Search Results (9085 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2011-1236 1 Microsoft 6 Windows 2003 Server, Windows 7, Windows Server 2003 and 3 more 2025-04-11 7.8 High
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability."
CVE-2011-2818 3 Apple, Debian, Google 5 Iphone Os, Itunes, Safari and 2 more 2025-04-11 N/A
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to display box rendering.
CVE-2011-2793 1 Google 1 Chrome 2025-04-11 N/A
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to media selectors.
CVE-2023-38703 1 Teluu 1 Pjsip 2025-04-10 9.8 Critical
PJSIP is a free and open source multimedia communication library written in C with high level API in C, C++, Java, C#, and Python languages. SRTP is a higher level media transport which is stacked upon a lower level media transport such as UDP and ICE. Currently a higher level transport is not synchronized with its lower level transport that may introduce use-after-free issue. This vulnerability affects applications that have SRTP capability (`PJMEDIA_HAS_SRTP` is set) and use underlying media transport other than UDP. This vulnerability’s impact may range from unexpected application termination to control flow hijack/memory corruption. The patch is available as a commit in the master branch.
CVE-2022-47093 1 Gpac 1 Gpac 2025-04-10 7.8 High
GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to heap use-after-free via filters/dmx_m2ts.c:470 in m2tsdmx_declare_pid
CVE-2021-29117 1 Esri 1 Arcreader 2025-04-10 7.8 High
A use-after-free vulnerability when parsing a specially crafted file in Esri ArcReader 10.8.1 (and earlier) allows an unauthenticated attacker to achieve arbitrary code execution in the context of the current user.
CVE-2025-0995 1 Google 1 Chrome 2025-04-10 8.8 High
Use after free in V8 in Google Chrome prior to 133.0.6943.98 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2022-25722 1 Qualcomm 156 Apq8096au, Apq8096au Firmware, Ar9380 and 153 more 2025-04-09 6 Medium
Information exposure in DSP services due to improper handling of freeing memory
CVE-2022-47975 1 Huawei 2 Emui, Harmonyos 2025-04-09 7.5 High
The DUBAI module has a double free vulnerability. Successful exploitation of this vulnerability may affect system availability.
CVE-2022-25717 1 Qualcomm 90 Apq8096au, Apq8096au Firmware, Aqt1000 and 87 more 2025-04-09 6.7 Medium
Memory corruption in display due to double free while allocating frame buffer memory
CVE-2022-4382 1 Linux 1 Linux Kernel 2025-04-09 6.4 Medium
A use-after-free flaw caused by a race among the superblock operations in the gadgetfs Linux driver was found. It could be triggered by yanking out a device that is running the gadgetfs side.
CVE-2022-4379 3 Fedoraproject, Linux, Redhat 4 Fedora, Linux Kernel, Enterprise Linux and 1 more 2025-04-08 7.5 High
A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial
CVE-2022-3977 1 Linux 1 Linux Kernel 2025-04-08 7.8 High
A use-after-free flaw was found in the Linux kernel MCTP (Management Component Transport Protocol) functionality. This issue occurs when a user simultaneously calls DROPTAG ioctl and socket close happens, which could allow a local user to crash the system or potentially escalate their privileges on the system.
CVE-2023-29365 1 Microsoft 18 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 15 more 2025-04-08 7.8 High
Windows Media Remote Code Execution Vulnerability
CVE-2023-29368 1 Microsoft 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more 2025-04-08 7 High
Windows Filtering Platform Elevation of Privilege Vulnerability
CVE-2023-29358 1 Microsoft 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more 2025-04-08 7.8 High
Windows GDI Elevation of Privilege Vulnerability
CVE-2023-29361 1 Microsoft 9 Windows 10 21h2, Windows 10 21h2, Windows 10 22h2 and 6 more 2025-04-08 7 High
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2025-0444 1 Google 1 Chrome 2025-04-08 6.3 Medium
Use after free in Skia in Google Chrome prior to 133.0.6943.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2025-0445 1 Google 1 Chrome 2025-04-08 5.4 Medium
Use after free in V8 in Google Chrome prior to 133.0.6943.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-22402 1 Juniper 1 Junos Os Evolved 2025-04-07 5.9 Medium
A Use After Free vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). In a Non Stop Routing (NSR) scenario, an unexpected kernel restart might be observed if "bgp auto-discovery" is enabled and if there is a BGP neighbor flap of auto-discovery sessions for any reason. This is a race condition which is outside of an attackers direct control and it depends on system internal timing whether this issue occurs. This issue affects Juniper Networks Junos OS Evolved: 21.3 versions prior to 21.3R3-EVO; 21.4 versions prior to 21.4R2-EVO; 22.1 versions prior to 22.1R2-EVO; 22.2 versions prior to 22.2R1-S1-EVO, 22.2R2-EVO.