Skip to main content
CVE-2020-36937 HIGH POC This Week

MEmusvc Windows service contains a vulnerability that allows attackers to potentially execute arbitrary code (CVSS 7.8).

Windows
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2020-36936 HIGH POC This Week

Magic Mouse 2 Utilities 2.20 contains an unquoted service path vulnerability in its Windows service configuration. Attackers can exploit the unquoted path to inject malicious executables and gain elevated system privileges by placing a malicious file in the service path. [CVSS 7.8 HIGH]

Windows
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2020-36934 HIGH POC This Week

DeepNetworkService contains a vulnerability that allows attackers to potentially execute code with elevated privileges (CVSS 7.8).

Windows
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2020-36935 HIGH POC This Week

Service KMSELDI configuration contains a vulnerability that allows attackers to potentially execute arbitrary code (CVSS 7.8).

RCE
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2020-36933 HIGH POC This Week

HTC IPTInstaller 4.0.9 contains an unquoted service path vulnerability in the PassThru Service configuration. Attackers can exploit the unquoted binary path to inject and execute malicious code with elevated LocalSystem privileges. [CVSS 7.8 HIGH]

Code Injection
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23012 HIGH PATCH This Week

A use-after-free vulnerability in Linux kernel DAMON subsystem allows local users with sysfs write permissions to trigger memory corruption by calling damon_call() against inactive contexts, causing dangling pointers in the call_controls list. An attacker could leverage this to achieve information disclosure or denial of service, though exploitation complexity is moderate due to permission requirements. The vulnerability currently lacks a patch and affects Linux kernel versions with the vulnerable DAMON code.

Linux Use After Free Information Disclosure Memory Corruption Linux Kernel +2
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23004 HIGH PATCH This Week

A race condition in Linux kernel routing code allows local authenticated attackers to cause a denial of service by triggering a kernel crash through unsynchronized list operations in rt6_uncached_list_del() and rt_del_uncached_list(). The vulnerability occurs when concurrent CPU operations on list data structures result in use-after-free conditions during list initialization. No patch is currently available for this medium-severity issue.

Linux Denial Of Service Google Race Condition
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23001 HIGH PATCH This Week

A use-after-free vulnerability in the Linux kernel's macvlan driver allows local attackers with user privileges to cause memory corruption and potential privilege escalation through improper RCU synchronization in the macvlan_forward_source() function. The flaw stems from missing RCU protection when clearing vlan pointers during source entry deletion, enabling attackers to access freed memory structures. No patch is currently available for this HIGH severity vulnerability affecting Linux distributions.

Linux Google Use After Free Memory Corruption Information Disclosure
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23010 HIGH PATCH This Week

A use-after-free vulnerability in the Linux kernel's IPv6 address deletion function allows local attackers with user privileges to corrupt memory and potentially execute arbitrary code or cause a denial of service. The flaw occurs when ipv6_del_addr() is called prematurely before temporary address flags are read, leaving a dangling pointer reference. No patch is currently available for this high-severity vulnerability affecting Linux systems.

Linux Use After Free Information Disclosure Memory Corruption Google
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-22999 HIGH PATCH This Week

The Linux kernel's QFQ packet scheduler contains a use-after-free vulnerability in the qfq_change_class() function that incorrectly frees class and qdisc objects during error conditions, potentially causing a crash or memory corruption. A local attacker with unprivileged access can trigger this vulnerability to achieve a denial of service. A patch is available to resolve this issue.

Linux Information Disclosure
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-71162 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: dmaengine: tegra-adma: Fix use-after-free A use-after-free bug exists in the Tegra ADMA driver when audio streams are terminated, particularly during XRUN conditions. [CVSS 7.8 HIGH]

Linux Use After Free Denial Of Service Memory Corruption
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-22998 HIGH PATCH This Week

The Linux kernel's NVMe-TCP implementation fails to validate pointer initialization in nvmet_tcp_build_pdu_iovec(), allowing remote attackers to trigger NULL pointer dereferences and cause denial of service by sending H2C_DATA PDUs before completing proper command initialization. An unauthenticated network attacker can exploit this vulnerability to crash the kernel without requiring user interaction or special privileges.

Linux Null Pointer Dereference Denial Of Service
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-22997 HIGH PATCH This Week

The Linux kernel's CAN J1939 protocol implementation fails to properly deactivate sessions when receiving duplicate request-to-send messages, causing reference count leaks that prevent network device cleanup. A local attacker with user-level privileges can trigger this condition to cause a denial of service by exhausting kernel resources and preventing proper device unregistration. A patch is available to resolve the session lifecycle management issue.

Linux Information Disclosure
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-23013 HIGH PATCH This Week

The Linux kernel's Octeon EP VF driver contains a use-after-free vulnerability in IRQ error handling where mismatched device IDs between request_irq() and free_irq() calls can leave IRQ handlers registered after their associated memory is freed. A local attacker with standard privileges can trigger an interrupt after the vulnerable ioq_vector structure is deallocated, causing a kernel crash or potential code execution. No patch is currently available.

Linux Use After Free Denial Of Service Memory Corruption Red Hat +1
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy