Export limit exceeded: 357078 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (8757 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-29919 | 1 Intel | 1 Virtual Raid On Cpu | 2025-01-27 | 7.8 High |
| Use after free in the Intel(R) VROC software before version 7.7.6.1003 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-28411 | 1 Intel | 20 Server System D50tnp1mhcpac, Server System D50tnp1mhcpac Firmware, Server System D50tnp1mhcrac and 17 more | 2025-01-27 | 6.3 Medium |
| Double free in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access. | ||||
| CVE-2024-22180 | 1 Openatom | 1 Openharmony | 2025-01-27 | 3.3 Low |
| in OpenHarmony v4.0.0 and prior versions allow a local attacker cause DOS through use after free. | ||||
| CVE-2023-25006 | 1 Autodesk | 1 3ds Max Usd | 2025-01-24 | 7.8 High |
| A malicious actor may convince a user to open a malicious USD file that may trigger a use-after-free vulnerability which could result in code execution. | ||||
| CVE-2023-21106 | 1 Google | 1 Android | 2025-01-24 | 7.8 High |
| In adreno_set_param of adreno_gpu.c, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-265016072References: Upstream kernel | ||||
| CVE-2023-21102 | 2 Google, Redhat | 2 Android, Enterprise Linux | 2025-01-24 | 7.8 High |
| In __efi_rt_asm_wrapper of efi-rt-wrapper.S, there is a possible bypass of shadow stack protection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-260821414References: Upstream kernel | ||||
| CVE-2024-28951 | 1 Openatom | 1 Openharmony | 2025-01-24 | 5.5 Medium |
| in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. | ||||
| CVE-2023-22318 | 1 Tribe29 | 1 Checkmk Appliance Firmware | 2025-01-23 | 7.5 High |
| Denial of service in Webconf in Tribe29 Checkmk Appliance before 1.6.5. | ||||
| CVE-2023-28308 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2025-01-23 | 6.6 Medium |
| Windows DNS Server Remote Code Execution Vulnerability | ||||
| CVE-2023-28307 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2025-01-23 | 6.6 Medium |
| Windows DNS Server Remote Code Execution Vulnerability | ||||
| CVE-2023-28306 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2025-01-23 | 6.6 Medium |
| Windows DNS Server Remote Code Execution Vulnerability | ||||
| CVE-2023-28296 | 1 Microsoft | 3 Visual Studio 2017, Visual Studio 2019, Visual Studio 2022 | 2025-01-23 | 7.8 High |
| Visual Studio Remote Code Execution Vulnerability | ||||
| CVE-2023-28223 | 1 Microsoft | 4 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 1 more | 2025-01-23 | 6.6 Medium |
| Windows Domain Name Service Remote Code Execution Vulnerability | ||||
| CVE-2023-28305 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2025-01-23 | 6.6 Medium |
| Windows DNS Server Remote Code Execution Vulnerability | ||||
| CVE-2023-28297 | 1 Microsoft | 10 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 7 more | 2025-01-23 | 8.8 High |
| Windows Remote Procedure Call Service (RPCSS) Elevation of Privilege Vulnerability | ||||
| CVE-2023-24914 | 1 Microsoft | 1 Windows 11 22h2 | 2025-01-23 | 7 High |
| Win32k Elevation of Privilege Vulnerability | ||||
| CVE-2023-2203 | 2 Redhat, Webkitgtk | 5 Enterprise Linux, Enterprise Linux Eus, Enterprise Linux Server Aus and 2 more | 2025-01-22 | 8.8 High |
| A flaw was found in the WebKitGTK package. An improper input validation issue may lead to a use-after-free vulnerability. This flaw allows attackers with network access to pass specially crafted web content files, causing a denial of service or arbitrary code execution. This CVE exists because of a CVE-2023-28205 security regression for the WebKitGTK package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2. | ||||
| CVE-2023-31725 | 1 Yasm Project | 1 Yasm | 2025-01-22 | 5.5 Medium |
| yasm 1.3.0.55.g101bc was discovered to contain a heap-use-after-free via the function expand_mmac_params at yasm/modules/preprocs/nasm/nasm-pp.c. | ||||
| CVE-2023-28081 | 1 Facebook | 1 Hermes | 2025-01-21 | 9.8 Critical |
| A bytecode optimization bug in Hermes prior to commit e6ed9c1a4b02dc219de1648f44cd808a56171b81 could be used to cause an use-after-free and obtain arbitrary code execution via a carefully crafted payload. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected. | ||||
| CVE-2023-24833 | 1 Facebook | 1 Hermes | 2025-01-21 | 7.5 High |
| A use-after-free in BigIntPrimitive addition in Hermes prior to commit a6dcafe6ded8e61658b40f5699878cd19a481f80 could have been used by an attacker to leak raw data from Hermes VM’s heap. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected. | ||||