Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-68817

Summary
Assigner-Linux
Assigner Org ID-416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At-13 Jan, 2026 | 15:29
Updated At-09 Feb, 2026 | 08:34
Rejected At-
Credits

ksmbd: fix use-after-free in ksmbd_tree_connect_put under concurrency

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in ksmbd_tree_connect_put under concurrency Under high concurrency, A tree-connection object (tcon) is freed on a disconnect path while another path still holds a reference and later executes *_put()/write on it.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Linux
Assigner Org ID:416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At:13 Jan, 2026 | 15:29
Updated At:09 Feb, 2026 | 08:34
Rejected At:
â–¼CVE Numbering Authority (CNA)
ksmbd: fix use-after-free in ksmbd_tree_connect_put under concurrency

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in ksmbd_tree_connect_put under concurrency Under high concurrency, A tree-connection object (tcon) is freed on a disconnect path while another path still holds a reference and later executes *_put()/write on it.

Affected Products
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • fs/smb/server/mgmt/tree_connect.c
  • fs/smb/server/mgmt/tree_connect.h
  • fs/smb/server/smb2pdu.c
Default Status
unaffected
Versions
Affected
  • From dd45db4d9bbc8f122a9b4db5ce94ae29fcf03d3c before 446beed646b2e426dd53d27358365f8678e1dd01 (git)
  • From 7b58ee8d0b91359554cf219cd4f33872ea2afd66 before d092de8a26c952379ded8e6b0bda31d89befac1a (git)
  • From 33b235a6e6ebe0f05f3586a71e8d281d00f71e2e before d64977495e44855f2b28d8ce56107c963a7a50e4 (git)
  • From 33b235a6e6ebe0f05f3586a71e8d281d00f71e2e before 21a3d01fc6db5129f81edb0ab7cb94fd758bcbea (git)
  • From 33b235a6e6ebe0f05f3586a71e8d281d00f71e2e before 063cbbc6f595ea36ad146e1b7d2af820894beb21 (git)
  • From 33b235a6e6ebe0f05f3586a71e8d281d00f71e2e before b39a1833cc4a2755b02603eec3a71a85e9dff926 (git)
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • fs/smb/server/mgmt/tree_connect.c
  • fs/smb/server/mgmt/tree_connect.h
  • fs/smb/server/smb2pdu.c
Default Status
affected
Versions
Affected
  • 6.6
Unaffected
  • From 0 before 6.6 (semver)
  • From 5.15.199 through 5.15.* (semver)
  • From 6.1.160 through 6.1.* (semver)
  • From 6.6.120 through 6.6.* (semver)
  • From 6.12.64 through 6.12.* (semver)
  • From 6.18.3 through 6.18.* (semver)
  • From 6.19 through * (original_commit_for_fix)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://git.kernel.org/stable/c/446beed646b2e426dd53d27358365f8678e1dd01
N/A
https://git.kernel.org/stable/c/d092de8a26c952379ded8e6b0bda31d89befac1a
N/A
https://git.kernel.org/stable/c/d64977495e44855f2b28d8ce56107c963a7a50e4
N/A
https://git.kernel.org/stable/c/21a3d01fc6db5129f81edb0ab7cb94fd758bcbea
N/A
https://git.kernel.org/stable/c/063cbbc6f595ea36ad146e1b7d2af820894beb21
N/A
https://git.kernel.org/stable/c/b39a1833cc4a2755b02603eec3a71a85e9dff926
N/A
Hyperlink: https://git.kernel.org/stable/c/446beed646b2e426dd53d27358365f8678e1dd01
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/d092de8a26c952379ded8e6b0bda31d89befac1a
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/d64977495e44855f2b28d8ce56107c963a7a50e4
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/21a3d01fc6db5129f81edb0ab7cb94fd758bcbea
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/063cbbc6f595ea36ad146e1b7d2af820894beb21
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/b39a1833cc4a2755b02603eec3a71a85e9dff926
Resource: N/A
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At:13 Jan, 2026 | 16:16
Updated At:26 Feb, 2026 | 18:43

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in ksmbd_tree_connect_put under concurrency Under high concurrency, A tree-connection object (tcon) is freed on a disconnect path while another path still holds a reference and later executes *_put()/write on it.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 5.15.145(inclusive) to 5.15.199(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 6.1.71(inclusive) to 6.1.160(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 6.6.1(inclusive) to 6.6.120(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 6.7(inclusive) to 6.12.64(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 6.13(inclusive) to 6.18.3(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>6.6
cpe:2.3:o:linux:linux_kernel:6.6:-:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>6.6
cpe:2.3:o:linux:linux_kernel:6.6:rc5:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>6.6
cpe:2.3:o:linux:linux_kernel:6.6:rc6:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>6.6
cpe:2.3:o:linux:linux_kernel:6.6:rc7:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-416Primarynvd@nist.gov
CWE ID: CWE-416
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://git.kernel.org/stable/c/063cbbc6f595ea36ad146e1b7d2af820894beb21416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/21a3d01fc6db5129f81edb0ab7cb94fd758bcbea416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/446beed646b2e426dd53d27358365f8678e1dd01416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/b39a1833cc4a2755b02603eec3a71a85e9dff926416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/d092de8a26c952379ded8e6b0bda31d89befac1a416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/d64977495e44855f2b28d8ce56107c963a7a50e4416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
Hyperlink: https://git.kernel.org/stable/c/063cbbc6f595ea36ad146e1b7d2af820894beb21
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/21a3d01fc6db5129f81edb0ab7cb94fd758bcbea
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/446beed646b2e426dd53d27358365f8678e1dd01
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/b39a1833cc4a2755b02603eec3a71a85e9dff926
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/d092de8a26c952379ded8e6b0bda31d89befac1a
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/d64977495e44855f2b28d8ce56107c963a7a50e4
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch

Change History

0
Information is not available yet

Similar CVEs

3188Records found
CVE-2022-49043
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.1||HIGH
EPSS-0.10% / 28.02%
||
7 Day CHG+0.07%
Published-26 Jan, 2025 | 00:00
Updated-03 Nov, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

xmlXIncludeAddNode in xinclude.c in libxml2 before 2.11.0 has a use-after-free.

Action-Not Available
Vendor-libxml2 (XMLSoft)
Product-libxml2libxml2
CWE ID-CWE-416
Use After Free
CVE-2024-49074
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.12% / 30.83%
||
7 Day CHG~0.00%
Published-10 Dec, 2024 | 17:49
Updated-13 May, 2025 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2019windows_10_22h2Windows 10 Version 22H2Windows 10 Version 1809Windows Server 2019Windows Server 2019 (Server Core installation)Windows 10 Version 21H2
CWE ID-CWE-416
Use After Free
CVE-2025-21424
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.97%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in NPU

Memory corruption while calling the NPU driver APIs concurrently.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1010_firmwaresw5100pqcm8550_firmwareqcs410_firmwaresd865_5gwcn6650qcs8155_firmwaresa6150p_firmwareqca6595wcd9335qcs610_firmwarewcd9370qca8081_firmwaresnapdragon_730gqca6696qam8620p_firmwarewcd9340_firmwaresa8530pwcd9341_firmwaresxr2330p_firmwarewcd9395_firmwarewcn7881_firmwareqcn6024wcn6450qcc710_firmwareqca6426snapdragon_auto_4gwcn6740_firmwaresnapdragon_720g_firmwarefastconnect_6700snapdragon_695_5gsa4150psnapdragon_888_5gwsa8832_firmwareqca8337qdu1110qca6426_firmwarewcd9395qca6574au_firmwaresm6370qca6564_firmwareqam8295psnapdragon_x12_lte_firmwarewcd9341qca6574auwcd9390sa8620p_firmwarewsa8810_firmwarewsa8845h_firmwaresd730_firmwarecsra6640sa9000p_firmwaresnapdragon_690_5gsnapdragon_778g\+_5g_firmwaresnapdragon_865\+_5gsrv1hsm8650q_firmwaresnapdragon_765_5gwcn3660b_firmwaresd730snapdragon_8\+_gen_2fastconnect_6800_firmwareqcs5430snapdragon_865\+_5g_firmwareqcn6024_firmwaresnapdragon_x65_5gqcm5430qcm5430_firmwarevideo_collaboration_vc1_platform_firmwaresnapdragon_888\+_5g_firmwaresa4155psa8770pqcm6125_firmwarec-v2x_9150qcc710snapdragon_x50_5gsnapdragon_xr2_5g_firmwaresa8540psnapdragon_730qsm8250_firmwareqsm8350_firmwaresnapdragon_765g_5g_firmware315_5g_iot_modem_firmwaresnapdragon_660_firmwarefastconnect_6900robotics_rb2snapdragon_w5\+_gen_1_wearable_firmwaresnapdragon_8_gen_2_firmwaresnapdragon_x72_5gvideo_collaboration_vc1_platformqru1032_firmwareqep8111sm8635sa7255pqfw7114wcd9385_firmware315_5g_iot_modemqam8255p_firmwaresnapdragon_778g_5gsnapdragon_678_firmwaresa8155_firmwarewcd9360sdx61snapdragon_732g_firmwaresnapdragon_662_firmwaresnapdragon_x50_5g_firmwarewsa8845sa6155pqcm6125qca6564au_firmwarewsa8810qam8650pvideo_collaboration_vc5_platform_firmwaresnapdragon_855_firmwaresa9000pqdu1000_firmwaresrv1h_firmwareqsm8250snapdragon_678qca6595ausm7315_firmwaresnapdragon_865_5g_firmwareqdu1010wcd9326_firmwaresa6155p_firmwaresnapdragon_730g_firmwarewsa8840srv1m_firmwareqcs8550_firmwareqdu1210_firmwareqfw7124_firmwareqca6436_firmwaresnapdragon_x35_5g_firmwareqcn9012wcd9371_firmwarewcn3910_firmwaresnapdragon_7c\+_gen_3_compute_firmwaresnapdragon_675_firmwaresm4125_firmwaresm8635psnapdragon_680_4gqca6420wcn3910wcd9370_firmwarerobotics_rb2_firmwaresnapdragon_8_gen_2snapdragon_480\+_5g_firmwaresnapdragon_765_5g_firmwareqdu1110_firmwareqdu1000wcn3660bqca6574asa7255p_firmwareqca6174asnapdragon_695_5g_firmwaresa8195psnapdragon_750g_5g_firmwarewcd9340qcs8250_firmwareqcm2290qdu1210snapdragon_auto_5g_modem-rf_gen_2qcm6490215sa8540p_firmwaresm8550p_firmwaresnapdragon_x55_5g_firmwareqcm8550wcn3988sm6370_firmwareqcn9024sa8775pqca6574sd675_firmwareqca6430_firmwareqcn9011sa8775p_firmwaresnapdragon_439_firmwareqamsrv1hsmart_audio_400qcn9024_firmwarewsa8845hwcd9326sa6150psm8650qqcm2290_firmwareqcs410sa8155p_firmwareqca6564asa8155psnapdragon_855\+wsa8830snapdragon_870_5g_firmwaresm8550psnapdragon_x65_5g_firmwaresa6145pqcn9074_firmwaresm7675_firmwaresa8255p_firmwaresnapdragon_888\+_5gsnapdragon_x75_5gsnapdragon_720gar8035sm7635_firmwareqamsrv1m_firmwareqca6564sa6155qrb5165m_firmwaresa8650p_firmwarewcn6450_firmwareqcm4325snapdragon_860snapdragon_x72_5g_firmwaresrv1l_firmwareqcn6224snapdragon_782gqca6698aqwcn3950_firmwaresa7775p_firmwaresm6250qrb5165nsm7635sa8530p_firmwarefastconnect_6200wcn3680bsm7325p_firmwaresa8145p_firmwarewcd9360_firmwarewcd9378qcs8155sm8635p_firmwareqdx1011sa8150p_firmwaresnapdragon_768g_5gfastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwarewcn3990snapdragon_778g_5g_firmwaresnapdragon_780g_5gqcs6490qcs8250snapdragon_778g\+_5gfastconnect_6200_firmwarear8031_firmwarewsa8830_firmwareqcn6224_firmwareqca6678aq_firmwarewsa8845_firmwaresd660_firmwarewsa8832sdx61_firmwarewcd9378_firmwaresrv1lsxr2130_firmwaresm7675psrv1mqca6678aqar8035_firmwareqrb5165msnapdragon_680_4g_firmwaresa4150p_firmwaresd888_firmwareqcm2150snapdragon_439qca6564auqcs6125_firmwaresm4635snapdragon_460qcn9074wsa8815_firmwaresnapdragon_865_5gsa8195p_firmwareqca8337_firmwaresnapdragon_auto_4g_firmwareqcm4290snapdragon_480_5g_firmwaresnapdragon_4_gen_1_firmwaresnapdragon_x12_ltear8031sg8275p_firmwaresnapdragon_685_4gsnapdragon_x62_5gqca9377_firmwaresnapdragon_xr2\+_gen_1qcm6490_firmwaresm7250p_firmwaresm4635_firmwarewcn3680_firmwaresa2150p_firmwaresm4125vision_intelligence_400_firmwareqru1032wcn3950qcs6125flight_rb5_5gsnapdragon_690_5g_firmwareqca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_7c\+_gen_3_computesmart_audio_400_firmwaresnapdragon_460_firmwaresnapdragon_855\+_firmwaresa8295p_firmwaresd_675_firmwaresa4155p_firmwaresm7250psm6250_firmwaresa8155snapdragon_768g_5g_firmwareqca6584ausd888qcn6274_firmwarewcn6755_firmwareqcn9011_firmwareqru1062_firmwaresa2150psw5100_firmwarewcn6740wcn6650_firmwaresnapdragon_732gqru1062fastconnect_6800qfw7114_firmwaresnapdragon_662qcs7230qca6595_firmwarefastconnect_7800_firmwarewcd9371sm8635_firmwarefastconnect_6900_firmwarerobotics_rb5_firmwarewcd9380sa6145p_firmwareqam8255psa6155_firmwaresnapdragon_xr2_5gsa8150psxr2330pwcn6755snapdragon_888_5g_firmware215_firmwaresnapdragon_765g_5gsnapdragon_8\+_gen_2_firmwaresnapdragon_auto_5g_modem-rf_firmwarewcn7881sm6650sw5100video_collaboration_vc3_platformaqt1000qcm2150_firmwarec-v2x_9150_firmwareqca6688aqqam8295p_firmwaresd855snapdragon_8_gen_1_firmwarewcn3990_firmwaresm7315snapdragon_750g_5gqca6698aq_firmwareqcs2290qca6564a_firmwarewcd9385qsm8350qcs2290_firmwaresnapdragon_xr2\+_gen_1_firmwarewcn3615wcn3680snapdragon_8_gen_1sa8255pqcs7230_firmwareqcs4290wcd9390_firmwaresnapdragon_x62_5g_firmwaresnapdragon_8_gen_3qep8111_firmwareqca6430sg8275psnapdragon_782g_firmwaresnapdragon_855sdx55_firmwareqdx1011_firmwaresnapdragon_x55_5gsnapdragon_auto_5g_modem-rfwcn3615_firmwareflight_rb5_5g_firmwareqru1052sxr2130snapdragon_4_gen_1snapdragon_870_5gcsra6640_firmwareqamsrv1mrobotics_rb5snapdragon_480\+_5gsm7325psnapdragon_685_4g_firmwarewcn7861qca6174a_firmwareqam8650p_firmwarevideo_collaboration_vc5_platformwcn7861_firmwareqca6420_firmwareaqt1000_firmwareqcs6490_firmwaresm6650_firmwaresnapdragon_480_5gqam8620pwcd9335_firmwareqrb5165n_firmwareqca6436wcn3980_firmwaresd855_firmwarewsa8835wsa8840_firmwareqca6391_firmwareqca6584au_firmwareqcn6274qfw7124qdu1010_firmwareqca6595au_firmwaresw5100p_firmwareqca6696_firmwareqcs4290_firmwarewcd9380_firmwareqca6574_firmwarecsra6620qca8081wsa8815mdm9628sd660sg4150pqam8775pqca9377qca6797aqmdm9628_firmwaresnapdragon_860_firmwaresnapdragon_x35_5gsnapdragon_730_firmwareqcm4325_firmwaresa8620psnapdragon_660qca6574a_firmwaresdx55qcm4290_firmwaresd675wcd9375_firmwaresnapdragon_8_gen_3_firmwaresa7775pqca6391snapdragon_x75_5g_firmwareqcn9012_firmwareqcs5430_firmwaresg4150p_firmwareqru1052_firmwaresnapdragon_780g_5g_firmwarecsra6620_firmwaresa8770p_firmwaresa8295pqcs8550snapdragon_675fastconnect_7800sa8650pqam8775p_firmwaresd865_5g_firmwarewcd9375qca6688aq_firmwarewcn3988_firmwareqamsrv1h_firmwaresm7675sa8145psd_675vision_intelligence_400wsa8835_firmwarewcn3980sm7675p_firmwareqdx1010wcn3680b_firmwaresnapdragon_w5\+_gen_1_wearableqcs610Snapdragon
CWE ID-CWE-416
Use After Free
CVE-2020-5348
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-6.8||MEDIUM
EPSS-0.11% / 30.32%
||
7 Day CHG~0.00%
Published-03 Apr, 2020 | 23:20
Updated-17 Sep, 2024 | 03:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Latitude 7202 Rugged Tablet BIOS versions prior to A28 contain a UAF vulnerability in EFI_BOOT_SERVICES in system management mode. A local unauthenticated attacker may exploit this vulnerability by overwriting the EFI_BOOT_SERVICES structure to execute arbitrary code in system management mode.

Action-Not Available
Vendor-Dell Inc.
Product-latitude_7202_firmwarelatitude_7202CPG BIOS
CWE ID-CWE-416
Use After Free
CVE-2020-5984
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-7.8||HIGH
EPSS-0.10% / 27.06%
||
7 Day CHG~0.00%
Published-02 Oct, 2020 | 21:10
Updated-04 Aug, 2024 | 08:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which it may have the use-after-free vulnerability while freeing some resources, which may lead to denial of service, code execution, and information disclosure. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0.

Action-Not Available
Vendor-NVIDIA Corporation
Product-virtual_gpu_managerNVIDIA vGPU Software
CWE ID-CWE-416
Use After Free
CVE-2020-3701
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.10% / 26.81%
||
7 Day CHG~0.00%
Published-30 Jul, 2020 | 11:40
Updated-04 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free issue while processing error notification from camx driver due to not properly releasing the sequence data in Snapdragon Mobile in Saipan, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-saipan_firmwaresm8250sxr2130_firmwaresaipansxr2130sm8250_firmwareSnapdragon Mobile
CWE ID-CWE-416
Use After Free
CVE-2020-3696
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 13.38%
||
7 Day CHG~0.00%
Published-02 Nov, 2020 | 06:21
Updated-04 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Use after free while installing new security rule in ipcrtr as old one is deleted and this rule could still be in use for checking security permission for particular process' in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909W, MSM8996AU, QCA4531, QCA6574AU, QCA9531, QCM2150, QCS605, SDM429W, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca4531_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwareapq8098_firmwaresdx20qcm2150sdx24mdm9607_firmwareqca9531ipq8074_firmwareqca6574aumsm8909w_firmwaremdm9607msm8996ausdm429w_firmwareapq8017_firmwareapq8009_firmwaremsm8909wqcs605_firmwareipq4019_firmwaremdm9207c_firmwareipq6018mdm9206mdm9207cmsm8905sdx24_firmwareipq8074apq8096auqca4531apq8098ipq6018_firmwaremdm9206_firmwareqcs605ipq4019apq8053apq8096au_firmwaresdx20_firmwareqca9531_firmwaremsm8905_firmwareipq8064qca6574au_firmwareapq8017apq8009apq8053_firmwareipq8064_firmwareSnapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-416
Use After Free
CVE-2025-54092
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.36%
||
7 Day CHG~0.00%
Published-09 Sep, 2025 | 17:01
Updated-26 Feb, 2026 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Hyper-V Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2022windows_11_22h2windows_11_24h2windows_10_22h2windows_10_21h2windows_11_23h2windows_server_2019windows_server_2025windows_server_2022_23h2windows_10_1809Windows Server 2019 (Server Core installation)Windows 10 Version 21H2Windows 11 version 22H2Windows 11 version 22H3Windows 10 Version 22H2Windows 11 Version 23H2Windows Server 2019Windows Server 2022Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2025Windows 11 Version 24H2Windows 10 Version 1809Windows Server 2025 (Server Core installation)
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE ID-CWE-416
Use After Free
CVE-2020-3618
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.35%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 15:05
Updated-04 Aug, 2024 | 07:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NULL exception due to accessing bad pointer while posting events on RT FIFO in Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ6018, IPQ8074, QCA8081, SC8180X, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-ipq6018ipq8074_firmwaresxr2130_firmwareipq8074qca8081_firmwareipq6018_firmwareqca8081sxr2130sc8180xsc8180x_firmwareSnapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-416
Use After Free
CVE-2020-3642
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 25.51%
||
7 Day CHG~0.00%
Published-22 Jun, 2020 | 07:10
Updated-04 Aug, 2024 | 07:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free issue in camera applications when used randomly over multiple operations due to pointer not set to NULL after free/destroy of the object in Snapdragon Consumer IOT, Snapdragon Mobile in Kamorta, QCS605, Rennell, Saipan, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-kamorta_firmwaresdm670_firmwaresm8150_firmwaresxr2130_firmwarerennellsdm845rennell_firmwaresm8250_firmwareqcs605sm7150_firmwaresaipan_firmwaresm6150_firmwaresdm710sm6150sm8250sm8150sdm710_firmwaresxr1130_firmwarekamortasm7150saipansxr1130sdm670sxr2130qcs605_firmwaresdm845_firmwareSnapdragon Consumer IOT, Snapdragon Mobile
CWE ID-CWE-416
Use After Free
CVE-2020-35906
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 16.99%
||
7 Day CHG~0.00%
Published-31 Dec, 2020 | 08:21
Updated-30 Oct, 2025 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the futures-task crate before 0.3.6 for Rust. futures_task::waker may cause a use-after-free in a non-static type situation.

Action-Not Available
Vendor-rust-langn/a
Product-futures-taskn/a
CWE ID-CWE-416
Use After Free
CVE-2023-21147
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.85%
||
7 Day CHG~0.00%
Published-28 Jun, 2023 | 00:00
Updated-03 Dec, 2024 | 16:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In lwis_i2c_device_disable of lwis_device_i2c.c, there is a possible UAF due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-269661912References: N/A

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CVE-2022-44683
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-2.79% / 85.91%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Jul, 2025 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_11windows_10windows_server_2022windows_server_2019Windows Server 2012Windows 10 Version 22H2Windows 10 Version 1507Windows 10 Version 1809Windows Server 2022Windows 11 version 22H2Windows Server 2016 (Server Core installation)Windows 10 Version 20H2Windows Server 2016Windows 10 Version 21H2Windows 10 Version 21H1Windows Server 2012 R2 (Server Core installation)Windows 11 version 21H2Windows Server 2012 R2Windows 8.1Windows Server 2012 (Server Core installation)Windows Server 2019Windows Server 2019 (Server Core installation)Windows 10 Version 1607
CWE ID-CWE-416
Use After Free
CVE-2020-27044
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.19%
||
7 Day CHG~0.00%
Published-15 Dec, 2020 | 16:05
Updated-04 Aug, 2024 | 16:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In restartWrite of Parcel.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-157066561

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-27899
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.15% / 35.37%
||
7 Day CHG~0.00%
Published-02 Apr, 2021 | 17:27
Updated-04 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.2 and iPadOS 14.2, macOS Big Sur 11.0.1, watchOS 7.1, tvOS 14.2. A local attacker may be able to elevate their privileges.

Action-Not Available
Vendor-Apple Inc.
Product-iphone_oswatchostvosipadosmacoswatchOStvOSmacOSiOS and iPadOS
CWE ID-CWE-416
Use After Free
CVE-2023-30549
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.1||HIGH
EPSS-0.03% / 6.92%
||
7 Day CHG~0.00%
Published-25 Apr, 2023 | 00:00
Updated-05 Mar, 2025 | 19:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unpatched extfs vulnerabilities are exploitable through suid-mode Apptainer

Apptainer is an open source container platform for Linux. There is an ext4 use-after-free flaw that is exploitable through versions of Apptainer < 1.1.0 and installations that include apptainer-suid < 1.1.8 on older operating systems where that CVE has not been patched. That includes Red Hat Enterprise Linux 7, Debian 10 buster (unless the linux-5.10 package is installed), Ubuntu 18.04 bionic and Ubuntu 20.04 focal. Use-after-free flaws in the kernel can be used to attack the kernel for denial of service and potentially for privilege escalation. Apptainer 1.1.8 includes a patch that by default disables mounting of extfs filesystem types in setuid-root mode, while continuing to allow mounting of extfs filesystems in non-setuid "rootless" mode using fuse2fs. Some workarounds are possible. Either do not install apptainer-suid (for versions 1.1.0 through 1.1.7) or set `allow setuid = no` in apptainer.conf. This requires having unprivileged user namespaces enabled and except for apptainer 1.1.x versions will disallow mounting of sif files, extfs files, and squashfs files in addition to other, less significant impacts. (Encrypted sif files are also not supported unprivileged in apptainer 1.1.x.). Alternatively, use the `limit containers` options in apptainer.conf/singularity.conf to limit sif files to trusted users, groups, and/or paths, and set `allow container extfs = no` to disallow mounting of extfs overlay files. The latter option by itself does not disallow mounting of extfs overlay partitions inside SIF files, so that's why the former options are also needed.

Action-Not Available
Vendor-lfprojectssylabsapptainerRed Hat, Inc.
Product-apptainerenterprise_linuxsingularityapptainer
CWE ID-CWE-416
Use After Free
CVE-2020-22429
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.21%
||
7 Day CHG~0.00%
Published-03 May, 2023 | 00:00
Updated-30 Jan, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

redox-os v0.1.0 was discovered to contain a use-after-free bug via the gethostbyaddr() function at /src/header/netdb/mod.rs.

Action-Not Available
Vendor-redox-osn/a
Product-redoxn/a
CWE ID-CWE-416
Use After Free
CVE-2024-23696
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-8.4||HIGH
EPSS-0.03% / 8.74%
||
7 Day CHG~0.00%
Published-09 Jul, 2024 | 20:09
Updated-17 Dec, 2024 | 16:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In RGXCreateZSBufferKM of rgxta3d.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Imagination Technologies LimitedGoogle LLC
Product-androidAndroidpowervr-gpu
CWE ID-CWE-416
Use After Free
CVE-2024-23697
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.3||HIGH
EPSS-0.03% / 8.40%
||
7 Day CHG~0.00%
Published-09 Jul, 2024 | 20:09
Updated-17 Dec, 2024 | 16:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In RGXCreateHWRTData_aux of rgxta3d.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Imagination Technologies LimitedGoogle LLC
Product-androidAndroidpowervr-gpu
CWE ID-CWE-416
Use After Free
CVE-2020-1712
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.10% / 28.74%
||
7 Day CHG~0.00%
Published-31 Mar, 2020 | 16:44
Updated-09 Jun, 2025 | 15:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges, by sending specially crafted dbus messages.

Action-Not Available
Vendor-systemd_project[UNKNOWN]Debian GNU/LinuxRed Hat, Inc.
Product-ceph_storagemigration_toolkitdebian_linuxopenshift_container_platformenterprise_linuxsystemddiscoverysystemd
CWE ID-CWE-416
Use After Free
CVE-2025-53132
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.91%
||
7 Day CHG~0.00%
Published-12 Aug, 2025 | 17:10
Updated-26 Feb, 2026 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Win32k Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_11_23h2windows_10_22h2windows_10_1607windows_server_2019windows_11_24h2windows_server_2025windows_10_21h2windows_10_1809windows_server_2008windows_server_2022_23h2windows_server_2022windows_server_2012windows_10_1507windows_server_2016windows_11_22h2Windows Server 2019 (Server Core installation)Windows 10 Version 21H2Windows 10 Version 22H2Windows 11 Version 23H2Windows Server 2012Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2008 Service Pack 2Windows Server 2008 R2 Service Pack 1Windows Server 2012 R2Windows Server 2025 (Server Core installation)Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2016Windows Server 2012 R2 (Server Core installation)Windows 11 version 22H2Windows 11 version 22H3Windows Server 2019Windows 10 Version 1607Windows Server 2022Windows 10 Version 1507Windows Server 2012 (Server Core installation)Windows Server 2025Windows Server 2016 (Server Core installation)Windows 11 Version 24H2Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 10 Version 1809
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE ID-CWE-416
Use After Free
CVE-2020-1381
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.71% / 72.08%
||
7 Day CHG~0.00%
Published-14 Jul, 2020 | 22:54
Updated-04 Aug, 2024 | 06:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1382.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_10Windows 10 Version 2004 for x64-based SystemsWindows 10 Version 1903 for x64-based SystemsWindows Server, version 2004 (Server Core installation)Windows 10 Version 2004 for 32-bit SystemsWindows 10 Version 2004 for ARM64-based SystemsWindows 10 Version 1909 for ARM64-based SystemsWindows Server, version 1909 (Server Core installation)Windows 10 Version 1903 for 32-bit SystemsWindows 10 Version 1903 for ARM64-based SystemsWindows Server, version 1903 (Server Core installation)Windows 10 Version 1909 for 32-bit SystemsWindows 10 Version 1909 for x64-based Systems
CWE ID-CWE-416
Use After Free
CVE-2020-1382
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.38% / 59.29%
||
7 Day CHG~0.00%
Published-14 Jul, 2020 | 22:54
Updated-04 Aug, 2024 | 06:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1381.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_10Windows 10 Version 2004 for x64-based SystemsWindows 10 Version 1903 for x64-based SystemsWindows Server, version 2004 (Server Core installation)Windows 10 Version 2004 for 32-bit SystemsWindows 10 Version 2004 for ARM64-based SystemsWindows 10 Version 1909 for ARM64-based SystemsWindows Server, version 1909 (Server Core installation)Windows 10 Version 1903 for 32-bit SystemsWindows 10 Version 1903 for ARM64-based SystemsWindows Server, version 1903 (Server Core installation)Windows 10 Version 1909 for 32-bit SystemsWindows 10 Version 1909 for x64-based Systems
CWE ID-CWE-416
Use After Free
CVE-2025-53152
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.61%
||
7 Day CHG~0.00%
Published-12 Aug, 2025 | 17:10
Updated-13 Feb, 2026 | 18:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Desktop Windows Manager Remote Code Execution Vulnerability

Use after free in Desktop Windows Manager allows an authorized attacker to execute code locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_1507windows_server_2019windows_server_2008windows_10_22h2windows_server_2016windows_server_2012windows_10_1607windows_11_22h2windows_server_2022windows_10_21h2windows_11_23h2windows_10_1809Windows Server 2008 R2 Service Pack 1Windows 11 Version 23H2Windows Server 2012 (Server Core installation)Windows 10 Version 1809Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 11 version 22H3Windows Server 2016 (Server Core installation)Windows 10 Version 22H2Windows Server 2019Windows Server 2022Windows 10 Version 1607Windows Server 2019 (Server Core installation)Windows Server 2016Windows 11 version 22H2Windows Server 2012 R2Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2012Windows Server 2012 R2 (Server Core installation)
CWE ID-CWE-416
Use After Free
CVE-2025-53768
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.89%
||
7 Day CHG~0.00%
Published-14 Oct, 2025 | 17:00
Updated-22 Feb, 2026 | 17:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Xbox IStorageService Elevation of Privilege Vulnerability

Use after free in Xbox allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_1507windows_11_22h2windows_10_21h2windows_11_23h2windows_11_24h2windows_10_1607windows_10_22h2windows_10_1809windows_11_25h2Windows 10 Version 1607Windows 11 Version 24H2Windows 11 Version 23H2Windows 10 Version 1809Windows 10 Version 1507Windows 10 Version 21H2Windows 11 version 22H2Windows 11 version 22H3Windows 10 Version 22H2Windows 11 Version 25H2
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE ID-CWE-416
Use After Free
CVE-2025-53150
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.08% / 23.99%
||
7 Day CHG~0.00%
Published-14 Oct, 2025 | 17:00
Updated-26 Feb, 2026 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Digital Media Elevation of Privilege Vulnerability

Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_11_22h2windows_10_21h2windows_11_23h2windows_11_24h2windows_10_22h2windows_server_2022_23h2windows_10_1809windows_server_2025windows_server_2019windows_11_25h2Windows Server 2019 (Server Core installation)Windows 11 Version 25H2Windows 10 Version 21H2Windows 11 version 22H2Windows 11 version 22H3Windows 10 Version 22H2Windows 11 Version 23H2Windows Server 2019Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2025Windows 11 Version 24H2Windows 10 Version 1809Windows Server 2025 (Server Core installation)
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE ID-CWE-416
Use After Free
CVE-2019-15878
Matching Score-4
Assigner-FreeBSD
ShareView Details
Matching Score-4
Assigner-FreeBSD
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.30%
||
7 Day CHG~0.00%
Published-13 May, 2020 | 15:38
Updated-05 Aug, 2024 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In FreeBSD 12.1-STABLE before r352509, 11.3-STABLE before r352509, and 11.3-RELEASE before p9, an unprivileged local user can trigger a use-after-free situation due to improper checking in SCTP when an application tries to update an SCTP-AUTH shared key.

Action-Not Available
Vendor-n/aFreeBSD Foundation
Product-freebsdFreeBSD
CWE ID-CWE-416
Use After Free
CVE-2025-50175
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.11% / 28.77%
||
7 Day CHG~0.00%
Published-14 Oct, 2025 | 17:00
Updated-26 Feb, 2026 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Digital Media Elevation of Privilege Vulnerability

Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_11_22h2windows_10_21h2windows_11_23h2windows_11_24h2windows_server_2022windows_10_22h2windows_server_2022_23h2windows_10_1809windows_server_2025windows_server_2019windows_11_25h2Windows Server 2019 (Server Core installation)Windows 11 Version 25H2Windows 10 Version 21H2Windows 11 version 22H2Windows 11 version 22H3Windows 10 Version 22H2Windows 11 Version 23H2Windows Server 2019Windows Server 2022Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2025Windows 11 Version 24H2Windows 10 Version 1809Windows Server 2025 (Server Core installation)
CWE ID-CWE-416
Use After Free
CVE-2019-14037
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.10% / 26.81%
||
7 Day CHG~0.00%
Published-30 Jul, 2020 | 11:40
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Close and bind operations done on a socket can lead to a Use-After-Free condition. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8996, MSM8996AU, QCN7605, QCN7606, QCS605, SC8180X, SDA660, SDA845, SDM439, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaresdm636_firmwaresdm845_firmwaremsm8996au_firmwareapq8098_firmwaresdm845sdx20sdm660sdx24sdm439mdm9607_firmwareqcn7606_firmwaremdm9650sc8180x_firmwaresdm630sdm710msm8909w_firmwaremdm9607msm8996ausdm710_firmwareapq8009_firmwareqcn7605_firmwaremsm8909wsdm670qcs605_firmwaremdm9207c_firmwaremsm8996_firmwaresc8180xmdm9206msm8905mdm9207csdm670_firmwaresm8150_firmwaresdx24_firmwareapq8096ausdm439_firmwaresda845_firmwaresdm636sdm630_firmwareapq8098qcn7605sda660_firmwaremdm9206_firmwareqcs605sdx55apq8053apq8096au_firmwaremdm9650_firmwaresm8150sdx20_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaremsm8996sxr1130apq8009apq8053_firmwaresdm660_firmwaresda845qcn7606mdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2025-50153
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 22.43%
||
7 Day CHG~0.00%
Published-12 Aug, 2025 | 17:09
Updated-13 Feb, 2026 | 18:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Desktop Window Manager Elevation of Privilege Vulnerability

Use after free in Desktop Windows Manager allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_1809windows_10_22h2windows_server_2012windows_server_2008windows_server_2019windows_10_1507windows_10_21h2windows_11_23h2windows_server_2022windows_server_2016windows_10_1607windows_11_22h2Windows Server 2008 R2 Service Pack 1Windows 11 Version 23H2Windows Server 2012 (Server Core installation)Windows 10 Version 1809Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 11 version 22H3Windows Server 2016 (Server Core installation)Windows 10 Version 22H2Windows Server 2019Windows Server 2022Windows 10 Version 1607Windows Server 2019 (Server Core installation)Windows Server 2016Windows 11 version 22H2Windows Server 2012 R2Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2012Windows Server 2012 R2 (Server Core installation)
CWE ID-CWE-416
Use After Free
CVE-2019-14032
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 25.51%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory use after free issue in audio due to lack of resource control in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8953, MSM8996AU, Nicobar, QCS405, QCS605, Rennell, SA6155P, Saipan, SC8180X, SDA845, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaremsm8996au_firmwaresdm845sdx24mdm9650sm7150_firmwaresm6150msm8909w_firmwaremsm8996ausm7150apq8009_firmwaresdm670sxr2130qcs605_firmwaresc8180xmdm9206sdm670_firmwaresdx24_firmwaresda845_firmwareapq8098mdm9206_firmwareqcs605mdm9640mdm9650_firmwaremsm8905_firmwaresxr1130_firmwaresdx55_firmwaresxr1130msm8909wapq8009apq8053_firmwaresda845nicobarsa6155p_firmwaremsm8953apq8098_firmwaresdx20mdm9607_firmwaresm8250_firmwaresc8180x_firmwareqcs405sdm710mdm9607apq8017_firmwaresdm710_firmwaresa6155pmdm9207c_firmwaremsm8905mdm9207csm8150_firmwaresxr2130_firmwareapq8096auqcs405_firmwarerennellrennell_firmwaresdx55msm8953_firmwareapq8053apq8096au_firmwaresaipan_firmwaresm6150_firmwaresm8250sm8150sdx20_firmwareapq8017nicobar_firmwaresaipansdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-416
Use After Free
CVE-2019-14040
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-1.43% / 80.47%
||
7 Day CHG~0.00%
Published-07 Feb, 2020 | 05:00
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Using memory after being freed in qsee due to wrong implementation can lead to unexpected behavior such as execution of unknown code in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, QCS605, QM215, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9640_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaremsm8909w_firmwaremsm8996ausdm429w_firmwareapq8009_firmwaremsm8917qcs605_firmwaremdm9206sdx24_firmwaresdm636sda845_firmwareapq8098mdm9206_firmwareqcs605mdm9640msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sxr1130_firmwaresxr1130msm8909wapq8009apq8053_firmwaresda845msm8920msm8953sdm450sdm636_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660msm8920_firmwaresdm630mdm9607_firmwareqm215mdm9607apq8017_firmwaremdm9150msm8937mdm9207c_firmwaremsm8905mdm9207csm8150_firmwareapq8096ausdm439_firmwaresdm630_firmwaresda660_firmwareqm215_firmwaremsm8940apq8053apq8096au_firmwaremsm8953_firmwaremsm8917_firmwaremsm8998sm8150sdx20_firmwareapq8017sdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2019-14034
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.76%
||
7 Day CHG~0.00%
Published-21 Jan, 2020 | 06:30
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free while processing eeprom query as there is a chance to not unlock mutex after error occurs in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, MSM8909W, MSM8917, MSM8953, Nicobar, QCS605, QM215, Rennell, SA6155P, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM670, SDM710, SDM845, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa6155p_firmwaremsm8953sdm450sdm429wsdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439sm8250_firmwaresdm429sm7150_firmwaresdm710msm8909w_firmwareqm215sm6150sdm429w_firmwaresdm710_firmwaresm7150apq8009_firmwaremsm8917msm8909wsa6155psdm670sxr2130qcs605_firmwaresdm670_firmwaresm8150_firmwaresdx24_firmwaresxr2130_firmwaresdm439_firmwaresda845_firmwarerennellrennell_firmwareqm215_firmwareqcs605sdx55msm8953_firmwareapq8053sm6150_firmwaresm8250msm8917_firmwaresdm429_firmwaresm8150sxr1130_firmwaresdx55_firmwarenicobar_firmwareapq8009sxr1130apq8053_firmwaresda845nicobarsdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2019-14029
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 25.51%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free in graphics module due to destroying already queued syncobj in error case in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, APQ8098, MDM9607, MSM8909W, MSM8953, MSM8996AU, Nicobar, QCS405, QCS605, Rennell, SA6155P, Saipan, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM670, SDM710, SDM845, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439sdm429sm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150apq8009_firmwaresdm670sxr2130qcs605_firmwaresc8180xsdm670_firmwaresdx24_firmwaresda845_firmwareapq8098qcs605sdm429_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130apq8009msm8909wapq8053_firmwaresda845nicobarsa6155p_firmwaremsm8953sdm450apq8098_firmwaremdm9607_firmwaresm8250_firmwaresc8180x_firmwareqcs405sdm710mdm9607sdm710_firmwaresa6155psm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwarerennellsda660_firmwarerennell_firmwaresdx55msm8953_firmwareapq8053apq8096au_firmwaresaipan_firmwaresm6150_firmwaresm8250sm8150nicobar_firmwaresaipansdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2019-14024
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.35%
||
7 Day CHG~0.00%
Published-21 Jan, 2020 | 06:30
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible stack-use-after-scope issue in NFC usecase for card emulation in Snapdragon Auto, Snapdragon Industrial IOT, Snapdragon Mobile in MSM8917, MSM8953, Nicobar, QM215, Rennell, SDM429, SDM439, SDM450, SDM632, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-msm8953sdm450sdm632_firmwaresdm845sdm450_firmwaresdm632sdm439sm8250_firmwaresdm429sm7150_firmwaresdm710qm215sm6150sdm710_firmwaresm7150msm8917sdm670sxr2130sdm670_firmwaresm8150_firmwaresxr2130_firmwaresdm439_firmwarerennellrennell_firmwareqm215_firmwaremsm8953_firmwaresm6150_firmwaresm8250msm8917_firmwaresdm429_firmwaresm8150nicobar_firmwarenicobarsdm845_firmwareSnapdragon Auto, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-416
Use After Free
CVE-2019-14087
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.35%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 15:05
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Failure in buffer management while accessing handle for HDR blit when color modes not supported by display in Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wearables in MSM8909W, QCS605

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcs605qcs605_firmwaremsm8909w_firmwaremsm8909wSnapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2025-30377
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.4||HIGH
EPSS-0.42% / 61.82%
||
7 Day CHG+0.03%
Published-13 May, 2025 | 16:58
Updated-13 Feb, 2026 | 19:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Office Remote Code Execution Vulnerability

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-exceloffice_online_serveroffice_long_term_servicing_channel365_appsofficeMicrosoft Office LTSC 2024Microsoft 365 Apps for EnterpriseMicrosoft Office LTSC for Mac 2021Microsoft Office LTSC for Mac 2024Microsoft Office for AndroidMicrosoft Office LTSC 2021Microsoft Office 2019Microsoft Office 2016
CWE ID-CWE-416
Use After Free
CVE-2019-14117
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.76%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Whenever the page list is updated via privileged user, the previous list elements are freed but are not deleted from the list which results in a use after free causing an unhandled page fault exception in rmnet driver' in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Bitra, MDM9607, QCS405, Saipan, SC8180X, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm8150_firmwaresxr2130_firmwareqcs405_firmwarebitrasm8250_firmwaremdm9607_firmwaresc8180x_firmwaresdx55qcs405sm7150_firmwaresaipan_firmwaresm6150_firmwaresm6150sm8250mdm9607bitra_firmwaresm8150sdx55_firmwaresm7150saipansxr2130sc8180xSnapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2019-14055
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.76%
||
7 Day CHG~0.00%
Published-07 Feb, 2020 | 05:00
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possibility of use-after-free and double free because of not marking buffer as NULL after freeing can lead to dangling pointer access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8939, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS605, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8909w_firmwaremsm8996ausdm429w_firmwareapq8009_firmwaresxr2130qcs605_firmwaresc8180xmdm9206sdx24_firmwaresdm636sda845_firmwareapq8098qcn7605mdm9206_firmwaremsm8939qcs605mdm9640sdm429_firmwaremdm9650_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009apq8053_firmwaresda845nicobarmsm8953sdm450sdm636_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660sdm630mdm9607_firmwaresm8250_firmwaresc8180x_firmwaremdm9607apq8017_firmwaremsm8939_firmwareqcn7605_firmwaremdm9207c_firmwaremsm8905mdm9207csm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwaresdm630_firmwaresda660_firmwaresdx55msm8953_firmwareapq8053apq8096au_firmwaresm8250msm8998sm8150sdx20_firmwareapq8017nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CWE ID-CWE-415
Double Free
CVE-2025-49725
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.88%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 16:58
Updated-13 Feb, 2026 | 19:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Notification Elevation of Privilege Vulnerability

Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_22h2windows_server_2022windows_11_24h2windows_server_2022_23h2windows_11_22h2windows_11_23h2windows_10_1607windows_10_1809windows_server_2019windows_server_2025windows_10_21h2windows_server_2016Windows Server 2025Windows 11 Version 23H2Windows 10 Version 1809Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 version 22H3Windows Server 2016 (Server Core installation)Windows 10 Version 22H2Windows Server 2019Windows Server 2022Windows 10 Version 1607Windows 11 Version 24H2Windows Server 2025 (Server Core installation)Windows Server 2019 (Server Core installation)Windows Server 2016Windows 11 version 22H2Windows 10 Version 21H2
CWE ID-CWE-416
Use After Free
CVE-2025-49761
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 22.43%
||
7 Day CHG~0.00%
Published-12 Aug, 2025 | 17:09
Updated-26 Feb, 2026 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel Elevation of Privilege Vulnerability

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_1607windows_11_23h2windows_10_22h2windows_server_2008windows_server_2019windows_10_1507windows_server_2022windows_server_2022_23h2windows_10_1809windows_10_21h2windows_server_2016windows_server_2025windows_11_24h2windows_11_22h2windows_server_2012Windows Server 2019 (Server Core installation)Windows 10 Version 21H2Windows 10 Version 22H2Windows 11 Version 23H2Windows Server 2012Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2008 R2 Service Pack 1Windows Server 2012 R2Windows Server 2025 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows 11 version 22H2Windows 11 version 22H3Windows Server 2019Windows 10 Version 1607Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2022Windows 10 Version 1507Windows Server 2012 (Server Core installation)Windows Server 2025Windows Server 2016 (Server Core installation)Windows 11 Version 24H2Windows Server 2016Windows 10 Version 1809
CWE ID-CWE-416
Use After Free
CVE-2025-49733
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.88%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 16:58
Updated-26 Feb, 2026 | 17:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Win32k Elevation of Privilege Vulnerability

Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_22h2windows_server_2022windows_11_24h2windows_server_2022_23h2windows_11_22h2windows_11_23h2windows_10_1809windows_server_2025windows_10_21h2windows_server_2019Windows Server 2019 (Server Core installation)Windows 10 Version 21H2Windows 11 version 22H2Windows 11 version 22H3Windows 10 Version 22H2Windows 11 Version 23H2Windows Server 2019Windows Server 2022Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2025Windows 11 Version 24H2Windows 10 Version 1809Windows Server 2025 (Server Core installation)
CWE ID-CWE-416
Use After Free
CVE-2025-49660
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.88%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 16:57
Updated-26 Feb, 2026 | 18:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Event Tracing Elevation of Privilege Vulnerability

Use after free in Windows Event Tracing allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2012windows_10_22h2windows_server_2022_23h2windows_10_21h2windows_11_24h2windows_server_2019windows_server_2025windows_server_2022windows_10_1607windows_11_23h2windows_10_1809windows_server_2016windows_10_1507windows_11_22h2Windows Server 2019 (Server Core installation)Windows 10 Version 21H2Windows 10 Version 22H2Windows 11 Version 23H2Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2012 R2Windows Server 2025 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows 11 version 22H2Windows 11 version 22H3Windows Server 2019Windows 10 Version 1607Windows Server 2022Windows 10 Version 1507Windows Server 2025Windows Server 2016 (Server Core installation)Windows 11 Version 24H2Windows Server 2016Windows 10 Version 1809
CWE ID-CWE-416
Use After Free
CVE-2025-49726
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.88%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 16:57
Updated-13 Feb, 2026 | 19:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Notification Elevation of Privilege Vulnerability

Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_22h2windows_server_2022windows_11_24h2windows_server_2022_23h2windows_11_22h2windows_11_23h2windows_10_1607windows_10_1809windows_server_2019windows_server_2025windows_10_21h2windows_server_2016Windows Server 2025Windows 11 Version 23H2Windows 10 Version 1809Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 version 22H3Windows Server 2016 (Server Core installation)Windows 10 Version 22H2Windows Server 2019Windows Server 2022Windows 10 Version 1607Windows 11 Version 24H2Windows Server 2025 (Server Core installation)Windows Server 2019 (Server Core installation)Windows Server 2016Windows 11 version 22H2Windows 10 Version 21H2
CWE ID-CWE-416
Use After Free
CVE-2025-49665
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.30%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 16:57
Updated-13 Feb, 2026 | 19:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Workspace Broker Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization ('race condition') in Workspace Broker allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2012windows_10_22h2windows_server_2022_23h2windows_10_21h2windows_11_24h2windows_server_2019windows_server_2025windows_server_2022windows_10_1607windows_11_23h2windows_10_1809windows_server_2016windows_10_1507windows_11_22h2Windows Server 2025Windows 11 Version 23H2Windows Server 2012 (Server Core installation)Windows 10 Version 1809Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 version 22H3Windows Server 2016 (Server Core installation)Windows 10 Version 22H2Windows Server 2019Windows Server 2022Windows 10 Version 1607Windows 11 Version 24H2Windows Server 2025 (Server Core installation)Windows Server 2019 (Server Core installation)Windows Server 2016Windows 11 version 22H2Windows Server 2012 R2Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2012Windows Server 2012 R2 (Server Core installation)
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE ID-CWE-416
Use After Free
CVE-2025-49675
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.88%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 16:57
Updated-26 Feb, 2026 | 18:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

Use after free in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2012windows_10_22h2windows_server_2022_23h2windows_10_21h2windows_11_24h2windows_server_2019windows_server_2025windows_server_2022windows_10_1607windows_11_23h2windows_10_1809windows_server_2016windows_server_2008windows_10_1507windows_11_22h2Windows Server 2019 (Server Core installation)Windows 10 Version 21H2Windows 10 Version 22H2Windows 11 Version 23H2Windows Server 2012Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2008 Service Pack 2Windows Server 2008 R2 Service Pack 1Windows Server 2012 R2Windows Server 2025 (Server Core installation)Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2016Windows Server 2012 R2 (Server Core installation)Windows 11 version 22H2Windows 11 version 22H3Windows Server 2019Windows 10 Version 1607Windows Server 2022Windows 10 Version 1507Windows Server 2012 (Server Core installation)Windows Server 2025Windows Server 2016 (Server Core installation)Windows 11 Version 24H2Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 10 Version 1809
CWE ID-CWE-416
Use After Free
CVE-2019-10518
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 13.38%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 05:25
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free of a pointer in iWLAN scenario during netmgr state transition to CONNECT in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, IPQ4019, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, QCA6574AU, QCS405, QCS605, SDA660, SDA845, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9640_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwareipq4019_firmwaremdm9206sdm670_firmwaresdx24_firmwareipq8074sdm636sda845_firmwareapq8098mdm9206_firmwaremsm8939qcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwareqca6574au_firmwaresda660sdx55_firmwareipq8064sxr1130_firmwareapq8064_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwareipq8064_firmwaresda845msm8920msm8953sdm636_firmwareapq8064sdm845_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwareqcs405ipq8074_firmwareqca6574ausdm710mdm9607apq8017_firmwaresdm710_firmwaremsm8939_firmwaremdm9150msm8937mdm9207c_firmwaremsm8905mdm9207csm8150_firmwaremsm8909sxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwaresda660_firmwareipq4019sdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250msm8998sm8150sdx20_firmwareapq8017sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-416
Use After Free
CVE-2019-10497
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.26%
||
7 Day CHG~0.00%
Published-30 Sep, 2019 | 15:40
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free issue occurs If another instance of open for voice_svc node has been called from application without closing the previous one. in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632mdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdx24sdm439mdm9650sd_636sd_615_firmwaremsm8909w_firmwaremsm8996ausd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_425_firmwaresd_665sdx24_firmwaresd_625_firmwaresd_450sd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sd_210_firmwaresd_415_firmwaremsm8909wsd_665_firmwaresd_616_firmwaresd_205_firmwaresd_415sd_212sd_427_firmwaresd_712sd_855sd_730_firmwarequalcomm_215sdx20sd_616sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_615sd_710_firmwaresdm630sd_625sd_820_firmwaresd_210mdm9607sd_636_firmwaresd_439_firmwarequalcomm_215_firmwaremdm9150sd_429_firmwaresd_730sd_212_firmwaresd_850_firmwaresd_855_firmwaresdm439_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_430sd_427sd_670sd_435_firmwaresdx20_firmwaresd_710sd_205sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2019-10603
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.76%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free issue occurs If the real device interface goes down and a route lookup is performed while sending a raw IPv6 message in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8917, MSM8937, MSM8996AU, QCN7605, SDA845, SDM630, SDM636, SDM660, SDX20, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaresdm636_firmwaremsm8996au_firmwareapq8098_firmwaresdx20sdm660sdm630mdm9607_firmwaremdm9650mdm9607msm8996auqcn7605_firmwaremsm8917msm8937mdm9207c_firmwaremdm9206mdm9207capq8096ausdm636sda845_firmwaresdm630_firmwareapq8098qcn7605mdm9206_firmwareapq8053apq8096au_firmwaremsm8917_firmwaremsm8937_firmwaremdm9650_firmwaresdx20_firmwaresxr1130_firmwaresxr1130apq8053_firmwaresdm660_firmwaresda845mdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2025-47976
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.88%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 16:57
Updated-13 Feb, 2026 | 19:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability

Use after free in Windows SSDP Service allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2008windows_server_2022_23h2windows_server_2025windows_11_22h2windows_server_2016windows_server_2022windows_10_22h2windows_11_23h2windows_10_1607windows_11_24h2windows_server_2019windows_10_1507windows_10_1809windows_server_2012windows_10_21h2Windows Server 2025Windows Server 2008 R2 Service Pack 1Windows 11 Version 23H2Windows Server 2012 (Server Core installation)Windows 10 Version 1809Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 version 22H3Windows Server 2016 (Server Core installation)Windows 10 Version 22H2Windows Server 2019Windows Server 2022Windows 10 Version 1607Windows 11 Version 24H2Windows Server 2025 (Server Core installation)Windows Server 2019 (Server Core installation)Windows Server 2016Windows 11 version 22H2Windows Server 2012 R2Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 Service Pack 2Windows Server 2012Windows Server 2012 R2 (Server Core installation)
CWE ID-CWE-416
Use After Free
  • Previous
  • 1
  • 2
  • ...
  • 58
  • 59
  • 60
  • ...
  • 63
  • 64
  • Next
Details not found