Total
6697 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-1000217 | 1 Davegamble | 1 Cjson | 2025-07-22 | 7.5 HIGH | 9.8 CRITICAL |
| Dave Gamble cJSON version 1.7.3 and earlier contains a CWE-416: Use After Free vulnerability in cJSON library that can result in Possible crash, corruption of data or even RCE. This attack appear to be exploitable via Depends on how application uses cJSON library. If application provides network interface then can be exploited over a network, otherwise just local.. This vulnerability appears to have been fixed in 1.7.4. | |||||
| CVE-2025-27056 | 1 Qualcomm | 50 Fastconnect 7800, Fastconnect 7800 Firmware, Qmp1000 and 47 more | 2025-07-21 | N/A | 7.8 HIGH |
| Memory corruption during sub-system restart while processing clean-up to free up resources. | |||||
| CVE-2025-25568 | 1 Softether | 1 Vpn | 2025-07-19 | N/A | 9.8 CRITICAL |
| SoftEtherVPN 5.02.5187 is vulnerable to Use after Free in the Command.c file via the CheckNetworkAcceptThread function. NOTE: the Supplier disputes this because the use-after-free is not in the VPN software, but is instead in a separate tool that has no untrusted input and runs under the user's own privileges (it is a stress-testing tool for a networking stack). | |||||
| CVE-2024-2612 | 1 Mozilla | 2 Firefox, Thunderbird | 2025-07-17 | N/A | 8.1 HIGH |
| If an attacker could find a way to trigger a particular code path in `SafeRefPtr`, it could have triggered a crash or potentially be leveraged to achieve code execution. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9. | |||||
| CVE-2025-49703 | 1 Microsoft | 5 365 Apps, Office, Office Long Term Servicing Channel and 2 more | 2025-07-16 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-49726 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more | 2025-07-16 | N/A | 7.8 HIGH |
| Use after free in Windows Notification allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-49725 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more | 2025-07-16 | N/A | 7.8 HIGH |
| Use after free in Windows Notification allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-49724 | 1 Microsoft | 10 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 7 more | 2025-07-16 | N/A | 8.8 HIGH |
| Use after free in Windows Connected Devices Platform Service allows an unauthorized attacker to execute code over a network. | |||||
| CVE-2025-49733 | 1 Microsoft | 10 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 7 more | 2025-07-16 | N/A | 7.8 HIGH |
| Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-7657 | 1 Google | 1 Chrome | 2025-07-16 | N/A | 8.8 HIGH |
| Use after free in WebRTC in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2025-49685 | 1 Microsoft | 8 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 5 more | 2025-07-15 | N/A | 7.0 HIGH |
| Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-49677 | 1 Microsoft | 1 Windows 11 22h2 | 2025-07-15 | N/A | 7.0 HIGH |
| Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-49700 | 1 Microsoft | 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more | 2025-07-15 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-49699 | 1 Microsoft | 6 365 Apps, Office, Office Long Term Servicing Channel and 3 more | 2025-07-15 | N/A | 7.0 HIGH |
| Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-49698 | 1 Microsoft | 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more | 2025-07-15 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-49675 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-15 | N/A | 7.8 HIGH |
| Use after free in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-49695 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2025-07-15 | N/A | 8.4 HIGH |
| Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-49665 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-07-15 | N/A | 7.8 HIGH |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Workspace Broker allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-49711 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2025-07-15 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-49682 | 1 Microsoft | 8 Windows 10 21h2, Windows 10 22h2, Windows 11 22h2 and 5 more | 2025-07-15 | N/A | 7.3 HIGH |
| Use after free in Windows Media allows an authorized attacker to elevate privileges locally. | |||||