Total
6239 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2025-31946 | 2025-05-12 | 6.2 Medium | ||
Pixmeo OsiriX MD is vulnerable to a local use after free scenario, which could allow an attacker to locally import a crafted DICOM file and cause memory corruption or a system crash. | ||||
CVE-2025-27578 | 2025-05-12 | 7.5 High | ||
Pixmeo OsiriX MD is vulnerable to a use after free scenario, which could allow an attacker to upload a crafted DICOM file and cause memory corruption leading to a denial-of-service condition. | ||||
CVE-2025-0427 | 1 Arm | 3 5th Gen Gpu Architecture Kernel Driver, Bifrost Gpu Kernel Driver, Valhall Gpu Kernel Driver | 2025-05-12 | 7.8 High |
Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform valid GPU processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r8p0 through r49p3, from r50p0 through r51p0; Valhall GPU Kernel Driver: from r19p0 through r49p3, from r50p0 through r53p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r49p3, from r50p0 through r53p0. | ||||
CVE-2025-0072 | 1 Arm | 2 5th Gen Gpu Architecture Kernel Driver, Valhall Gpu Kernel Driver | 2025-05-12 | 7.8 High |
Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU memory processing operations to gain access to already freed memory. This issue affects Valhall GPU Kernel Driver: from r29p0 through r49p3, from r50p0 through r53p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r49p3, from r50p0 through r53p0. | ||||
CVE-2022-22208 | 1 Juniper | 2 Junos, Junos Os Evolved | 2025-05-12 | 5.9 Medium |
A Use After Free vulnerability in the Routing Protocol Daemon (rdp) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker to cause Denial of Service (DoS). When a BGP session flap happens, a Use After Free of a memory location that was assigned to another object can occur, which will lead to an rpd crash. This is a race condition that is outside of the attacker's control and cannot be deterministically exploited. Continued flapping of BGP sessions can create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS: All versions prior to 18.4R2-S9, 18.4R3-S11; 19.1 versions prior to 19.1R3-S8; 19.2 version 19.2R1 and later versions; 19.3 versions prior to 19.3R3-S5; 19.4 versions prior to 19.4R2-S6, 19.4R3-S6; 20.1 version 20.1R1 and later versions; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S2; 20.4 versions prior to 20.4R3-S1; 21.1 versions prior to 21.1R3-S3; 21.2 versions prior to 21.2R2-S1, 21.2R3. Juniper Networks Junos OS Evolved All versions prior to 20.4R3-S4-EVO; 21.1-EVO versions prior to 21.1R3-S2-EVO; 21.2-EVO versions prior to 21.2R3-EVO; 21.3-EVO versions prior to 21.3R2-EVO. | ||||
CVE-2024-26455 | 1 Treasuredata | 1 Fluent Bit | 2025-05-12 | 7.5 High |
fluent-bit 2.2.2 contains a Use-After-Free vulnerability in /fluent-bit/plugins/custom_calyptia/calyptia.c. | ||||
CVE-2025-37795 | 2025-05-10 | 7.1 High | ||
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
CVE-2024-45567 | 1 Qualcomm | 28 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 25 more | 2025-05-09 | 7.8 High |
Memory corruption while encoding JPEG format. | ||||
CVE-2024-45566 | 1 Qualcomm | 46 Fastconnect 6800, Fastconnect 6800 Firmware, Fastconnect 6900 and 43 more | 2025-05-09 | 7.8 High |
Memory corruption during concurrent buffer access due to modification of the reference count. | ||||
CVE-2024-45564 | 1 Qualcomm | 126 C-v2x 9150, C-v2x 9150 Firmware, Fastconnect 6800 and 123 more | 2025-05-09 | 7.8 High |
Memory corruption during concurrent access to server info object due to incorrect reference count update. | ||||
CVE-2024-45562 | 1 Qualcomm | 160 C-v2x 9150, C-v2x 9150 Firmware, Fastconnect 6800 and 157 more | 2025-05-09 | 6.6 Medium |
Memory corruption during concurrent access to server info object due to unprotected critical field. | ||||
CVE-2024-45554 | 1 Qualcomm | 42 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 39 more | 2025-05-09 | 7.8 High |
Memory corruption during concurrent SSR execution due to race condition on the global maps list. | ||||
CVE-2024-45583 | 1 Qualcomm | 14 Fastconnect 7800, Fastconnect 7800 Firmware, Snapdragon 8 Gen 3 Mobile and 11 more | 2025-05-09 | 6.6 Medium |
Memory corruption while handling multiple IOCTL calls from userspace to operate DMA operations. | ||||
CVE-2025-21453 | 1 Qualcomm | 532 205 Mobile, 205 Mobile Firmware, 215 Mobile and 529 more | 2025-05-09 | 7.8 High |
Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur. | ||||
CVE-2024-21384 | 1 Microsoft | 2 365 Apps, Office Long Term Servicing Channel | 2025-05-09 | 7.8 High |
Microsoft Office OneNote Remote Code Execution Vulnerability | ||||
CVE-2024-21339 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2025-05-09 | 6.4 Medium |
Windows USB Generic Parent Driver Remote Code Execution Vulnerability | ||||
CVE-2024-25062 | 2 Redhat, Xmlsoft | 4 Enterprise Linux, Jboss Core Services, Rhel Eus and 1 more | 2025-05-09 | 7.5 High |
An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free. | ||||
CVE-2022-25666 | 1 Qualcomm | 296 Apq8096au, Apq8096au Firmware, Aqt1000 and 293 more | 2025-05-09 | 6.7 Medium |
Memory corruption due to use after free in service while trying to access maps by different threads in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | ||||
CVE-2022-43033 | 1 Axiosys | 1 Bento4 | 2025-05-08 | 6.5 Medium |
An issue was discovered in Bento4 1.6.0-639. There is a bad free in the component AP4_HdlrAtom::~AP4_HdlrAtom() which allows attackers to cause a Denial of Service (DoS) via a crafted input. | ||||
CVE-2022-39823 | 1 Softing | 2 Opc, Opc Ua C\+\+ Software Development Kit | 2025-05-08 | 7.5 High |
An issue was discovered in Softing OPC UA C++ SDK 5.66 through 6.x before 6.10. An OPC/UA browse request exceeding the server limit on continuation points may cause a use-after-free error |