Total
5557 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-47730 | 1 Linux | 1 Linux Kernel | 2025-03-13 | N/A | 7.8 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - inject error before stopping queue The master ooo cannot be completely closed when the accelerator core reports memory error. Therefore, the driver needs to inject the qm error to close the master ooo. Currently, the qm error is injected after stopping queue, memory may be released immediately after stopping queue, causing the device to access the released memory. Therefore, error is injected to close master ooo before stopping queue to ensure that the device does not access the released memory. | |||||
| CVE-2024-39494 | 1 Linux | 1 Linux Kernel | 2025-03-13 | N/A | 7.8 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: ima: Fix use-after-free on a dentry's dname.name ->d_name.name can change on rename and the earlier value can be freed; there are conditions sufficient to stabilize it (->d_lock on dentry, ->d_lock on its parent, ->i_rwsem exclusive on the parent's inode, rename_lock), but none of those are met at any of the sites. Take a stable snapshot of the name instead. | |||||
| CVE-2025-2013 | 2025-03-11 | N/A | 7.8 HIGH | ||
| Ashlar-Vellum Cobalt CO File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CO files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25186. | |||||
| CVE-2025-0151 | 2025-03-11 | N/A | 8.5 HIGH | ||
| Use after free in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via network access. | |||||
| CVE-2025-26630 | 2025-03-11 | N/A | 7.8 HIGH | ||
| Use after free in Microsoft Office Access allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-26629 | 2025-03-11 | N/A | 7.8 HIGH | ||
| Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-24082 | 2025-03-11 | N/A | 7.8 HIGH | ||
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-24081 | 2025-03-11 | N/A | 7.8 HIGH | ||
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-24080 | 2025-03-11 | N/A | 7.8 HIGH | ||
| Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-24079 | 2025-03-11 | N/A | 7.8 HIGH | ||
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-24078 | 2025-03-11 | N/A | 7.0 HIGH | ||
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-24077 | 2025-03-11 | N/A | 7.8 HIGH | ||
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-24072 | 2025-03-11 | N/A | 7.8 HIGH | ||
| Use after free in Microsoft Local Security Authority Server (lsasrv) allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-24064 | 2025-03-11 | N/A | 8.1 HIGH | ||
| Use after free in DNS Server allows an unauthorized attacker to execute code over a network. | |||||
| CVE-2025-24046 | 2025-03-11 | N/A | 7.8 HIGH | ||
| Use after free in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-24044 | 2025-03-11 | N/A | 7.8 HIGH | ||
| Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2023-2985 | 1 Linux | 1 Linux Kernel | 2025-03-11 | N/A | 5.5 MEDIUM |
| A use after free flaw was found in hfsplus_put_super in fs/hfsplus/super.c in the Linux Kernel. This flaw could allow a local user to cause a denial of service problem. | |||||
| CVE-2023-23514 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-03-11 | N/A | 7.8 HIGH |
| A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.2.1, macOS Big Sur 11.7.5. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2023-3141 | 3 Debian, Linux, Netapp | 3 Debian Linux, Linux Kernel, Hci Baseboard Management Controller | 2025-03-11 | N/A | 7.1 HIGH |
| A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak. | |||||
| CVE-2023-3317 | 1 Linux | 1 Linux Kernel | 2025-03-11 | N/A | 7.1 HIGH |
| A use-after-free flaw was found in mt7921_check_offload_capability in drivers/net/wireless/mediatek/mt76/mt7921/init.c in wifi mt76/mt7921 sub-component in the Linux Kernel. This flaw could allow an attacker to crash the system after 'features' memory release. This vulnerability could even lead to a kernel information leak problem. | |||||