile_platform_firmwarewcn3990_firmwareqrb5165n_firmwaresnapdragon_8_gen_2_mobile_platformqamsrv1hwcd9385_firmwareqam8295pwcn3950talynplusfastconnect_6200qamsrv1h_firmwaresd_8_gen1_5g_firmwareqca6688aqsnapdragon_460_mobile_platformqam8295p_firmwaresa9000p_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca6574au_firmwaresa7255psnapdragon_4_gen_2_mobile_platformqca6595ausnapdragon_8_gen_3_mobile_platformwcd9375_firmwarewsa8845h_firmwaresnapdragon_680_4g_mobile_platform_firmwareqrb5165nsnapdragon_w5\+_gen_1_wearable_platform_firmwaresa8620p_firmwaresa6155p_firmwareqcm8550_firmwareqca6678aq_firmwaresa8775p_firmwareqcs6490wsa8840_firmwareqca6698aqqcs6125video_collaboration_vc5_platformqcs8550_firmwarewcn3988_firmwaresrv1hsa7775p_firmwaresnapdragon_8\+_gen_1_mobile_platformfastconnect_6700_firmwaresa8195pwsa8810_firmwarevision_intelligence_400_platformsw5100wsa8845hsnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwaresa6155pqcs7230sg4150pwcd9335wcd9395_firmwareqca6698aq_firmwareqcm4490sa7775pqam8620pqcs5430sxr2250psa8770p_firmwarewcd9341qam8775p_firmwaresa8255pwcd9385qca6696_firmwareqcs6490_firmwareqca6797aqwcd9375wcd9390robotics_rb5_platformvision_intelligence_400_platform_firmwaresnapdragon_662_mobile_platformsnapdragon_685_4g_mobile_platformwsa8830_firmwareqcm6490wcn3988wsa8815_firmwarewsa8835_firmwaresnapdragon_685_4g_mobile_platform_firmwaresa8195p_firmwarevideo_collaboration_vc5_platform_firmwaresa8295p_firmwaresxr2250p_firmwaresg4150p_firmwaresa8770pqca6688aq_firmwareqcm6125_firmwareqcm4325snapdragon_8_gen_2_mobile_platform_firmwarerobotics_rb5_platform_firmwarewcd9380_firmwaressg2125pwcn3990sw5100psnapdragon_w5\+_gen_1_wearable_platformqca6595qcm8550qcs7230_firmwarewsa8835qca6574sxr1230p_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwaresd_8_gen1_5gwcd9380fastconnect_6700snapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaressg2125p_firmwareqca6574asxr1230pvideo_collaboration_vc3_platform_firmwaresg8275pwcd9335_firmwarewcn3980wsa8845qcm4325_firmwaresa8650pqca6574_firmwaresa9000pwsa8815sxr2230pwsa8845_firmwaresnapdragon_4_gen_1_mobile_platformqcs8250qca6574a_firmwarefastconnect_6200_firmwaresa8775pwcn3980_firmwareqca6391sa8295pfastconnect_7800qcm4490_firmwareqcs4490_firmwareqca6678aqqcm6490_firmwaresa8650p_firmwarewsa8832_firmwarefastconnect_6900fastconnect_6900_firmwaresrv1h_firmwarevideo_collaboration_vc1_platform_firmwareqca6797aq_firmwareqca6574ausa8155p_firmwaresrv1lsa7255p_firmwareqcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwareqcm6125sa8620psnapdragon_8\+_gen_2_mobile_platformwsa8810wsa8832sw5100p_firmwaresm8550psnapdragon_680_4g_mobile_platformsnapdragon_8_gen_1_mobile_platform_firmwareqamsrv1m_firmwaresnapdragon_ar2_gen_1_platformqcm5430srv1m_firmwareqam8650p_firmwareqcs4490qca6595_firmwarewcd9395qca6696qcs5430_firmwareqca6391_firmwareqcs8550wcd9370_firmwaresm8550p_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwaresa8155psnapdragon_695_5g_mobile_platformvideo_collaboration_vc1_platformsrv1msnapdragon_8\+_gen_1_mobile_platform_firmwaressg2115p_firmwaresw5100_firmwareqam8620p_firmwareqam8255psnapdragon_480\+_5g_mobile_platformSnapdragonqam8255p_firmwarequalcomm_video_collaboration_vc1_platform_firmwaretalynplus_firmwaresnapdragon_662_mobile_platform_firmwarerobotics_rb5_platform_firmwarewcd9380_firmwaresxr2230p_firmwaresg8275p_firmwareqcs7230_firmwareflight_rb5_5g_platform_firmwaresxr1230p_firmwarewcn3950_firmwaresrv1l_firmwareqca6595au_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaressg2125p_firmwareqcm5430_firmwareqcs6125_firmwaresnapdragon_460_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwarewcn3990_firmwareqrb5165n_firmwarewcd9335_firmwarequalcomm_video_collaboration_vc3_platform_firmwarewcd9385_firmwareqcm4325_firmwareqamsrv1h_firmwareqca6574_firmwaresd_8_gen1_5g_firmwarewsa8845_firmwareqam8295p_firmwaresa9000p_firmwareqca6574a_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca6574au_firmwarefastconnect_6200_firmwarewcd9375_firmwarewsa8845h_firmwarewcn3980_firmwaresnapdragon_680_4g_mobile_platform_firmwaresa8620p_firmwaresa6155p_firmwareqcm8550_firmwareqcm4490_firmwareqca6678aq_firmwareqcs4490_firmwaresa8775p_firmwareqcm6490_firmwarewsa8840_firmwaresa8650p_firmwarewsa8832_firmwarefastconnect_6900_firmwaresrv1h_firmwareqcs8550_firmwarewcn3988_firmwareqca6797aq_firmwaresa8155p_firmwaresa7775p_firmwarefastconnect_6700_firmwaresa7255p_firmwarewsa8810_firmwareqcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwaresnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwarewcd9395_firmwaresw5100p_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqca6698aq_firmwareqamsrv1m_firmwaresrv1m_firmwareqam8650p_firmwaresa8770p_firmwareqam8775p_firmwareqca6696_firmwareqcs6490_firmwareqca6595_firmwareqcs5430_firmwareqca6391_firmwarewcd9370_firmwaresm8550p_firmwarequalcomm_video_collaboration_vc5_platform_firmwarevision_intelligence_400_platform_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwarewsa8830_firmwarewsa8815_firmwaresxr2250p_firmwarewsa8835_firmwaresa8195p_firmwaressg2115p_firmwaresw5100_firmwareqam8620p_firmwaresa8295p_firmwaresg4150p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqca6688aq_firmwareqcm6125_firmware
CWE ID-CWE-416
Use After Free
CVE-2024-33060
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.21% / 42.53%
||
7 Day CHG~0.00%
Published-02 Sep, 2024 | 10:22
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in DSP Service

Memory corruption when two threads try to map and unmap a single node simultaneously.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1010_firmwaresdm429w_firmwareqcm8550_firmwareqcs410_firmwaresd865_5gsa6150p_firmwaresw5100psxr1120qca6595qcs610_firmwarewcd9335wcd9370qca8081_firmwaresnapdragon_670_mobilesnapdragon_x50_5g_modem-rf_systemqam8620p_firmwareqca6696wcd9340_firmwarewcd9341_firmwarewcd9395_firmwareqcn6024qcc710_firmwareqca6426snapdragon_8\+_gen_1_mobilesnapdragon_auto_4gwcn6740_firmwarefastconnect_6700snapdragon_780g_5g_mobilesnapdragon_750g_5g_mobilevision_intelligence_200_firmwaresnapdragon_685_4g_mobilesa4150psnapdragon_782g_mobile_firmwarewsa8832_firmwaresnapdragon_x35_5g_modem-rf_system_firmwareqca8337qdu1110qca6426_firmwarewcd9395qca6574au_firmwaresnapdragon_690_5g_mobile_firmwareqca6564_firmwaresm6370qam8295psnapdragon_x12_lte_firmwarewcd9341sd626_firmwaresnapdragon_x72_5g_modem-rf_system_firmwareqca6574ausnapdragon_820_automotivewcd9390snapdragon_888\+_5g_mobile_firmwaresa8620p_firmware315_5g_iot_firmwaresd730_firmwarewsa8810_firmwarewsa8845h_firmwarecsra6640snapdragon_778g_5g_mobile_firmwaresa9000p_firmwaresrv1hwcn3660b_firmwaresd730snapdragon_820_automotive_firmwarefastconnect_6800_firmwareqcs5430snapdragon_690_5g_mobilesd835_firmwareqcn6024_firmwaresdx20mqcm5430qcm5430_firmwarevideo_collaboration_vc1_platform_firmwaresa4155psa8770pqcm6125_firmwarec-v2x_9150snapdragon_678_mobile_firmwaressg2115pqcc710snapdragon_xr2_5g_firmwaresnapdragon_xr1_firmwaresnapdragon_x72_5g_modem-rf_systemsxr1120_firmwareqsm8350_firmwarefastconnect_6900snapdragon_w5\+_gen_1_wearable_firmwarevideo_collaboration_vc1_platformqru1032_firmwareqep8111sa7255psm8635qfw7114snapdragon_730_mobile_firmwarewcd9385_firmwarevision_intelligence_200snapdragon_x55_5g_modem-rf_systemqca6310qam8255p_firmwaresa8155_firmwarewcd9360sdx61qcs4490snapdragon_730_mobilemdm9250snapdragon_680_4g_mobilewsa8845sa6155pqcm6125qca6564au_firmwaresnapdragon_429_mobile_firmwarewsa8810qam8650pvideo_collaboration_vc5_platform_firmwaresa9000pqdu1000_firmwaresrv1h_firmwaresnapdragon_888_5g_mobile_firmwareqca6595ausnapdragon_888_5g_mobilesxr2250p_firmwaresm7315_firmwareqdu1010snapdragon_662_mobile_firmwaresa6155p_firmwaresnapdragon_685_4g_mobile_firmwarewcd9326_firmwarewsa8840srv1m_firmwareqcs8550_firmwaresnapdragon_730g_mobilesnapdragon_782g_mobilesd835qdu1210_firmwaresnapdragon_8_gen_2_mobile_firmwareqfw7124_firmwaresnapdragon_4_gen_2_mobile_firmwareqca6436_firmwareqcn9012mdm9650_firmwaresnapdragon_695_5g_mobile_firmwareqcs4490_firmwaresnapdragon_x20_ltesnapdragon_7c\+_gen_3_compute_firmwarewcn3910_firmwaresm4125_firmwaresnapdragon_460_mobilesnapdragon_8_gen_2_mobileqca6420wcn3910wcd9370_firmwaremdm9250_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareqdu1110_firmwareqdu1000wcn3660bqca6574asa7255p_firmwaresnapdragon_8\+_gen_2_mobilewcn3620_firmwareqca6174asa8195pwcd9340qcs8250_firmwareqcm2290qdu1210talynplussnapdragon_auto_5g_modem-rf_gen_2snapdragon_835_mobile_pc_firmwareqcm6490sm8550p_firmwaresxr2250pqcm8550wcn3988snapdragon_765_5g_mobile_firmwaresm6370_firmwaresnapdragon_662_mobileqcn9024sa8775pqca6574snapdragon_x75_5g_modem-rf_system215_mobilesxr2230p_firmwaresnapdragon_855_mobile_firmwareqca6430_firmwareqcn9011sa8775p_firmwareqamsrv1hsmart_audio_400qcn9024_firmwarewsa8845hsa6150pwcd9326qcs410qcm2290_firmwarevision_intelligence_100sa8155p_firmwareqca6564asa8155psnapdragon_765g_5g_mobile_firmwarewsa8830smart_display_200_firmwaresm8550psa6145pqcn9074_firmwaresnapdragon_768g_5g_mobile_firmwaresa8255p_firmwarear8035qamsrv1m_firmwaremsm8996ausnapdragon_4_gen_2_mobileqca6564qrb5165m_firmwaresa8650p_firmwarewcn3620sa6155qcm4325srv1l_firmwareqcn6224snapdragon_865\+_5g_mobile_firmwaresnapdragon_429_mobileqca6698aqwcn3950_firmwaresa7775p_firmwaresm6250qrb5165nssg2125p_firmwaresnapdragon_480\+_5g_mobilefastconnect_6200sd670wcn3680bsm7325p_firmwaresa8145p_firmwarewcd9360_firmwaresnapdragon_480_5g_mobile_firmwaresnapdragon_660_mobile_firmwareqdx1011sa8150p_firmwarefastconnect_6700_firmwaresnapdragon_710_mobile_firmwarevideo_collaboration_vc3_platform_firmwarewcn3990sd670_firmwaresnapdragon_8_gen_3_mobilesnapdragon_855_mobileqcs6490qcs8250snapdragon_695_5g_mobilesnapdragon_778g_5g_mobilefastconnect_6200_firmwarear8031_firmwarewsa8830_firmwaresnapdragon_460_mobile_firmwareqcn6224_firmwarevision_intelligence_100_firmwareqca6678aq_firmwarewsa8845_firmwaresd660_firmwarewsa8832sdx61_firmwaresnapdragon_480_5g_mobilesnapdragon_750g_5g_mobile_firmwaresrv1lsxr2130_firmwaresrv1mqca6678aqsnapdragon_860_mobile_firmwarear8035_firmwaresnapdragon_778g\+_5g_mobileqrb5165mqca6320sa4150p_firmwaresd888_firmwareqcm2150qca6564auqcs6125_firmwareqcn9074wsa8815_firmwaresa8195p_firmwareqca8337_firmwaresnapdragon_auto_4g_firmwareqcm4290snapdragon_x12_ltear8031sg8275p_firmwareqca9377_firmwareqcm6490_firmwaresnapdragon_xr2\+_gen_1sm7250p_firmwarewcn3680_firmwaresm4125qcm4490_firmwareqru1032vision_intelligence_400_firmwarewcn3950qcs6125flight_rb5_5gsnapdragon_870_5g_mobile_firmwaresnapdragon_730g_mobile_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_7c\+_gen_3_computetalynplus_firmwaresnapdragon_732g_mobilesnapdragon_778g\+_5g_mobile_firmwaresa8295p_firmwaresmart_audio_400_firmwaresnapdragon_870_5g_mobilesnapdragon_678_mobilesa4155p_firmwaresnapdragon_720g_mobilesm7250psm6250_firmwaresa8155qca6584ausd888qca6320_firmwareqcn6274_firmwarewcn6755_firmwareqcn9011_firmwareqru1062_firmwaresnapdragon_675_mobile_firmwaresw5100_firmwarewcn6740snapdragon_768g_5g_mobilesnapdragon_780g_5g_mobile_firmwareqru1062qca6310_firmwaresd626fastconnect_6800snapdragon_8_gen_3_mobile_firmwareqfw7114_firmwareqcs7230qca6595_firmwarefastconnect_7800_firmwaresnapdragon_675_mobilesnapdragon_865_5g_mobile_firmwaresm8635_firmwarefastconnect_6900_firmwarerobotics_rb5_firmwarewcd9380sa6145p_firmwareqam8255psa6155_firmwaresxr2230psnapdragon_x62_5g_modem-rf_systemsnapdragon_xr2_5gsa8150pwcn6755msm8996au_firmwaresnapdragon_auto_5g_modem-rf_firmwaresnapdragon_x35_5g_modem-rf_systemsxr1230psw5100video_collaboration_vc3_platformaqt1000snapdragon_4_gen_1_mobile_firmwareqcm2150_firmwaresnapdragon_x20_lte_firmware215_mobile_firmwarec-v2x_9150_firmwareqca6688aqqam8295p_firmwaresd855wcn3990_firmwaresm7315snapdragon_660_mobileqca6698aq_firmwareqcs2290qca6564a_firmwaresdx20m_firmwaresnapdragon_888\+_5g_mobileqcs2290_firmwareqsm8350snapdragon_xr2\+_gen_1_firmwarewcn3615wcd9385snapdragon_8_gen_1_mobilesnapdragon_680_4g_mobile_firmwarewcn3680sa8255pqcs7230_firmwareqcs4290sxr1230p_firmwarewcd9390_firmwaresnapdragon_865\+_5g_mobileqep8111_firmwareqca6430snapdragon_855\+_mobilesg8275pmdm9650qdx1011_firmwaresnapdragon_765_5g_mobilesnapdragon_860_mobilesnapdragon_auto_5g_modem-rfsdx55_firmwarewcn3615_firmwareflight_rb5_5g_firmwaressg2125pqru1052sxr2130qcm4490csra6640_firmwaresnapdragon_480\+_5g_mobile_firmwareqamsrv1mrobotics_rb5qca6174a_firmwaresm7325psnapdragon_732g_mobile_firmwareqam8650p_firmwarevideo_collaboration_vc5_platformsnapdragon_670_mobile_firmwareqca6420_firmwareaqt1000_firmwareqcs6490_firmwaresnapdragon_x65_5g_modem-rf_systemsdm429wqam8620psd855_firmwareqrb5165n_firmwareqca6436wcd9335_firmwarewcn3980_firmwarewsa8835wsa8840_firmwareqca6391_firmwareqca6584au_firmwareqcn6274qfw7124qdu1010_firmwareqca6595au_firmwaresw5100p_firmwareqcs610qca6696_firmwareqcs4290_firmwarewcd9380_firmwareqca6574_firmwarecsra6620sd660qca8081mdm9628wsa8815sg4150pqam8775pqca9377snapdragon_ar2_gen_1_firmwaresd_8_gen1_5gqca6797aqmdm9628_firmwareqcm4325_firmwaresa8620psnapdragon_4_gen_1_mobileqca6574a_firmwaresdx55qcm4290_firmwaresnapdragon_720g_mobile_firmwaresnapdragon_865_5g_mobilesnapdragon_835_mobile_pcsnapdragon_855\+_mobile_firmwaresd_8_gen1_5g_firmwarewcd9375_firmwaresa7775pqca6391snapdragon_x62_5g_modem-rf_system_firmwaresnapdragon_710_mobileqcn9012_firmwareqcs5430_firmwaresg4150p_firmwareqru1052_firmwaresa8770p_firmwarecsra6620_firmwaresa8295psnapdragon_x50_5g_modem-rf_system_firmwareqcs8550fastconnect_7800sa8650pqam8775p_firmwaresd865_5g_firmwaresnapdragon_8\+_gen_2_mobile_firmwaresnapdragon_xr1wcd9375qca6688aq_firmwaresnapdragon_ar2_gen_1snapdragon_765g_5g_mobilewcn3988_firmware315_5g_iotqamsrv1h_firmwaresa8145psnapdragon_8\+_gen_1_mobile_firmwarevision_intelligence_400wsa8835_firmwaressg2115p_firmwaresmart_display_200snapdragon_x75_5g_modem-rf_system_firmwarewcn3980qdx1010wcn3680b_firmwaresnapdragon_w5\+_gen_1_wearablesnapdragon_8_gen_1_mobile_firmwareSnapdragonqam8255p_firmwareqca9377_firmwaretalynplus_firmwaresnapdragon_662_mobile_platform_firmwaresa6150p_firmwaresa8145p_firmwaresxr2230p_firmware315_5g_iot_modem_firmwareqcs2290_firmwaresg8275p_firmwaremdm9628_firmwaresnapdragon_820_automotive_platform_firmwarewcd9360_firmwareflight_rb5_5g_platform_firmwareqcn6224_firmwaresnapdragon_x20_lte_modem_firmwarewcn3950_firmwaresrv1l_firmwaresnapdragon_888_5g_mobile_platform_firmwaresa8150p_firmwarewcn6755_firmwareqca6420_firmwareqca6595au_firmwaresd730_firmwaresnapdragon_auto_4g_modem_firmwarecsra6620_firmwarecsra6640_firmwareqcm5430_firmwareqcs6125_firmwaresnapdragon_460_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwareqca6584au_firmwareqep8111_firmwareqrb5165n_firmwarewcn3990_firmwarequalcomm_video_collaboration_vc3_platform_firmwarewcd9385_firmwareqcn6024_firmwarewcd9326_firmwarewcn3615_firmwareqamsrv1h_firmwaresd_8_gen1_5g_firmwareqsm8350_firmwaresnapdragon_660_mobile_platform_firmwareqam8295p_firmwareqcn9011_firmwaresa9000p_firmwareqca6320_firmwaresm7315_firmwareqca6574au_firmwaresdx55_firmwaresnapdragon_429_mobile_platform_firmwaresnapdragon_695_5g_mobile_platform_firmwaresnapdragon_835_mobile_pc_platform_firmwareqca8081_firmwaresa6155_firmwarewcd9375_firmwaresm7250p_firmwarewcn3680b_firmwarewsa8845h_firmwareqca6436_firmwaresnapdragon_680_4g_mobile_platform_firmwareqca6564au_firmwaresa8620p_firmwaresa6155p_firmwaresnapdragon_auto_5g_modem-rf_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareqca6678aq_firmwaresmart_audio_400_platform_firmwaresa8775p_firmwareqrb5165m_firmwarewsa8840_firmwaresa4155p_firmwaresa8155_firmwareqcs8550_firmwarewcn3988_firmwareqru1062_firmwaresa6145p_firmwaresa7775p_firmwarefastconnect_6700_firmwaresd626_firmwarewsa8810_firmwaresnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwarewcd9395_firmwareqdu1000_firmwareqca6698aq_firmwareqca6174a_firmwaremdm9250_firmwareqcs4290_firmwaresa8770p_firmwareqam8775p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresxr2130_firmwareqca6696_firmwareqcs6490_firmwaresnapdragon_x12_lte_modem_firmwareqru1052_firmwarewcn3910_firmwaresnapdragon_855_mobile_platform_firmwaresm6250_firmwareqcc710_firmwarevision_intelligence_400_platform_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewcn3620_firmwarewsa8815_firmwarewsa8835_firmwaresd660_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwaresxr1120_firmwaresa8295p_firmwaresxr2250p_firmwaresg4150p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqca6688aq_firmwareqcm6125_firmwaresnapdragon_675_mobile_platform_firmwareqcm2290_firmwaresnapdragon_750g_5g_mobile_platform_firmwarequalcomm_video_collaboration_vc1_platform_firmwarerobotics_rb5_platform_firmwareqca8337_firmwareqcm2150_firmwaresnapdragon_778g_5g_mobile_platform_firmwarewcd9380_firmwaremsm8996au_firmwareqcs7230_firmwareqdu1010_firmwaresnapdragon_670_mobile_platform_firmwaresd670_firmwaresxr1230p_firmwareqdu1110_firmwaresdm429w_firmwaresnapdragon_x72_5g_modem-rf_system_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaressg2125p_firmwaresm8635_firmwarec-v2x_9150_firmwareqca6310_firmwareqca6430_firmwareqcn9012_firmwareqfw7114_firmwaresm6370_firmwarewcd9335_firmwareqcm4325_firmwareqca6574_firmwarewcd9340_firmwaresm4125_firmwaresm7325p_firmwareqru1032_firmwaremdm9650_firmwaresnapdragon_xr2_5g_platform_firmwarewsa8845_firmwareqca6426_firmwarewcn3660b_firmwareqca6574a_firmwarefastconnect_6200_firmwaresnapdragon_x62_5g_modem-rf_system_firmwarewcn3980_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresnapdragon_x50_5g_modem-rf_system_firmwareaqt1000_firmwarewcn6740_firmwareqcm4490_firmwaresnapdragon_690_5g_mobile_platform_firmwaresnapdragon_x35_5g_modem-rf_system_firmwareqcn6274_firmwareqcs4490_firmwarear8031_firmwareqcm6490_firmwarewcn3680_firmwaresa8650p_firmwarewsa8832_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwaresrv1h_firmwareqca6797aq_firmwaresa8155p_firmwareqdx1011_firmwareqca6564a_firmwareqcn9024_firmwaresa7255p_firmwareqcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwareqcm4290_firmwaresdx20m_firmwareqdx1010_firmwaresw5100p_firmwareqcs610_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqamsrv1m_firmwaresrv1m_firmwarequalcomm_215_mobile_platform_firmwaresd835_firmwareqam8650p_firmwareqca6564_firmwareqca6595_firmwaresnapdragon_720g_mobile_platform_firmwareqcs5430_firmwareqca6391_firmwaresnapdragon_710_mobile_platform_firmwaresa4150p_firmwarewcd9370_firmwaresm8550p_firmwarequalcomm_video_collaboration_vc5_platform_firmwaresd888_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwaresdx61_firmwaressg2115p_firmwaresw5100_firmwareqcn9074_firmwareqam8620p_firmwareqcs410_firmwareqfw7124_firmwareqdu1210_firmwarear8035_firmwaresnapdragon_xr1_platform_firmware
CWE ID-CWE-416
Use After Free
CVE-2024-33033
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.10% / 26.89%
||
7 Day CHG~0.00%
Published-04 Nov, 2024 | 10:04
Updated-08 Nov, 2024 | 04:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in ComputerVision

Memory corruption while processing IOCTL calls to unmap the buffers.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800wsa8830wcd9380_firmwaresm7550qcm8550_firmwarewcd9378_firmwarewcn6650_firmwarewsa8840_firmwarewsa8832_firmwarefastconnect_6900sg8275p_firmwareqcm8550fastconnect_6900_firmwareqcs8550_firmwarewcn6650sg8275_firmwarewcn7880_firmwaresm7525wsa8840wsa8835snapdragon_8\+_gen_2_mobile_platform_firmwarewcd9380wcn6755_firmwaresnapdragon_8\+_gen_2_mobile_platformfastconnect_7800_firmwarewsa8845hwsa8832wcn6755wcd9395_firmwarewcd9370sm8550psm7525_firmwaresnapdragon_8_gen_2_mobile_platform_firmwarewcd9385sg8275psnapdragon_8_gen_2_mobile_platformwcd9395wcd9371wcd9371_firmwarewcd9385_firmwarewsa8845qcs8550wcd9375wcd9370_firmwaresm8550p_firmwarewcd9390wcd9390_firmwarewsa8830_firmwarewsa8845_firmwaresm7550_firmwarewsa8835_firmwaresg8275wsa8845h_firmwarewcd9375_firmwarewcd9378wcn7880Snapdragonsm7525_firmwarewcd9380_firmwareqcm8550_firmwarewcd9378_firmwarewcn6650_firmwarewsa8832_firmwarewsa8840_firmwarewcd9371_firmwaresg8275p_firmwarewcd9385_firmwarefastconnect_6900_firmwareqcs8550_firmwarewcd9370_firmwaresm8550p_firmwaresg8275_firmwarewcd9390_firmwarewcn7880_firmwarewsa8830_firmwarewsa8845_firmwaresm7550_firmwarewsa8835_firmwarefastconnect_7800_firmwarewcn6755_firmwarewcd9375_firmwarewsa8845h_firmwarewcd9395_firmwaresnapdragon_8_gen_2_mobile_platform_firmware
CWE ID-CWE-416
Use After Free
CVE-2024-33023
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.15% / 35.89%
||
7 Day CHG~0.00%
Published-05 Aug, 2024 | 14:21
Updated-20 Nov, 2024 | 19:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Graphics Linux

Memory corruption while creating a fence to wait on timeline events, and simultaneously signal timeline events.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwareqam8255p_firmwaresnapdragon_8_gen_1_mobile_platformsa6150p_firmwareqcs610qca8337sg8275p_firmwareqam8775psnapdragon_778g\+_5g_mobile_platformqamsrv1msnapdragon_870_5g_mobile_platform_firmwaresnapdragon_888_5g_mobile_platformwsa8840wcn3950_firmwaresa8150p_firmwareqca6595au_firmwarevideo_collaboration_vc3_platformsnapdragon_480_5g_mobile_platformcsra6620_firmwarecsra6640_firmwareqcm5430_firmwareqcs6125_firmwaresnapdragon_460_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwareqam8295pwcn3950qcn6024_firmwaremdm9628sd_8_gen1_5g_firmwareqsm8350_firmwaresnapdragon_460_mobile_platformqsm8350snapdragon_660_mobile_platform_firmwaresm7315_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca6574au_firmwaresnapdragon_778g\+_5g_mobile_platform_firmwareqca8081_firmwarewcd9375_firmwaresnapdragon_782g_mobile_platform_firmwaresnapdragon_auto_5g_modem-rf_firmwareqca6678aq_firmwaresmart_audio_400_platform_firmwareqrb5165m_firmwarewsa8840_firmwareqca6698aqqcs6125sa4155p_firmwaresa7775p_firmwaresnapdragon_8\+_gen_1_mobile_platformsnapdragon_780g_5g_mobile_platformsw5100qca6436sa6155pqca6698aq_firmwaresxr2250pwcd9341qam8775p_firmwaresa8255pqca6696_firmwaresnapdragon_x12_lte_modemqca6797aqsa8150probotics_rb5_platformwsa8830_firmwaresd660sd865_5g_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewcn3988sd660_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresnapdragon_685_4g_mobile_platform_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwaresa8295p_firmwaresa8770pqca8337_firmwarewcd9380_firmwaresnapdragon_778g_5g_mobile_platform_firmwaressg2125psw5100psnapdragon_w5\+_gen_1_wearable_platformqcm8550qca6564auqca6574snapdragon_7c\+_gen_3_computewcd9380snapdragon_782g_mobile_platformfastconnect_6700qcs410sxr1230pvideo_collaboration_vc3_platform_firmwaresg8275pqcn9012_firmwaresm6370_firmwarewcd9335_firmwarewcn3980wsa8845qcm4325_firmwarewsa8815snapdragon_865\+_5g_mobile_platformsnapdragon_4_gen_1_mobile_platformqcs8250qca6426_firmwaresnapdragon_x62_5g_modem-rf_system_firmwareqcn9024wcn3980_firmwaresa8295pwcn6740_firmwareqcs4490_firmwaresnapdragon_xr2_5g_platformqca6678aqsnapdragon_x65_5g_modem-rf_systemsa8650p_firmwarefastconnect_6900fastconnect_6900_firmwaresnapdragon_660_mobile_platformqca6797aq_firmwaresrv1lqcn9024_firmwareqca6564a_firmwaresa7255p_firmwaresnapdragon_8\+_gen_2_mobile_platformsa8620pwsa8832sw5100p_firmwaresa8540pqcs610_firmwareqamsrv1m_firmwareqcm5430sa6145pqcs4490qca6595_firmwaresa8145pwcd9395qcs5430_firmwaresnapdragon_888\+_5g_mobile_platform_firmwareqca6391_firmwaresa4150p_firmwarewcd9370_firmwaresm8550p_firmwaresd888_firmwaresa8155pcsra6640snapdragon_695_5g_mobile_platformvideo_collaboration_vc1_platformsrv1mssg2115p_firmwareqam8620p_firmwareqam8255psa4155par8035_firmwaresnapdragon_480\+_5g_mobile_platformtalynplus_firmwarewsa8830snapdragon_662_mobile_platform_firmwaresxr2230p_firmwaresa8145p_firmwareqam8650pmdm9628_firmwareflight_rb5_5g_platformsnapdragon_865_5g_mobile_platformcsra6620flight_rb5_5g_platform_firmwaresrv1l_firmwaresnapdragon_888_5g_mobile_platform_firmwarewcd9370ssg2115psnapdragon_480\+_5g_mobile_platform_firmwareqca6426wcn3990_firmwareqrb5165n_firmwaresnapdragon_8_gen_2_mobile_platformqca9377qamsrv1hsa8530pwcd9385_firmwaretalynplusfastconnect_6200qamsrv1h_firmwareqam8295p_firmwareqcn9011_firmwaresa9000p_firmwaresnapdragon_778g_5g_mobile_platformsa7255psnapdragon_4_gen_2_mobile_platformwsa8845h_firmwaresnapdragon_8_gen_3_mobile_platformqca6595auqca6436_firmwaresnapdragon_680_4g_mobile_platform_firmwareqrb5165nsnapdragon_w5\+_gen_1_wearable_platform_firmwareqca6564au_firmwaresa8620p_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwaresnapdragon_870_5g_mobile_platformsa8775p_firmwareqcs6490video_collaboration_vc5_platformqcs8550_firmwarewcn3988_firmwaresrv1hsa6145p_firmwarefastconnect_6700_firmwaresa8195pwsa8810_firmwarevision_intelligence_400_platformwsa8845hsnapdragon_x62_5g_modem-rf_systemwcd9395_firmwarewcd9335snapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwaresg4150pqcs7230qca8081qcm4490snapdragon_888\+_5g_mobile_platformsa7775pqam8620pqca6174a_firmwareqcs5430sa8770p_firmwarewcd9385qcs6490_firmwaresnapdragon_x12_lte_modem_firmwarear8035wcd9375wcd9390vision_intelligence_400_platform_firmwaresnapdragon_662_mobile_platformsnapdragon_685_4g_mobile_platformwsa8815_firmwareqcm6490wsa8835_firmwarevideo_collaboration_vc5_platform_firmwaresxr2250p_firmwareqca6564asa4150psnapdragon_8_gen_2_mobile_platform_firmwaresg4150p_firmwareqcm6125_firmwareqcm4325robotics_rb5_platform_firmwarewcn3990sd865_5gfastconnect_6800qca6595qcs7230_firmwareqcn9012sd888sa8530p_firmwarewsa8835sxr1230p_firmwaresa8540p_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwaresnapdragon_auto_5g_modem-rfsd_8_gen1_5gsnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaressg2125p_firmwareqca6574asmart_audio_400_platformqca6174asm7325psa8650psa9000pqca6574_firmwaresm7325p_firmwaresxr2230pwsa8845_firmwaresnapdragon_xr2_5g_platform_firmwareqca6574a_firmwaresa8775pfastconnect_6200_firmwareqrb5165msm7315qca6391fastconnect_7800snapdragon_865\+_5g_mobile_platform_firmwareqcm4490_firmwareqcm6490_firmwarewsa8832_firmwaresrv1h_firmwareqcn9011video_collaboration_vc1_platform_firmwareqca6574ausa8155p_firmwareqcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwareqcm6125wsa8810sm8550psnapdragon_8_gen_1_mobile_platform_firmwaresnapdragon_680_4g_mobile_platformsm6370srv1m_firmwaresnapdragon_ar2_gen_1_platformqam8650p_firmwarewcn6740qca6696qcs8550sa6150psnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwareqcn6024snapdragon_8\+_gen_1_mobile_platform_firmwaresw5100_firmwareqcs410_firmwareSnapdragonqam8255p_firmwareqca9377_firmwaretalynplus_firmwaresnapdragon_662_mobile_platform_firmwaresa6150p_firmwaresa8145p_firmwaresxr2230p_firmwaresg8275p_firmwaremdm9628_firmwareflight_rb5_5g_platform_firmwarewcn3950_firmwaresrv1l_firmwaresnapdragon_888_5g_mobile_platform_firmwaresa8150p_firmwareqca6595au_firmwarecsra6620_firmwarecsra6640_firmwareqcm5430_firmwareqcs6125_firmwaresnapdragon_460_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwarewcn3990_firmwareqrb5165n_firmwarequalcomm_video_collaboration_vc3_platform_firmwarewcd9385_firmwareqcn6024_firmwareqamsrv1h_firmwaresd_8_gen1_5g_firmwareqsm8350_firmwaresnapdragon_660_mobile_platform_firmwareqam8295p_firmwareqcn9011_firmwaresa9000p_firmwaresm7315_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca6574au_firmwarewcd9375_firmwareqca8081_firmwarewsa8845h_firmwareqca6436_firmwaresnapdragon_680_4g_mobile_platform_firmwareqca6564au_firmwaresa8620p_firmwaresa6155p_firmwaresnapdragon_auto_5g_modem-rf_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareqca6678aq_firmwaresmart_audio_400_platform_firmwaresa8775p_firmwareqrb5165m_firmwarewsa8840_firmwaresa4155p_firmwareqcs8550_firmwarewcn3988_firmwaresa6145p_firmwaresa7775p_firmwarefastconnect_6700_firmwarewsa8810_firmwaresnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwarewcd9395_firmwareqca6698aq_firmwareqca6174a_firmwaresa8770p_firmwareqam8775p_firmwareqca6696_firmwareqcs6490_firmwaresnapdragon_x12_lte_modem_firmwarevision_intelligence_400_platform_firmwarewsa8830_firmwaresd865_5g_firmwarewsa8815_firmwarewsa8835_firmwaresd660_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwaresa8295p_firmwaresxr2250p_firmwaresg4150p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqcm6125_firmwarequalcomm_video_collaboration_vc1_platform_firmwarerobotics_rb5_platform_firmwareqca8337_firmwarewcd9380_firmwaresnapdragon_778g_5g_mobile_platform_firmwareqcs7230_firmwaresa8530p_firmwaresxr1230p_firmwaresa8540p_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaressg2125p_firmwareqcn9012_firmwaresm6370_firmwarewcd9335_firmwareqcm4325_firmwareqca6574_firmwaresm7325p_firmwarewsa8845_firmwaresnapdragon_xr2_5g_platform_firmwareqca6426_firmwareqca6574a_firmwarefastconnect_6200_firmwaresnapdragon_x62_5g_modem-rf_system_firmwarewcn3980_firmwarewcn6740_firmwareqcm4490_firmwareqcs4490_firmwareqcm6490_firmwaresa8650p_firmwarewsa8832_firmwarefastconnect_6900_firmwaresrv1h_firmwareqca6797aq_firmwaresa8155p_firmwareqca6564a_firmwareqcn9024_firmwaresa7255p_firmwareqcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwaresw5100p_firmwareqcs610_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqamsrv1m_firmwaresrv1m_firmwareqam8650p_firmwareqca6595_firmwareqcs5430_firmwareqca6391_firmwaresa4150p_firmwarewcd9370_firmwaresm8550p_firmwarequalcomm_video_collaboration_vc5_platform_firmwaresd888_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwaressg2115p_firmwaresw5100_firmwareqam8620p_firmwareqcs410_firmwarear8035_firmware
CWE ID-CWE-416
Use After Free
CVE-2024-33028
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.20% / 41.95%
||
7 Day CHG~0.00%
Published-05 Aug, 2024 | 14:21
Updated-20 Nov, 2024 | 14:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Automotive Telematics

Memory corruption as fence object may still be accessed in timeline destruct after isync fence is released.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qam8255p_firmwareqca9377_firmwaresa6150p_firmwareqcs610qca8337qfw7124sg8275p_firmwareqam8775pqamsrv1mqru1052wsa8840wcn3950_firmwaresa8150p_firmwareqca6595au_firmwarevideo_collaboration_vc3_platformsnapdragon_480_5g_mobile_platformcsra6620_firmwarecsra6640_firmwareqcm5430_firmwareqcs6125_firmwaresnapdragon_460_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwareqep8111_firmwareqam8295pwcn3950mdm9628qca6688aqsnapdragon_460_mobile_platformsnapdragon_695_5g_mobile_platform_firmwareqca6574au_firmwarewcd9375_firmwareqca8081_firmwaresnapdragon_auto_5g_modem-rf_firmwareqca9367_firmwareqca6678aq_firmwaresmart_audio_400_platform_firmwareqrb5165m_firmwarewsa8840_firmwareqca6698aqqcs6125sa4155p_firmwareqru1062_firmwaresa7775p_firmwarewcd9340sw5100sa6155pqdu1000_firmwareqca6698aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwarewcd9341qam8775p_firmwaresa8255pqca6696_firmwareqca6797aqqru1052_firmwaresa8150pqcc710_firmwarerobotics_rb5_platformwsa8830_firmwarewcn3988snapdragon_685_4g_mobile_platform_firmwaresa8195p_firmwaresa8295p_firmwaresa8770pqca8337_firmwarewcd9380_firmwaresw5100psnapdragon_w5\+_gen_1_wearable_platformqca6564auqcm8550qca6574qdu1110_firmwarewcd9380fastconnect_6700snapdragon_x72_5g_modem-rf_system_firmwareqcs410video_collaboration_vc3_platform_firmwaresg8275pqcn9012_firmwarewcd9335_firmwareqfw7114_firmwarewcn3980wsa8845qcm4325_firmwarewcd9340_firmwarewsa8815snapdragon_4_gen_1_mobile_platformqcs8250wcn3980_firmwaresa8295pqca6678aqsa8650p_firmwarefastconnect_6900snapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwareqca6797aq_firmwareqdu1010srv1lqdx1011_firmwareqca6564a_firmwaresa7255p_firmwaresnapdragon_8\+_gen_2_mobile_platformsa8620pqdx1010_firmwaresa8540psw5100p_firmwareqcs610_firmwareqamsrv1m_firmwareqcm5430sa6145pqcc710qca6595_firmwaresa8145pwcd9395qcs5430_firmwareqca6391_firmwaresa4150p_firmwarewcd9370_firmwaresm8550p_firmwareqdx1010sa8155pcsra6640snapdragon_695_5g_mobile_platformvideo_collaboration_vc1_platformsrv1mqam8620p_firmwareqfw7124_firmwareqam8255psa4155pqep8111qdu1210_firmwarear8035_firmwaresnapdragon_480\+_5g_mobile_platformsnapdragon_662_mobile_platform_firmwarewsa8830sa8145p_firmwareqam8650pmdm9628_firmwareflight_rb5_5g_platformcsra6620flight_rb5_5g_platform_firmwareqcn6224_firmwaresrv1l_firmwarewcd9370snapdragon_480\+_5g_mobile_platform_firmwareqca6584au_firmwareqdu1110qrb5165n_firmwaresnapdragon_8_gen_2_mobile_platformwcn3990_firmwareqca9377qamsrv1hsa8530pwcd9385_firmwarefastconnect_6200qamsrv1h_firmwareqam8295p_firmwareqcn9011_firmwaresa9000p_firmwaresa7255pqca6595ausnapdragon_8_gen_3_mobile_platformwsa8845h_firmwareqfw7114snapdragon_680_4g_mobile_platform_firmwareqrb5165nsnapdragon_w5\+_gen_1_wearable_platform_firmwareqca6564au_firmwareqca6584ausa6155p_firmwaresa8620p_firmwareqcm8550_firmwaresnapdragon_x72_5g_modem-rf_systemsa8775p_firmwareqcs6490qca9367video_collaboration_vc5_platformqcs8550_firmwarewcn3988_firmwaresa6145p_firmwaresrv1hfastconnect_6700_firmwaresa8195pwsa8810_firmwareqcn6224vision_intelligence_400_platformwsa8845hwcd9395_firmwaresa8255p_firmwaresg4150pqcs7230snapdragon_x75_5g_modem-rf_systemqca8081wcd9335snapdragon_x35_5g_modem-rf_systemsnapdragon_auto_5g_modem-rf_gen_2sa7775pqam8620pqca6174a_firmwareqcs5430sa8770p_firmwarewcd9385qcs6490_firmwarear8035wcd9375wcd9390vision_intelligence_400_platform_firmwaresnapdragon_662_mobile_platformsnapdragon_685_4g_mobile_platformqcm6490wsa8815_firmwarewsa8835_firmwarevideo_collaboration_vc5_platform_firmwareqca6564asa4150psg4150p_firmwareqca6688aq_firmwareqcm6125_firmwareqcm4325snapdragon_8_gen_2_mobile_platform_firmwarerobotics_rb5_platform_firmwarewcn3990qca6595qru1032qcs7230_firmwareqcn9012qdu1010_firmwaresa8530p_firmwareqdx1011qdu1000wsa8835sa8540p_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwaresnapdragon_auto_5g_modem-rfqcn6274snapdragon_4_gen_1_mobile_platform_firmwareqca6574asmart_audio_400_platformqca6174aqru1062sa8650psa9000pqca6574_firmwareqru1032_firmwarewsa8845_firmwareqca6574a_firmwarefastconnect_6200_firmwaresa8775pqrb5165mqca6391fastconnect_7800snapdragon_x35_5g_modem-rf_system_firmwareqcn6274_firmwareqcm6490_firmwaresrv1h_firmwareqcn9011video_collaboration_vc1_platform_firmwareqca6574ausa8155p_firmwareqcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwareqcm6125wsa8810sm8550psnapdragon_680_4g_mobile_platformsrv1m_firmwareqam8650p_firmwareqca6696qcs8550sa6150psnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwareqdu1210sw5100_firmwareqcs410_firmwareSnapdragonqam8255p_firmwareqca9377_firmwaresnapdragon_662_mobile_platform_firmwaresa6150p_firmwaresa8145p_firmwaresg8275p_firmwaremdm9628_firmwareflight_rb5_5g_platform_firmwareqcn6224_firmwarewcn3950_firmwaresrv1l_firmwaresa8150p_firmwareqca6595au_firmwarecsra6620_firmwarecsra6640_firmwareqcm5430_firmwareqcs6125_firmwaresnapdragon_460_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwareqca6584au_firmwareqep8111_firmwareqrb5165n_firmwarewcn3990_firmwarequalcomm_video_collaboration_vc3_platform_firmwarewcd9385_firmwareqamsrv1h_firmwareqam8295p_firmwareqcn9011_firmwaresa9000p_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca6574au_firmwarewcd9375_firmwareqca8081_firmwarewsa8845h_firmwaresnapdragon_680_4g_mobile_platform_firmwareqca6564au_firmwaresa8620p_firmwaresa6155p_firmwareqca9367_firmwaresnapdragon_auto_5g_modem-rf_firmwareqcm8550_firmwareqca6678aq_firmwaresmart_audio_400_platform_firmwaresa8775p_firmwareqrb5165m_firmwarewsa8840_firmwaresa4155p_firmwareqcs8550_firmwarewcn3988_firmwareqru1062_firmwaresa6145p_firmwaresa7775p_firmwarefastconnect_6700_firmwarewsa8810_firmwarewcd9395_firmwaresa8255p_firmwareqdu1000_firmwareqca6698aq_firmwareqca6174a_firmwaresa8770p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqam8775p_firmwareqca6696_firmwareqcs6490_firmwareqru1052_firmwareqcc710_firmwarevision_intelligence_400_platform_firmwarewsa8830_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresa8295p_firmwaresg4150p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqca6688aq_firmwareqcm6125_firmwarequalcomm_video_collaboration_vc1_platform_firmwarerobotics_rb5_platform_firmwareqca8337_firmwarewcd9380_firmwareqcs7230_firmwareqdu1010_firmwaresa8530p_firmwareqdu1110_firmwaresa8540p_firmwaresnapdragon_x72_5g_modem-rf_system_firmwaresnapdragon_4_gen_1_mobile_platform_firmwareqcn9012_firmwarewcd9335_firmwareqfw7114_firmwareqcm4325_firmwareqca6574_firmwarewcd9340_firmwareqru1032_firmwarewsa8845_firmwareqca6574a_firmwarefastconnect_6200_firmwarewcn3980_firmwaresnapdragon_x35_5g_modem-rf_system_firmwareqcn6274_firmwareqcm6490_firmwaresa8650p_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwaresrv1h_firmwareqca6797aq_firmwaresa8155p_firmwareqdx1011_firmwareqca6564a_firmwaresa7255p_firmwareqcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwareqdx1010_firmwaresw5100p_firmwareqcs610_firmwareqamsrv1m_firmwaresrv1m_firmwareqam8650p_firmwareqca6595_firmwareqcs5430_firmwareqca6391_firmwaresa4150p_firmwarewcd9370_firmwaresm8550p_firmwarequalcomm_video_collaboration_vc5_platform_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwaresw5100_firmwareqam8620p_firmwareqcs410_firmwareqfw7124_firmwareqdu1210_firmwarear8035_firmware
CWE ID-CWE-416
Use After Free
CVE-2024-33059
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 20.18%
||
7 Day CHG~0.00%
Published-06 Jan, 2025 | 10:33
Updated-10 Jan, 2025 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Computer Vision

Memory corruption while processing frame command IOCTL calls.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sg8275psg8275p_firmwarewcd9380_firmwarewcd9385_firmwaresnapdragon_8_gen_2_mobilewcd9395fastconnect_7800wsa8845hwsa8840wcd9390_firmwareqcs8550_firmwareqcs8550wcd9385snapdragon_8_gen_2_mobile_firmwarewcd9380wcd9390sm8550pwcd9395_firmwarewsa8845fastconnect_6900_firmwareqcm8550_firmwaresnapdragon_8\+_gen_2_mobilewsa8845_firmwarefastconnect_6900wsa8845h_firmwarefastconnect_7800_firmwareqcm8550wsa8840_firmwaresnapdragon_8\+_gen_2_mobile_firmwaresnapdragon_8_gen_3_mobilesnapdragon_8_gen_3_mobile_firmwaresm8550p_firmwareSnapdragon
CWE ID-CWE-416
Use After Free
CVE-2024-31339
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.91%
||
7 Day CHG~0.00%
Published-09 Jul, 2024 | 20:11
Updated-17 Dec, 2024 | 18:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In multiple functions of StatsService.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroid
CWE ID-CWE-416
Use After Free
CVE-2024-31960
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.27% / 50.34%
||
7 Day CHG~0.00%
Published-10 Sep, 2024 | 00:00
Updated-24 Sep, 2024 | 18:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Samsung Mobile Processor Exynos 1480, Exynos 2400. The xclipse amdgpu driver has a reference count bug. This can lead to a use after free.

Action-Not Available
Vendor-n/aSamsungSamsung Electronics
Product-exynos_1480exynos_1480_firmwareexynos_2400_firmwareexynos_2400n/aexynos
CWE ID-CWE-416
Use After Free
CVE-2024-31083
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.10% / 28.01%
||
7 Day CHG~0.00%
Published-05 Apr, 2024 | 12:04
Updated-20 Nov, 2025 | 07:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Xorg-x11-server: use-after-free in procrenderaddglyphs

A use-after-free vulnerability was found in the ProcRenderAddGlyphs() function of Xorg servers. This issue occurs when AllocateGlyph() is called to store new glyphs sent by the client to the X server, potentially resulting in multiple entries pointing to the same non-refcounted glyphs. Consequently, ProcRenderAddGlyphs() may free a glyph, leading to a use-after-free scenario when the same glyph pointer is subsequently accessed. This flaw allows an authenticated attacker to execute arbitrary code on the system by sending a specially crafted request.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat Enterprise Linux 8.8 Extended Update SupportRed Hat Enterprise Linux 9Red Hat Enterprise Linux 8.2 Telecommunications Update ServiceRed Hat Enterprise Linux 7Red Hat Enterprise Linux 6Red Hat Enterprise Linux 9.2 Extended Update SupportRed Hat Enterprise Linux 8.4 Update Services for SAP SolutionsRed Hat Enterprise Linux 8Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 10Red Hat Enterprise Linux 8.6 Extended Update SupportRed Hat Enterprise Linux 8.4 Telecommunications Update ServiceRed Hat Enterprise Linux 9.0 Extended Update SupportRed Hat Enterprise Linux 8.2 Advanced Update SupportRed Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSIONRed Hat Enterprise Linux 8.2 Update Services for SAP Solutions
CWE ID-CWE-416
Use After Free
CVE-2025-59236
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.4||HIGH
EPSS-0.11% / 28.75%
||
7 Day CHG~0.00%
Published-14 Oct, 2025 | 17:00
Updated-26 Feb, 2026 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Excel Remote Code Execution Vulnerability

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-office_online_server365_appsoffice_long_term_servicing_channelofficeMicrosoft 365 Apps for EnterpriseMicrosoft Office 2019Microsoft Office LTSC for Mac 2021Microsoft Office LTSC 2024Microsoft Office LTSC for Mac 2024Microsoft Office LTSC 2021Office Online Server
CWE ID-CWE-416
Use After Free
CVE-2024-30035
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-2.63% / 85.48%
||
7 Day CHG~0.00%
Published-14 May, 2024 | 16:57
Updated-03 May, 2025 | 00:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows DWM Core Library Elevation of Privilege Vulnerability

Windows DWM Core Library Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2022_23h2windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_11_23h2Windows 11 version 22H3Windows Server 2019Windows 10 Version 21H2Windows 11 version 22H2Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2Windows Server 2022Windows 11 version 21H2Windows Server 2019 (Server Core installation)Windows 10 Version 22H2Windows 10 Version 1809
CWE ID-CWE-416
Use After Free
CVE-2024-43057
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.86%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in MProc

Memory corruption while processing command in Glink linux.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429w_firmwareqcs410_firmwaresa6150p_firmwaresd865_5gimmersive_home_214qcn9000_firmwareipq9574qcn6102_firmwaresw5100pqcn9022qcs610_firmwareipq6028_firmwarewcd9370qca8081_firmwaresnapdragon_429_firmwareqca8072qca6696wcd9340_firmwarewcd9341_firmwareipq5028_firmwareqcn6024qcc710_firmwareipq8076qca6426qcn6422_firmwareipq6018_firmwareqcn6023qcn5124_firmwaresnapdragon_888_5gqca8337qca6426_firmwareipq6000ipq9048ipq8078aqca6574au_firmwareipq8078a_firmwareqam8295pwcd9341ipq5312qca6574auwsa8810_firmwaresnapdragon_429qcn9100_firmwaresnapdragon_865\+_5gwcn3660b_firmwareqcn5122fsm20055fastconnect_6800_firmwaresnapdragon_865\+_5g_firmwareqcn6024_firmwaresnapdragon_x65_5gvideo_collaboration_vc1_platform_firmwaresnapdragon_888\+_5g_firmwarec-v2x_9150qcn9000qcc710qcn6132_firmwaresnapdragon_xr2_5g_firmwareqsm8250_firmwareqcn5054qcn6402fastconnect_6900snapdragon_w5\+_gen_1_wearable_firmwareqcn6432video_collaboration_vc1_platformimmersive_home_326_firmwareipq5332_firmwareqcn5052fsm10056_firmwaresnapdragon_x72_5gqfw7114wcd9385_firmwareipq9574_firmwareipq8074a_firmwareipq8076aqcn5164sa6155pqcn6100_firmwareqcn9160csr8811_firmwarewsa8810qca8075qcn5021qsm8250qca8085qcn6100snapdragon_865_5g_firmwaresa6155p_firmwareqfw7124_firmwareqca6436_firmwareqcn9012qcn9070ipq8070a_firmwareqcn5021_firmwareqcf8001qca8084sdx65mwcd9370_firmwareqca9367wcn3660bipq9570wcn3620_firmwaresa8195pqca6174awcd9340snapdragon_auto_5g_modem-rf_gen_2ipq5302qcn6122_firmwareqcn5154_firmwareipq9048_firmwaresnapdragon_x55_5g_firmwarewcn3988fsm20055_firmwareqcn5122_firmwareqcn9274qcn9024pmp8074ipq8076a_firmwareipq9570_firmwareqcn6412_firmwareqcn9024_firmwareqca8082sa6150pqcs410sa8155p_firmwaresa8155pqca8072_firmwarewsa8830snapdragon_870_5g_firmwareipq5312_firmwareqcf8000_firmwaresa6145psnapdragon_x65_5g_firmwareqcn9074_firmwareipq8174immersive_home_318_firmwareqcn6122ipq8174_firmwaresnapdragon_888\+_5gsnapdragon_x75_5gar8035ipq8072aimmersive_home_216_firmwarewcn3620snapdragon_x72_5g_firmwareimmersive_home_316qcf8000sfp_firmwareqcn6224ipq8071aqcn6112qca6698aqqxm8083wcn3950_firmwarewcn3680bsa8145p_firmwaresa8150p_firmwarevideo_collaboration_vc3_platform_firmwareqcn6023_firmwareqcn5164_firmwareipq8078qcn5152_firmwareipq9554_firmwarewsa8830_firmwareqcn9072qcn6224_firmwareqca8386_firmwareqca8082_firmwareimmersive_home_216sxr2130_firmwareqcn6432_firmwarear8035_firmwareqcn5022_firmwareqca4024_firmwareqca0000_firmwarefsm20056ipq9008ipq9554ipq9008_firmwareqcn9074ipq5300_firmwarewsa8815_firmwaresnapdragon_865_5gsa8195p_firmwareqca8337_firmwareqcn5054_firmwareqca9888ipq5332qca9377_firmwareipq8173ipq8072a_firmwareipq6010_firmwarewcn3950qcn6112_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareipq5028qca8085_firmwareqcn9070_firmwareqcf8001_firmwaresa8295p_firmwareqcn9022_firmwareipq5010_firmwareqcn6132ipq6018qcn9160_firmwareqcn6102qcn6274_firmwareqca6584aufsm10056sw5100_firmwarefsm20056_firmwareqfw7114_firmwarefastconnect_6800qca4024fastconnect_7800_firmwareqcn6422immersive_home_214_firmwareqxm8083_firmwareipq5302_firmwareipq5300ipq8070afastconnect_6900_firmwarewcd9380sa6145p_firmwaresnapdragon_xr2_5gsa8150pimmersive_home_3210qca8075_firmwaresnapdragon_888_5g_firmwareqcf8000qcn5052_firmwareipq6010sdx65m_firmwarevideo_collaboration_vc3_platformsw5100c-v2x_9150_firmwareqam8295p_firmwareqcn6402_firmwaresnapdragon_8_gen_1_firmwareqca6698aq_firmwarewcd9385qca9367_firmwareqca8084_firmwaresnapdragon_8_gen_1qcn5024sdx55_firmwareimmersive_home_326snapdragon_x55_5gipq8071a_firmwaresxr2130ipq6028snapdragon_870_5gqcn9100qca6174a_firmwaresdm429wipq8076_firmwarewcn3980_firmwareqcn6274qca6436qfw7124snapdragon_w5\+_gen_1_wearablewsa8835qca6584au_firmwareqca6391_firmwareqca0000sw5100p_firmwareqca6696_firmwarewcd9380_firmwareqca8081wsa8815qcn5124qca9377qcn5152qcn6412sdx55qcn9072_firmwareqca9888_firmwareipq8074aimmersive_home_3210_firmwareqca9889qcn5024_firmwareqca8386qca6391snapdragon_x75_5g_firmwareimmersive_home_318ipq5010qcn9274_firmwareqcn9012_firmwareipq8173_firmwaresa8295pipq6000_firmwarefastconnect_7800sd865_5g_firmwarepmp8074_firmwareipq8078_firmwareqca9889_firmwarewcn3988_firmwareimmersive_home_316_firmwareqcn5154sa8145pwsa8835_firmwarecsr8811qcn5022wcn3980wcn3680b_firmwareqcf8000sfpqcs610Snapdragon
CWE ID-CWE-416
Use After Free
CVE-2024-30028
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.35% / 57.02%
||
7 Day CHG~0.00%
Published-14 May, 2024 | 16:57
Updated-03 May, 2025 | 00:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Win32k Elevation of Privilege Vulnerability

Win32k Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2022_23h2windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607windows_11_23h2Windows 11 version 22H3Windows Server 2012 (Server Core installation)Windows Server 2016 (Server Core installation)Windows Server 2008 Service Pack 2Windows Server 2016Windows 10 Version 1507Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2012Windows Server 2019Windows 10 Version 21H2Windows 10 Version 1607Windows 11 version 22H2Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2Windows Server 2022Windows 11 version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2
CWE ID-CWE-416
Use After Free
CVE-2025-59290
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.11% / 28.75%
||
7 Day CHG~0.00%
Published-14 Oct, 2025 | 17:00
Updated-22 Feb, 2026 | 17:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Bluetooth Service Elevation of Privilege Vulnerability

Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_11_22h2windows_11_24h2windows_10_21h2windows_11_23h2windows_server_2022windows_10_22h2windows_server_2022_23h2windows_server_2025Windows Server 2025Windows Server 2022Windows 11 Version 24H2Windows Server 2025 (Server Core installation)Windows 11 Version 23H2Windows 11 version 22H2Windows 10 Version 21H2Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 version 22H3Windows 10 Version 22H2
CWE ID-CWE-416
Use After Free
CVE-2024-30049
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.64% / 70.30%
||
7 Day CHG~0.00%
Published-14 May, 2024 | 16:57
Updated-03 May, 2025 | 00:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2022_23h2windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607windows_11_23h2Windows 11 version 22H3Windows Server 2012 (Server Core installation)Windows Server 2016 (Server Core installation)Windows Server 2008 Service Pack 2Windows Server 2016Windows 10 Version 1507Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2012Windows Server 2019Windows 10 Version 21H2Windows 10 Version 1607Windows 11 version 22H2Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2Windows Server 2022Windows 11 version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2
CWE ID-CWE-416
Use After Free
CVE-2024-30089
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-2.30% / 84.53%
||
7 Day CHG~0.00%
Published-11 Jun, 2024 | 16:59
Updated-17 Dec, 2025 | 22:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Streaming Service Elevation of Privilege Vulnerability

Microsoft Streaming Service Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2022_23h2windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_11_23h2Windows 10 Version 1809Windows Server 2019 (Server Core installation)Windows 11 version 22H3Windows Server 2022Windows 11 Version 23H2Windows 10 Version 22H2Windows Server 2019Windows 11 version 22H2Windows 11 version 21H2Windows 10 Version 21H2Windows Server 2022, 23H2 Edition (Server Core installation)
CWE ID-CWE-416
Use After Free
CVE-2024-30082
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.23% / 45.86%
||
7 Day CHG~0.00%
Published-11 Jun, 2024 | 16:59
Updated-17 Dec, 2025 | 22:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Win32k Elevation of Privilege Vulnerability

Win32k Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2022_23h2windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607windows_11_23h2Windows 10 Version 1809Windows Server 2019 (Server Core installation)Windows 10 Version 1607Windows Server 2016 (Server Core installation)Windows 11 version 22H3Windows Server 2022Windows Server 2008 R2 Service Pack 1Windows 11 version 22H2Windows Server 2012Windows 11 version 21H2Windows Server 2008 Service Pack 2Windows Server 2012 (Server Core installation)Windows 10 Version 21H2Windows 10 Version 1507Windows 11 Version 23H2Windows 10 Version 22H2Windows Server 2019Windows Server 2012 R2Windows Server 2012 R2 (Server Core installation)Windows Server 2008 Service Pack 2Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2016Windows Server 2022, 23H2 Edition (Server Core installation)
CWE ID-CWE-416
Use After Free
CVE-2024-29787
Matching Score-4
Assigner-Google Devices
ShareView Details
Matching Score-4
Assigner-Google Devices
CVSS Score-7.4||HIGH
EPSS-0.03% / 8.73%
||
7 Day CHG~0.00%
Published-13 Jun, 2024 | 21:01
Updated-02 Aug, 2024 | 01:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In lwis_process_transactions_in_queue of lwis_transaction.c, there is a possible use after free due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroid
CWE ID-CWE-416
Use After Free
CVE-2024-30032
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-2.63% / 85.48%
||
7 Day CHG~0.00%
Published-14 May, 2024 | 16:57
Updated-03 May, 2025 | 00:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows DWM Core Library Elevation of Privilege Vulnerability

Windows DWM Core Library Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2022_23h2windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607windows_11_23h2Windows 11 version 22H3Windows Server 2019Windows 10 Version 21H2Windows 11 version 22H2Windows Server 2022, 23H2 Edition (Server Core installation)Windows 10 Version 1607Windows Server 2016 (Server Core installation)Windows Server 2016Windows 11 Version 23H2Windows Server 2022Windows 11 version 21H2Windows Server 2019 (Server Core installation)Windows 10 Version 22H2Windows 10 Version 1507Windows 10 Version 1809
CWE ID-CWE-416
Use After Free
CVE-2025-58728
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.11% / 28.75%
||
7 Day CHG~0.00%
Published-14 Oct, 2025 | 17:00
Updated-26 Feb, 2026 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Bluetooth Service Elevation of Privilege Vulnerability

Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_11_24h2windows_11_25h2windows_10_1809windows_server_2022_23h2windows_server_2025windows_11_23h2windows_10_21h2windows_11_22h2windows_10_22h2windows_server_2019Windows Server 2019 (Server Core installation)Windows 11 Version 25H2Windows 10 Version 21H2Windows 11 version 22H2Windows 11 version 22H3Windows 10 Version 22H2Windows 11 Version 23H2Windows Server 2019Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2025Windows 11 Version 24H2Windows 10 Version 1809Windows Server 2025 (Server Core installation)
CWE ID-CWE-416
Use After Free
CVE-2024-30086
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.48% / 64.77%
||
7 Day CHG~0.00%
Published-11 Jun, 2024 | 16:59
Updated-17 Dec, 2025 | 22:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2022_23h2windows_server_2012windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607windows_11_23h2Windows 10 Version 1809Windows Server 2019 (Server Core installation)Windows 10 Version 1607Windows Server 2016 (Server Core installation)Windows 11 version 22H3Windows Server 2022Windows 11 version 22H2Windows Server 2012Windows 11 version 21H2Windows Server 2012 (Server Core installation)Windows 10 Version 21H2Windows 10 Version 1507Windows 11 Version 23H2Windows 10 Version 22H2Windows Server 2019Windows Server 2012 R2Windows Server 2012 R2 (Server Core installation)Windows Server 2016Windows Server 2022, 23H2 Edition (Server Core installation)
CWE ID-CWE-416
Use After Free
CVE-2024-28951
Matching Score-4
Assigner-OpenHarmony
ShareView Details
Matching Score-4
Assigner-OpenHarmony
CVSS Score-5.5||MEDIUM
EPSS-0.10% / 26.53%
||
7 Day CHG~0.00%
Published-02 Apr, 2024 | 06:23
Updated-24 Jan, 2025 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Arkcompiler runtime has a use after free vulnerability

in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free.

Action-Not Available
Vendor-OpenAtom FoundationOpenHarmony (OpenAtom Foundation)
Product-openharmonyOpenHarmonyopenharmony
CWE ID-CWE-416
Use After Free
CVE-2024-2937
Matching Score-4
Assigner-Arm Limited
ShareView Details
Matching Score-4
Assigner-Arm Limited
CVSS Score-7.8||HIGH
EPSS-0.15% / 35.83%
||
7 Day CHG~0.00%
Published-05 Aug, 2024 | 11:31
Updated-30 Sep, 2024 | 15:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mali GPU Kernel Driver allows improper GPU memory processing operations

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r41p0 through r49p0; Valhall GPU Kernel Driver: from r41p0 through r49p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r49p0.

Action-Not Available
Vendor-Arm Limited
Product-bifrost_gpu_kernel_driver5th_gen_gpu_architecture_kernel_drivervalhall_gpu_kernel_driverBifrost GPU Kernel DriverArm 5th Gen GPU Architecture Kernel DriverValhall GPU Kernel Driverbifrost_gpu_kernel_drivervalhall_gpu_kernel_driver5th_gen_gpu_architecture_kernel_driver
CWE ID-CWE-416
Use After Free
CVE-2020-27044
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.21%
||
7 Day CHG~0.00%
Published-15 Dec, 2020 | 16:05
Updated-04 Aug, 2024 | 16:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In restartWrite of Parcel.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-157066561

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-27217
Matching Score-4
Assigner-OpenHarmony
ShareView Details
Matching Score-4
Assigner-OpenHarmony
CVSS Score-6.5||MEDIUM
EPSS-0.11% / 28.92%
||
7 Day CHG~0.00%
Published-07 May, 2024 | 06:26
Updated-02 Jan, 2025 | 19:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
MSDP has a use after free vulnerability

in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free.

Action-Not Available
Vendor-OpenAtom FoundationOpenHarmony (OpenAtom Foundation)
Product-openharmonyOpenHarmonyopenharmony
CWE ID-CWE-416
Use After Free
CVE-2024-26230
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-49.02% / 97.72%
||
7 Day CHG~0.00%
Published-09 Apr, 2024 | 17:01
Updated-03 May, 2025 | 00:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Telephony Server Elevation of Privilege Vulnerability

Windows Telephony Server Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2022_23h2windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607windows_11_23h2Windows 11 version 22H3Windows Server 2012 (Server Core installation)Windows Server 2016 (Server Core installation)Windows Server 2008 Service Pack 2Windows Server 2016Windows 10 Version 1507Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2012Windows Server 2019Windows 10 Version 21H2Windows 10 Version 1607Windows 11 version 22H2Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2Windows Server 2022Windows 11 version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2
CWE ID-CWE-416
Use After Free
CVE-2024-26237
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.63% / 70.00%
||
7 Day CHG~0.00%
Published-09 Apr, 2024 | 17:00
Updated-03 May, 2025 | 00:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Defender Credential Guard Elevation of Privilege Vulnerability

Windows Defender Credential Guard Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2022_23h2windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_11_23h2Windows 11 version 22H3Windows Server 2019Windows 10 Version 21H2Windows 11 version 22H2Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2Windows Server 2022Windows 11 version 21H2Windows Server 2019 (Server Core installation)Windows 10 Version 22H2Windows 10 Version 1809
CWE ID-CWE-416
Use After Free
CVE-2024-26182
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-2.15% / 84.04%
||
7 Day CHG~0.00%
Published-12 Mar, 2024 | 16:58
Updated-03 May, 2025 | 00:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_10_22h2windows_server_2019windows_10_1607Windows Server 2019Windows 10 Version 21H2Windows 10 Version 1607Windows Server 2016 (Server Core installation)Windows Server 2016Windows Server 2019 (Server Core installation)Windows 10 Version 22H2Windows 10 Version 1809
CWE ID-CWE-416
Use After Free
CVE-2025-54912
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.04%
||
7 Day CHG~0.00%
Published-09 Sep, 2025 | 17:01
Updated-20 Feb, 2026 | 16:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows BitLocker Elevation of Privilege Vulnerability

Use after free in Windows BitLocker allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_1507windows_server_2022windows_11_22h2windows_11_24h2windows_10_22h2windows_10_1607windows_10_21h2windows_11_23h2windows_server_2008windows_server_2012windows_server_2016windows_server_2019windows_server_2025windows_server_2022_23h2windows_10_1809Windows Server 2025Windows Server 2008 R2 Service Pack 1Windows 11 Version 23H2Windows Server 2012 (Server Core installation)Windows 10 Version 1809Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 version 22H3Windows Server 2016 (Server Core installation)Windows 10 Version 22H2Windows Server 2019Windows Server 2022Windows 10 Version 1607Windows 11 Version 24H2Windows Server 2025 (Server Core installation)Windows Server 2019 (Server Core installation)Windows Server 2016Windows 11 version 22H2Windows Server 2012 R2Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2012Windows Server 2012 R2 (Server Core installation)
CWE ID-CWE-416
Use After Free
CVE-2024-23354
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.13% / 33.05%
||
7 Day CHG~0.00%
Published-06 May, 2024 | 14:32
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Graphics Linux

Memory corruption when the IOCTL call is interrupted by a signal.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm8550_firmwaresw5100pwsa8845_firmwarewsa8832qca6595srv1mwcd9370qca6696wcd9395_firmwaresnapdragon_8\+_gen_1_mobilefastconnect_6700snapdragon_685_4g_mobilewsa8815_firmwarewsa8832_firmwaresa8195p_firmwarewcd9395sg8275p_firmwareqca6574au_firmwareqcm4490_firmwareqca6574auwcd9390sa8620p_firmwarewcn3950wsa8810_firmwarewsa8845h_firmwareflight_rb5_5gsa9000p_firmwaresrv1hqca6797aq_firmwaretalynplus_firmwaresa8770pssg2115psw5100_firmwareqca6595_firmwareqcs7230fastconnect_6900fastconnect_7800_firmwaresnapdragon_w5\+_gen_1_wearable_firmwaresa7255pwcd9385_firmwarefastconnect_6900_firmwareqam8255p_firmwarerobotics_rb5_firmwarewcd9380qam8255psxr2230pqcs4490snapdragon_680_4g_mobilewsa8845sa6155psxr1230pwsa8810qam8650pvideo_collaboration_vc5_platform_firmwaresa9000psrv1h_firmwaresw5100qca6595ausxr2250p_firmwaresa6155p_firmwaresnapdragon_685_4g_mobile_firmwarewsa8840srv1m_firmwareqcs8550_firmwaresnapdragon_8_gen_2_mobile_firmwareqca6698aq_firmwaresnapdragon_4_gen_2_mobile_firmwarewcd9385snapdragon_8_gen_1_mobileqcs4490_firmwaresnapdragon_680_4g_mobile_firmwaresa8255pqcs7230_firmwaresxr1230p_firmwarewcd9390_firmwaresnapdragon_8_gen_2_mobilesg8275pwcd9370_firmwareflight_rb5_5g_firmwaressg2125psa7255p_firmwareqca6574asnapdragon_8\+_gen_2_mobileqcm4490sa8195pqamsrv1mrobotics_rb5talynplusqam8650p_firmwarevideo_collaboration_vc5_platformsm8550p_firmwaresxr2250pqcm8550wcn3988qrb5165n_firmwareqca6574sa8775pwsa8835qca6595au_firmwareqca6391_firmwaresxr2230p_firmwarewsa8840_firmwaresw5100p_firmwaresa8775p_firmwareqamsrv1hqca6696_firmwarewsa8845hwcd9380_firmwareqca6574_firmwaresa8155p_firmwarewsa8815sg4150psa8155psd_8_gen1_5gwsa8830qam8775pqca6797aqsnapdragon_ar2_gen_1_firmwaresm8550pqcm4325_firmwaresa8620psa8255p_firmwareqca6574a_firmwareqamsrv1m_firmwaresnapdragon_4_gen_2_mobilesa8650p_firmwareqcm4325sd_8_gen1_5g_firmwarewcd9375_firmwareqca6391qca6698aqsg4150p_firmwaressg2125p_firmwarewcn3950_firmwaresa8770p_firmwareqrb5165nqcs8550fastconnect_7800sa8650pqam8775p_firmwaresnapdragon_8\+_gen_2_mobile_firmwarewcd9375snapdragon_ar2_gen_1wcn3988_firmwarefastconnect_6700_firmwareqamsrv1h_firmwaresnapdragon_8\+_gen_1_mobile_firmwarewsa8835_firmwaressg2115p_firmwarewsa8830_firmwaresnapdragon_w5\+_gen_1_wearablesnapdragon_8_gen_1_mobile_firmwareSnapdragonqam8255p_firmwarerobotics_rb5_platform_firmwaresa6155p_firmwaresa8620p_firmwareqcm4490_firmwareqcm8550_firmwareqcs4490_firmwaresa8775p_firmwaresa8650p_firmwaresg8275p_firmwaresnapdragonfastconnect_6900_firmwaresrv1h_firmwareqcs7230_firmwareqcs8550_firmwareqca6797aq_firmwareflight_rb5_5g_platform_firmwaresa8155p_firmwarefastconnect_6700_firmwaresa7255p_firmwarefastconnect_7800_firmwareqca6595au_firmwaresnapdragon_8_gen_1_mobile_platform_firmwaresnapdragon_4_gen_2_mobile_platform_firmwareqca6698aq_firmwareqamsrv1m_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqam8650p_firmwaresa8770p_firmwareqam8775p_firmwareqrb5165n_firmwareqca6696_firmwareqca6595_firmwareqca6391_firmwareqcm4325_firmwareqamsrv1h_firmwareqca6574_firmwaresd_8_gen1_5g_firmwaresm8550p_firmwarequalcomm_video_collaboration_vc5_platform_firmwaresa9000p_firmwareqca6574a_firmwareqca6574au_firmwaresa8195p_firmwaresnapdragon_680_4g_mobile_platform_firmware
CWE ID-CWE-416
Use After Free
CVE-2024-23696
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-8.4||HIGH
EPSS-0.03% / 8.73%
||
7 Day CHG~0.00%
Published-09 Jul, 2024 | 20:09
Updated-17 Dec, 2024 | 16:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In RGXCreateZSBufferKM of rgxta3d.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Imagination Technologies LimitedGoogle LLC
Product-androidAndroidpowervr-gpu
CWE ID-CWE-416
Use After Free
CVE-2020-27899
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.15% / 35.36%
||
7 Day CHG~0.00%
Published-02 Apr, 2021 | 17:27
Updated-04 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.2 and iPadOS 14.2, macOS Big Sur 11.0.1, watchOS 7.1, tvOS 14.2. A local attacker may be able to elevate their privileges.

Action-Not Available
Vendor-Apple Inc.
Product-iphone_oswatchostvosipadosmacoswatchOStvOSmacOSiOS and iPadOS
CWE ID-CWE-416
Use After Free
CVE-2022-42430
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-0.10% / 27.12%
||
7 Day CHG~0.00%
Published-29 Mar, 2023 | 00:00
Updated-14 Feb, 2025 | 16:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows local attackers to escalate privileges on affected Tesla vehicles. An attacker must first obtain the ability to execute privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of the wowlan_config data structure. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-17543.

Action-Not Available
Vendor-teslaTesla
Product-model_3_firmwaremodel_3Model 3
CWE ID-CWE-416
Use After Free
CVE-2025-54102
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.08% / 24.68%
||
7 Day CHG~0.00%
Published-09 Sep, 2025 | 17:00
Updated-26 Feb, 2026 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Connected Devices Platform Service Elevation of Privilege Vulnerability

Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2022windows_11_22h2windows_11_24h2windows_10_22h2windows_10_1607windows_10_21h2windows_11_23h2windows_server_2016windows_server_2019windows_server_2025windows_server_2022_23h2windows_10_1809Windows Server 2019 (Server Core installation)Windows 10 Version 21H2Windows 10 Version 22H2Windows 11 Version 23H2Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2025 (Server Core installation)Windows 11 version 22H2Windows 11 version 22H3Windows 10 Version 1607Windows Server 2019Windows Server 2022Windows Server 2025Windows Server 2016 (Server Core installation)Windows 11 Version 24H2Windows Server 2016Windows 10 Version 1809
CWE ID-CWE-416
Use After Free
CVE-2024-43066
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.86%
||
7 Day CHG~0.00%
Published-07 Apr, 2025 | 10:15
Updated-06 Oct, 2025 | 20:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in HLOS

Memory corruption while handling file descriptor during listener registration/de-registration.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6426sa4155p_firmwareqca6698aq_firmwaresa8295p_firmwaresnapdragon_680_4g_mobile_platform_firmwaresnapdragon_xr2_5g_platform_firmwaresnapdragon_845_mobile_platform_firmwareqca6595au_firmwarewcn3620snapdragon_460_mobile_platformsd660_firmwarefastconnect_6200_firmwaresm4125_firmwaresnapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)qca6698aqwsa8830_firmwaresa6145p_firmwaresnapdragon_695_5g_mobile_platformsa8145p_firmwaresa4155psnapdragon_auto_5g_modem-rfsa6155_firmwareqam8295psnapdragon_x55_5g_modem-rf_systemsnapdragon_4_gen_1_mobile_platformwcd9335qcs8550_firmwaresnapdragon_870_5g_mobile_platform_\(sm8250-ac\)_firmwarefastconnect_6200qca6574aqam8295p_firmwarequalcomm_205_mobile_platform_firmwaresa8145pwcn3620_firmwaresw5100p_firmwarewsa8815_firmwaresnapdragon_820_automotive_platformsa8155_firmwaresdm429w_firmwareqca6595snapdragon_480\+_5g_mobile_platform_\(sm4350-ac\)_firmwareqca6564au_firmwarequalcomm_205_mobile_platformsnapdragon_429_mobile_platform_firmwaresnapdragon_865_5g_mobile_platformwsa8835snapdragon_660_mobile_platformmdm9650_firmwaresnapdragon_210_processor_firmwaresnapdragon_685_4g_mobile_platform_\(sm6225-ad\)wcn3988snapdragon_212_mobile_platformsnapdragon_auto_5g_modem-rf_firmwaresa8155vision_intelligence_400_platform_firmwarewcd9375sa6150p_firmwarefastconnect_7800_firmwarerobotics_rb3_platform_firmwaresnapdragon_660_mobile_platform_firmwaresw5100sm6370wcd9385_firmwarefastconnect_6700_firmwaresnapdragon_w5\+_gen_1_wearable_platform_firmwaresnapdragon_w5\+_gen_1_wearable_platformsxr2130sa8195p_firmwareqca6574ausxr2130_firmwarevision_intelligence_400_platformsnapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)_firmwaresa6150pwcn3610wcn3660bqca6564_firmwaresa4150p_firmwaresnapdragon_480_5g_mobile_platformsa8150p_firmwaresm6370_firmwareqcs410sa8155p_firmwaresnapdragon_845_mobile_platformqca6564qca6310_firmwarefastconnect_7800snapdragon_865_5g_mobile_platform_firmwaresnapdragon_x55_5g_modem-rf_system_firmwarewcn3660b_firmwarewcn3680bsnapdragon_212_mobile_platform_firmwaresw5100pvideo_collaboration_vc1_platform_firmwaresa6155p_firmwaresnapdragon_4_gen_1_mobile_platform_firmwareqca6310qca6574sxr1120snapdragon_480\+_5g_mobile_platform_\(sm4350-ac\)qca6436qcs610_firmwaresd660snapdragon_685_4g_mobile_platform_\(sm6225-ad\)_firmwareqca6574au_firmwareqca6574_firmwareqcs610wcn3990fastconnect_6800video_collaboration_vc1_platformfastconnect_6900qca6426_firmwaresnapdragon_auto_4g_modemwcd9335_firmwaresa8295pqca6696qcs410_firmwarewcd9341_firmwareqca6595_firmwarewcd9326_firmwaresnapdragon_460_mobile_platform_firmwareqcm6490mdm9650snapdragon_xr1_platform_firmwareqcs6490wcd9370sd865_5g_firmwarewsa8810_firmwaresa6155fastconnect_6800_firmwarewcn3910sa8195psnapdragon_429_mobile_platformfastconnect_6700sxr1120_firmwaresa8155psnapdragon_auto_4g_modem_firmwaresnapdragon_210_processorsnapdragon_870_5g_mobile_platform_\(sm8250-ac\)sg4150psnapdragon_820_automotive_platform_firmwaresdm429wqca6595auwcn3950wcn3990_firmwarewsa8835_firmwaresa6145pwsa8830sa6155pwcn3950_firmwarewcd9380wcn3980_firmwareqcm6490_firmwaresa4150pqca6335wcn3980qca6391wsa8815wcd9370_firmwareqcs6490_firmwareqca6564auwcd9341qcs8550sd865_5gsa8150psnapdragon_662_mobile_platform_firmwareqca6391_firmwareqca6335_firmwarewcd9340_firmwarewcd9340snapdragon_xr2_5g_platformwcn3610_firmwaresnapdragon_480_5g_mobile_platform_firmwarewcn3988_firmwarerobotics_rb3_platformwsa8810snapdragon_662_mobile_platformcsrb31024_firmwarecsrb31024wcd9375_firmwaresg4150p_firmwarewcn3680b_firmwaresnapdragon_695_5g_mobile_platform_firmwarewcd9385video_collaboration_vc3_platformfastconnect_6900_firmwaresm4125wcn3910_firmwareqca6436_firmwareqca6574a_firmwareqca6696_firmwarevideo_collaboration_vc3_platform_firmwaresnapdragon_xr1_platformsw5100_firmwarewcd9326wcd9380_firmwaresnapdragon_680_4g_mobile_platformSnapdragon
CWE ID-CWE-416
Use After Free
CVE-2025-54092
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.32%
||
7 Day CHG~0.00%
Published-09 Sep, 2025 | 17:01
Updated-26 Feb, 2026 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Hyper-V Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2022windows_11_22h2windows_11_24h2windows_10_22h2windows_10_21h2windows_11_23h2windows_server_2019windows_server_2025windows_server_2022_23h2windows_10_1809Windows Server 2019 (Server Core installation)Windows 10 Version 21H2Windows 11 version 22H2Windows 11 version 22H3Windows 10 Version 22H2Windows 11 Version 23H2Windows Server 2019Windows Server 2022Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2025Windows 11 Version 24H2Windows 10 Version 1809Windows Server 2025 (Server Core installation)
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE ID-CWE-416
Use After Free
CVE-2025-53768
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.87%
||
7 Day CHG~0.00%
Published-14 Oct, 2025 | 17:00
Updated-22 Feb, 2026 | 17:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Xbox IStorageService Elevation of Privilege Vulnerability

Use after free in Xbox allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_1507windows_11_22h2windows_10_21h2windows_11_23h2windows_11_24h2windows_10_1607windows_10_22h2windows_10_1809windows_11_25h2Windows 10 Version 1607Windows 11 Version 24H2Windows 11 Version 23H2Windows 10 Version 1809Windows 10 Version 1507Windows 10 Version 21H2Windows 11 version 22H2Windows 11 version 22H3Windows 10 Version 22H2Windows 11 Version 25H2
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE ID-CWE-416
Use After Free
CVE-2025-53132
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.88%
||
7 Day CHG~0.00%
Published-12 Aug, 2025 | 17:10
Updated-26 Feb, 2026 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Win32k Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_11_23h2windows_10_22h2windows_10_1607windows_server_2019windows_11_24h2windows_server_2025windows_10_21h2windows_10_1809windows_server_2008windows_server_2022_23h2windows_server_2022windows_server_2012windows_10_1507windows_server_2016windows_11_22h2Windows Server 2019 (Server Core installation)Windows 10 Version 21H2Windows 10 Version 22H2Windows 11 Version 23H2Windows Server 2012Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2008 Service Pack 2Windows Server 2008 R2 Service Pack 1Windows Server 2012 R2Windows Server 2025 (Server Core installation)Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2016Windows Server 2012 R2 (Server Core installation)Windows 11 version 22H2Windows 11 version 22H3Windows Server 2019Windows 10 Version 1607Windows Server 2022Windows 10 Version 1507Windows Server 2012 (Server Core installation)Windows Server 2025Windows Server 2016 (Server Core installation)Windows 11 Version 24H2Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 10 Version 1809
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE ID-CWE-416
Use After Free
CVE-2025-53151
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.58%
||
7 Day CHG~0.00%
Published-12 Aug, 2025 | 17:10
Updated-26 Feb, 2026 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel Elevation of Privilege Vulnerability

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_11_24h2windows_server_2019windows_server_2025windows_10_22h2windows_server_2022_23h2windows_11_22h2windows_server_2022windows_10_21h2windows_11_23h2windows_10_1809Windows Server 2019 (Server Core installation)Windows 10 Version 21H2Windows 11 version 22H2Windows 11 version 22H3Windows 10 Version 22H2Windows 11 Version 23H2Windows Server 2019Windows Server 2022Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2025Windows 11 Version 24H2Windows 10 Version 1809Windows Server 2025 (Server Core installation)
CWE ID-CWE-416
Use After Free
CVE-2025-53152
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.58%
||
7 Day CHG~0.00%
Published-12 Aug, 2025 | 17:10
Updated-13 Feb, 2026 | 18:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Desktop Windows Manager Remote Code Execution Vulnerability

Use after free in Desktop Windows Manager allows an authorized attacker to execute code locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_1507windows_server_2019windows_server_2008windows_10_22h2windows_server_2016windows_server_2012windows_10_1607windows_11_22h2windows_server_2022windows_10_21h2windows_11_23h2windows_10_1809Windows Server 2008 R2 Service Pack 1Windows 11 Version 23H2Windows Server 2012 (Server Core installation)Windows 10 Version 1809Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 11 version 22H3Windows Server 2016 (Server Core installation)Windows 10 Version 22H2Windows Server 2019Windows Server 2022Windows 10 Version 1607Windows Server 2019 (Server Core installation)Windows Server 2016Windows 11 version 22H2Windows Server 2012 R2Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2012Windows Server 2012 R2 (Server Core installation)
CWE ID-CWE-416
Use After Free
CVE-2024-23380
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.18% / 39.88%
||
7 Day CHG~0.00%
Published-01 Jul, 2024 | 14:17
Updated-01 Aug, 2024 | 23:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Graphics

Memory corruption while handling user packets during VBO bind operation.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qam8255p_firmwaresnapdragon_8_gen_1_mobile_platformtalynplus_firmwaresnapdragon_662_mobile_platform_firmwarewsa8830sxr2230p_firmwareqam8650pqam8775pqamsrv1mflight_rb5_5g_platformflight_rb5_5g_platform_firmwarewsa8840wcn3950_firmwaresrv1l_firmwareqca6595au_firmwarevideo_collaboration_vc3_platformsnapdragon_480_5g_mobile_platformwcd9370ssg2115pqcm5430_firmwareqcs6125_firmwaresnapdragon_460_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwarewcn3990_firmwareqrb5165n_firmwaresnapdragon_8_gen_2_mobile_platformqamsrv1hwcd9385_firmwareqam8295pwcn3950talynplusfastconnect_6200qamsrv1h_firmwaresd_8_gen1_5g_firmwaresnapdragon_460_mobile_platformqam8295p_firmwaresa9000p_firmwareqca6320_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca6574au_firmwaresnapdragon_835_mobile_pc_platform_firmwaresa7255psnapdragon_4_gen_2_mobile_platformqca6595ausm6225-adsnapdragon_8_gen_3_mobile_platformwcd9375_firmwarewsa8845h_firmwaresm4350-acqrb5165nsnapdragon_680_4g_mobile_platform_firmwaresnapdragon_w5\+_gen_1_wearable_platform_firmwaresa8620p_firmwaresa6155p_firmwareqca6310qcm8550_firmwareqca6678aq_firmwaresa8775p_firmwaresm6225-ad_firmwareqcs6490wsa8840_firmwareqca6698aqqcs6125video_collaboration_vc5_platformqcs8550_firmwarewcn3988_firmwaresrv1hsa7775p_firmwaresnapdragon_8\+_gen_1_mobile_platformfastconnect_6700_firmwaresa8195pwcd9340wsa8810_firmwaresw5100wsa8845hsnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwaresa6155pqcs7230sg4150pwcd9335wcd9395_firmwareqca6698aq_firmwareqcm4490sa7775pqam8620pqcs5430sxr2250psa8770p_firmwarewcd9341qam8775p_firmwaresa8255pwcd9385qca6696_firmwareqcs6490_firmwareqca6797aqwcd9375wcd9390robotics_rb5_platformsnapdragon_662_mobile_platformwsa8830_firmwareqcm6490wcn3988wsa8815_firmwarewsa8835_firmwaresa8195p_firmwarevideo_collaboration_vc5_platform_firmwaresa8295p_firmwaresxr2250p_firmwaresg4150p_firmwaresa8770psnapdragon_8_gen_2_mobile_platform_firmwareqcm6125_firmwarerobotics_rb5_platform_firmwarewcd9380_firmwaressg2125pwcn3990sw5100psnapdragon_w5\+_gen_1_wearable_platformqca6595qcm8550qcs7230_firmwaresnapdragon_835_mobile_pc_platformwsa8835qca6574sxr1230p_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwaresd_8_gen1_5gwcd9380fastconnect_6700snapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaressg2125p_firmwareqca6574asxr1230pvideo_collaboration_vc3_platform_firmwareqca6310_firmwarewcd9335_firmwarewcn3980wsa8845sa8650psa9000pqca6574_firmwarewcd9340_firmwarewsa8815sxr2230pqca6320wsa8845_firmwaresnapdragon_4_gen_1_mobile_platformqcs8250qca6574a_firmwarefastconnect_6200_firmwaresa8775psd835wcn3980_firmwareqca6391sa8295pfastconnect_7800qcm4490_firmwareqcs4490_firmwareqca6678aqqcm6490_firmwaresa8650p_firmwarewsa8832_firmwarefastconnect_6900fastconnect_6900_firmwaresrv1h_firmwarevideo_collaboration_vc1_platform_firmwareqca6797aq_firmwareqca6574ausa8155p_firmwaresrv1lsa7255p_firmwareqcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwareqcm6125sa8620psnapdragon_8\+_gen_2_mobile_platformwsa8810wsa8832sw5100p_firmwaresm8550psnapdragon_680_4g_mobile_platformsnapdragon_8_gen_1_mobile_platform_firmwareqamsrv1m_firmwaresnapdragon_ar2_gen_1_platformqcm5430srv1m_firmwaresd835_firmwareqam8650p_firmwareqcs4490qca6595_firmwarewcd9395qca6696qcs5430_firmwareqca6391_firmwareqcs8550wcd9370_firmwaresm8550p_firmwaresm4350-ac_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwaresa8155psnapdragon_695_5g_mobile_platformvideo_collaboration_vc1_platformsrv1msnapdragon_8\+_gen_1_mobile_platform_firmwaressg2115p_firmwaresw5100_firmwareqam8620p_firmwareqam8255pSnapdragonqam8255p_firmwarequalcomm_video_collaboration_vc1_platform_firmwaretalynplus_firmwaresnapdragon_662_mobile_platform_firmwarerobotics_rb5_platform_firmwarewcd9380_firmwaresxr2230p_firmwareqcs7230_firmwareflight_rb5_5g_platform_firmwaresxr1230p_firmwarewcn3950_firmwaresrv1l_firmwareqca6595au_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaressg2125p_firmwareqcm5430_firmwareqcs6125_firmwaresnapdragon_460_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwarewcn3990_firmwareqrb5165n_firmwareqca6310_firmwarewcd9335_firmwarequalcomm_video_collaboration_vc3_platform_firmwarewcd9385_firmwareqamsrv1h_firmwareqca6574_firmwaresd_8_gen1_5g_firmwarewcd9340_firmwarewsa8845_firmwareqam8295p_firmwaresa9000p_firmwareqca6320_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca6574au_firmwaresnapdragon_835_mobile_pc_platform_firmwareqca6574a_firmwarefastconnect_6200_firmwarewcd9375_firmwarewsa8845h_firmwarewcn3980_firmwaresnapdragon_680_4g_mobile_platform_firmwaresa8620p_firmwaresa6155p_firmwareqcm8550_firmwareqcm4490_firmwareqca6678aq_firmwareqcs4490_firmwaresa8775p_firmwareqcm6490_firmwarewsa8840_firmwaresa8650p_firmwarewsa8832_firmwarefastconnect_6900_firmwaresrv1h_firmwareqcs8550_firmwarewcn3988_firmwareqca6797aq_firmwaresa8155p_firmwaresa7775p_firmwarefastconnect_6700_firmwaresa7255p_firmwarewsa8810_firmwareqcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwaresnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwarewcd9395_firmwaresw5100p_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqca6698aq_firmwareqamsrv1m_firmwaresrv1m_firmwaresd835_firmwareqam8650p_firmwaresa8770p_firmwareqam8775p_firmwareqca6696_firmwareqcs6490_firmwareqca6595_firmwareqcs5430_firmwareqca6391_firmwarewcd9370_firmwaresm8550p_firmwarequalcomm_video_collaboration_vc5_platform_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwarewsa8830_firmwarewsa8815_firmwaresxr2250p_firmwarewsa8835_firmwaresa8195p_firmwaressg2115p_firmwaresw5100_firmwareqam8620p_firmwaresa8295p_firmwaresg4150p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqcm6125_firmware
CWE ID-CWE-416
Use After Free
CVE-2025-53150
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.08% / 23.96%
||
7 Day CHG~0.00%
Published-14 Oct, 2025 | 17:00
Updated-26 Feb, 2026 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Digital Media Elevation of Privilege Vulnerability

Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_11_22h2windows_10_21h2windows_11_23h2windows_11_24h2windows_10_22h2windows_server_2022_23h2windows_10_1809windows_server_2025windows_server_2019windows_11_25h2Windows Server 2019 (Server Core installation)Windows 11 Version 25H2Windows 10 Version 21H2Windows 11 version 22H2Windows 11 version 22H3Windows 10 Version 22H2Windows 11 Version 23H2Windows Server 2019Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2025Windows 11 Version 24H2Windows 10 Version 1809Windows Server 2025 (Server Core installation)
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE ID-CWE-416
Use After Free
CVE-2020-22429
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.20%
||
7 Day CHG~0.00%
Published-03 May, 2023 | 00:00
Updated-30 Jan, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

redox-os v0.1.0 was discovered to contain a use-after-free bug via the gethostbyaddr() function at /src/header/netdb/mod.rs.

Action-Not Available
Vendor-redox-osn/a
Product-redoxn/a
CWE ID-CWE-416
Use After Free
CVE-2024-23383
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.15% / 35.89%
||
7 Day CHG~0.00%
Published-05 Aug, 2024 | 14:21
Updated-26 Nov, 2024 | 16:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Graphics Linux

Memory corruption when kernel driver attempts to trigger hardware fences.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qam8255p_firmwarewsa8830qam8650pqam8775pqamsrv1mwsa8840wcn3950_firmwaresrv1l_firmwareqca6595au_firmwaresnapdragon_480_5g_mobile_platformvideo_collaboration_vc3_platformwcd9370qcm5430_firmwareqcs6125_firmwaresnapdragon_480_5g_mobile_platform_firmwareqamsrv1hwcd9385_firmwareqam8295pwcn3950fastconnect_6200qamsrv1h_firmwareqam8295p_firmwaresa9000p_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca6574au_firmwaresa7255pwsa8845h_firmwarewcd9375_firmwaresnapdragon_8_gen_3_mobile_platformqca6595ausnapdragon_w5\+_gen_1_wearable_platform_firmwaresa8620p_firmwaresa6155p_firmwareqca6678aq_firmwaresa8775p_firmwareqcs6490wsa8840_firmwareqca6698aqqcs6125video_collaboration_vc5_platformwcn3988_firmwaresrv1hsa7775p_firmwarefastconnect_6700_firmwaresa8195pwsa8810_firmwaresw5100wsa8845hwcd9395_firmwaresa8255p_firmwaresa6155pqcs7230qca6698aq_firmwaresa7775pqcs5430qam8620psnapdragon_480\+_5g_mobile_platform_\(sm4350-ac\)wcd9385sa8770p_firmwaresa8255pqam8775p_firmwareqca6696_firmwareqcs6490_firmwareqca6797aqwcd9375wcd9390wsa8830_firmwarewsa8815_firmwarewcn3988wsa8835_firmwareqcm6490sa8195p_firmwarevideo_collaboration_vc5_platform_firmwaresa8295p_firmwaresa8770pqcm6125_firmwarewcd9380_firmwaresw5100psnapdragon_w5\+_gen_1_wearable_platformqca6595qcs7230_firmwarewsa8835qca6574wcd9380fastconnect_6700snapdragon_4_gen_1_mobile_platform_firmwareqca6574asnapdragon_480\+_5g_mobile_platform_\(sm4350-ac\)_firmwarevideo_collaboration_vc3_platform_firmwarewcn3980wsa8845sa8650psa9000pqca6574_firmwarewsa8815wsa8845_firmwaresnapdragon_4_gen_1_mobile_platformqcs8250sa8775pqca6574a_firmwarefastconnect_6200_firmwarewcn3980_firmwareqca6391sa8295pfastconnect_7800qca6678aqqcm6490_firmwaresa8650p_firmwarefastconnect_6900srv1h_firmwarefastconnect_6900_firmwarevideo_collaboration_vc1_platform_firmwareqca6797aq_firmwareqca6574ausa8155p_firmwaresrv1lsa7255p_firmwareqcs8250_firmwareqcm6125wsa8810sa8620pfastconnect_7800_firmwaresw5100p_firmwaresrv1m_firmwareqamsrv1m_firmwareqcm5430qam8650p_firmwareqca6595_firmwarewcd9395qcs5430_firmwareqca6696qca6391_firmwarewcd9370_firmwarewcd9390_firmwaresnapdragon_8_gen_3_mobile_platform_firmwaresa8155psnapdragon_695_5g_mobile_platformvideo_collaboration_vc1_platformsrv1msw5100_firmwareqam8620p_firmwareqam8255pSnapdragonqualcomm_video_collaboration_vc1_platform_firmwareqam8255p_firmwarewcd9380_firmwareqcs7230_firmwarewcn3950_firmwaresrv1l_firmwareqca6595au_firmwaresnapdragon_4_gen_1_mobile_platform_firmwareqcm5430_firmwareqcs6125_firmwaresnapdragon_480_5g_mobile_platform_firmwarequalcomm_video_collaboration_vc3_platform_firmwarewcd9385_firmwareqamsrv1h_firmwareqca6574_firmwarewsa8845_firmwareqam8295p_firmwaresa9000p_firmwareqca6574a_firmwarefastconnect_6200_firmwareqca6574au_firmwaresnapdragon_695_5g_mobile_platform_firmwarewcd9375_firmwarewsa8845h_firmwarewcn3980_firmwaresa8620p_firmwaresa6155p_firmwareqca6678aq_firmwaresa8775p_firmwareqcm6490_firmwaresa8650p_firmwarewsa8840_firmwarefastconnect_6900_firmwaresrv1h_firmwareqca6797aq_firmwarewcn3988_firmwaresa8155p_firmwaresa7775p_firmwarefastconnect_6700_firmwaresa7255p_firmwarewsa8810_firmwareqcs8250_firmwarefastconnect_7800_firmwarewcd9395_firmwaresa8255p_firmwaresw5100p_firmwareqamsrv1m_firmwareqca6698aq_firmwaresrv1m_firmwareqam8650p_firmwaresa8770p_firmwareqam8775p_firmwareqca6696_firmwareqcs6490_firmwareqca6595_firmwareqcs5430_firmwareqca6391_firmwarewcd9370_firmwarequalcomm_video_collaboration_vc5_platform_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwarewsa8830_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresw5100_firmwareqam8620p_firmwaresa8295p_firmwareqcm6125_firmware
CWE ID-CWE-416
Use After Free
CVE-2025-49665
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.32%
||
7 Day CHG+0.01%
Published-08 Jul, 2025 | 16:57
Updated-13 Feb, 2026 | 19:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Workspace Broker Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization ('race condition') in Workspace Broker allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2012windows_10_22h2windows_server_2022_23h2windows_10_21h2windows_11_24h2windows_server_2019windows_server_2025windows_server_2022windows_10_1607windows_11_23h2windows_10_1809windows_server_2016windows_10_1507windows_11_22h2Windows Server 2025Windows 11 Version 23H2Windows Server 2012 (Server Core installation)Windows 10 Version 1809Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 version 22H3Windows Server 2016 (Server Core installation)Windows 10 Version 22H2Windows Server 2019Windows Server 2022Windows 10 Version 1607Windows 11 Version 24H2Windows Server 2025 (Server Core installation)Windows Server 2019 (Server Core installation)Windows Server 2016Windows 11 version 22H2Windows Server 2012 R2Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2012Windows Server 2012 R2 (Server Core installation)
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE ID-CWE-416
Use After Free
  • Previous
  • 1
  • 2
  • ...
  • 70
  • 71
  • 72
  • ...
  • 76
  • 77
  • Next
Details not found