Total
6312 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-47976 | 1 Microsoft | 18 Windows, Windows 10, Windows 10 1507 and 15 more | 2025-08-18 | 7.8 High |
| Use after free in Windows SSDP Service allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-53152 | 1 Microsoft | 18 Server, Windows, Windows 10 1507 and 15 more | 2025-08-18 | 7.8 High |
| Use after free in Desktop Windows Manager allows an authorized attacker to execute code locally. | ||||
| CVE-2025-53151 | 1 Microsoft | 14 Server, Windows, Windows 10 1809 and 11 more | 2025-08-18 | 7.8 High |
| Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-53147 | 1 Microsoft | 19 Windows, Windows 10 1507, Windows 10 1607 and 16 more | 2025-08-18 | 7 High |
| Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-53142 | 1 Microsoft | 11 Server, Windows, Windows 11 and 8 more | 2025-08-18 | 7 High |
| Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-53140 | 1 Microsoft | 21 Windows, Windows 10, Windows 10 1507 and 18 more | 2025-08-18 | 7 High |
| Use after free in Kernel Transaction Manager allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2024-47814 | 2 Netapp, Vim | 3 Bootstrap Os, Hci Compute Node, Vim | 2025-08-18 | 3.9 Low |
| Vim is an open source, command line text editor. A use-after-free was found in Vim < 9.1.0764. When closing a buffer (visible in a window) a BufWinLeave auto command can cause an use-after-free if this auto command happens to re-open the same buffer in a new split window. Impact is low since the user must have intentionally set up such a strange auto command and run some buffer unload commands. However this may lead to a crash. This issue has been addressed in version 9.1.0764 and all users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2025-53721 | 1 Microsoft | 14 Server, Windows, Windows 10 1809 and 11 more | 2025-08-18 | 7 High |
| Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-53718 | 1 Microsoft | 19 Windows, Windows 10 1507, Windows 10 1607 and 16 more | 2025-08-18 | 7 High |
| Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-53738 | 1 Microsoft | 11 365, 365 Apps, Office and 8 more | 2025-08-18 | 7.8 High |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-53784 | 1 Microsoft | 8 365, 365 Apps, Office and 5 more | 2025-08-18 | 8.4 High |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2023-4813 | 4 Fedoraproject, Gnu, Netapp and 1 more | 23 Fedora, Glibc, Active Iq Unified Manager and 20 more | 2025-08-18 | 5.9 Medium |
| A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge. | ||||
| CVE-2023-4806 | 3 Fedoraproject, Gnu, Redhat | 24 Fedora, Glibc, Codeready Linux Builder Eus and 21 more | 2025-08-18 | 5.9 Medium |
| A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags. | ||||
| CVE-2025-3631 | 1 Ibm | 2 Mq, Mq Appliance | 2025-08-18 | 6.5 Medium |
| An IBM MQ 9.3 and 9.4 Client connecting to an MQ Queue Manager can cause a SIGSEGV in the AMQRMPPA channel process terminating it. | ||||
| CVE-2025-9020 | 1 Dronecode | 1 Px4 Drone Autopilot | 2025-08-16 | 4.5 Medium |
| A vulnerability was found in PX4 PX4-Autopilot up to 1.15.4. This issue affects the function MavlinkReceiver::handle_message_serial_control of the file src/modules/mavlink/mavlink_receiver.cpp of the component Mavlink Shell Closing Handler. The manipulation of the argument _mavlink_shell leads to use after free. An attack has to be approached locally. The complexity of an attack is rather high. The exploitation is known to be difficult. The identifier of the patch is 4395d4f00c49b888f030f5b43e2a779f1fa78708. It is recommended to apply a patch to fix this issue. | ||||
| CVE-2025-2013 | 1 Ashlar | 1 Cobalt | 2025-08-15 | N/A |
| Ashlar-Vellum Cobalt CO File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CO files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25186. | ||||
| CVE-2025-53740 | 1 Microsoft | 10 365, 365 Apps, Office and 7 more | 2025-08-15 | 8.4 High |
| Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-53735 | 1 Microsoft | 11 365, 365 Apps, Excel and 8 more | 2025-08-15 | 7.8 High |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-53734 | 1 Microsoft | 8 365, 365 Apps, Office and 5 more | 2025-08-15 | 7.8 High |
| Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-53731 | 1 Microsoft | 10 365, 365 Apps, Office and 7 more | 2025-08-15 | 8.4 High |
| Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||