Skip to main content

Memory Corruption

15288 CVEs technique

Monthly

CVE-2025-47363 MEDIUM This Month

Memory corruption when calculating oversized partition sizes without proper checks. [CVSS 6.8 MEDIUM]

Memory Corruption Sa8255p Firmware Sa8150p Firmware Qamsrv1m Firmware Qca6696 Firmware +31
NVD
CVSS 3.1
6.8
EPSS
0.0%
CVE-2025-47359 HIGH This Week

Memory Corruption when multiple threads simultaneously access a memory free API. [CVSS 7.8 HIGH]

Memory Corruption Sc8180xp Ad Firmware Wsa8845h Firmware Qca6420 Firmware Wcd9385 Firmware +33
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-47358 HIGH This Week

Memory Corruption when user space address is modified and passed to mem_free API, causing kernel memory to be freed inadvertently. [CVSS 7.8 HIGH]

Linux Memory Corruption X2000092 Firmware Snapdragon 8cx Gen 3 Compute Platform Firmware X2000086 Firmware +18
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-20415 MEDIUM This Month

Android versions up to 15.0 contains a vulnerability that allows attackers to local denial of service if a malicious actor has already obtained the System pri (CVSS 5.5).

Memory Corruption Denial Of Service Android Google
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-1457 HIGH This Week

Remote code execution in TP-Link VIGI C385 cameras results from improper input validation in the Web API that allows authenticated attackers to trigger buffer overflows and corrupt memory. An attacker with valid credentials can exploit this vulnerability to execute arbitrary code with elevated privileges on affected devices. No patch is currently available for this high-severity issue.

TP-Link RCE Buffer Overflow Memory Corruption Vigi C385 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2020-37011 HIGH POC This Week

Gnome Fonts Viewer 3.34.0 contains a heap corruption vulnerability that allows attackers to trigger an out-of-bounds write by crafting a malicious TTF font file. [CVSS 7.5 HIGH]

Memory Corruption Buffer Overflow
NVD Exploit-DB VulDB
CVSS 4.0
8.4
EPSS
0.0%
CVE-2026-24857 CRITICAL POC Act Now

bulk_extractor digital forensics tool starting from version 1.4 has a heap buffer overflow in its embedded unrar code that can be triggered by crafted RAR archives.

Industrial Memory Corruption Denial Of Service Bulk Extractor Suse
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-24869 HIGH PATCH This Week

Firefox versions prior to 147.0.2 contain a use-after-free vulnerability in the Layout: Scrolling and Overflow component that can be triggered by user interaction, allowing remote attackers to achieve code execution with high integrity and confidentiality impact. The vulnerability requires network access and user interaction but does not require authentication, making it exploitable through malicious web content. No patch is currently available for this vulnerability.

Use After Free Memory Corruption Buffer Overflow Mozilla
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-69419 HIGH PATCH This Week

Issue summary: Calling PKCS12_get_friendlyname() function on a maliciously crafted PKCS#12 file with a BMPString (UTF-16BE) friendly name containing non-ASCII BMP code point can trigger a one byte write before the allocated buffer. [CVSS 7.4 HIGH]

OpenSSL Memory Corruption Denial Of Service Buffer Overflow
NVD GitHub VulDB
CVSS 3.1
7.4
EPSS
0.1%
CVE-2025-68160 MEDIUM PATCH This Month

Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. [CVSS 4.7 MEDIUM]

OpenSSL Memory Corruption Denial Of Service Buffer Overflow
NVD GitHub VulDB
CVSS 3.1
4.7
EPSS
0.0%
CVE-2025-66199 MEDIUM POC PATCH This Month

Issue summary: A TLS 1.3 connection using certificate compression can be forced to allocate a large buffer before decompression without checking against the configured certificate size limit. [CVSS 5.9 MEDIUM]

OpenSSL TLS Memory Corruption Denial Of Service Information Disclosure +2
NVD GitHub VulDB
CVSS 3.1
5.9
EPSS
0.1%
CVE-2025-15467 HIGH POC PATCH CISA Act Now

OpenSSL has a critical out-of-bounds write when parsing CMS AuthEnvelopedData/EnvelopedData with malicious AEAD parameters, enabling potential RCE.

OpenSSL RCE Buffer Overflow Memory Corruption
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
1.0%
Threat
5.3
CVE-2026-1489 MEDIUM PATCH CISA This Month

GLib's Unicode case conversion function contains an integer overflow flaw that causes undersized memory allocation when processing extremely large strings, enabling out-of-bounds writes. Applications using GLib for string operations could experience crashes or instability when exposed to specially crafted input. No patch is currently available for this medium-severity vulnerability.

Memory Corruption Buffer Overflow
NVD VulDB
CVSS 3.1
5.4
EPSS
0.1%
CVE-2026-1484 MEDIUM PATCH CISA This Month

GLib's Base64 encoder miscalculates buffer boundaries when handling extremely large inputs due to integer type misuse, potentially causing out-of-bounds memory writes. Applications processing untrusted large Base64 data could experience crashes or unpredictable behavior, though code execution is not indicated by the vector constraints. No patch is currently available for this medium-severity vulnerability.

Buffer Overflow Memory Corruption
NVD VulDB
CVSS 3.1
4.2
EPSS
0.1%
CVE-2026-23013 HIGH PATCH This Week

The Linux kernel's Octeon EP VF driver contains a use-after-free vulnerability in IRQ error handling where mismatched device IDs between request_irq() and free_irq() calls can leave IRQ handlers registered after their associated memory is freed. A local attacker with standard privileges can trigger an interrupt after the vulnerable ioq_vector structure is deallocated, causing a kernel crash or potential code execution. No patch is currently available.

Linux Use After Free Denial Of Service Memory Corruption Red Hat +1
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-23012 HIGH PATCH This Week

A use-after-free vulnerability in Linux kernel DAMON subsystem allows local users with sysfs write permissions to trigger memory corruption by calling damon_call() against inactive contexts, causing dangling pointers in the call_controls list. An attacker could leverage this to achieve information disclosure or denial of service, though exploitation complexity is moderate due to permission requirements. The vulnerability currently lacks a patch and affects Linux kernel versions with the vulnerable DAMON code.

Linux Use After Free Information Disclosure Memory Corruption Linux Kernel +2
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23010 HIGH PATCH This Week

A use-after-free vulnerability in the Linux kernel's IPv6 address deletion function allows local attackers with user privileges to corrupt memory and potentially execute arbitrary code or cause a denial of service. The flaw occurs when ipv6_del_addr() is called prematurely before temporary address flags are read, leaving a dangling pointer reference. No patch is currently available for this high-severity vulnerability affecting Linux systems.

Linux Use After Free Information Disclosure Memory Corruption Google
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23001 HIGH PATCH This Week

A use-after-free vulnerability in the Linux kernel's macvlan driver allows local attackers with user privileges to cause memory corruption and potential privilege escalation through improper RCU synchronization in the macvlan_forward_source() function. The flaw stems from missing RCU protection when clearing vlan pointers during source entry deletion, enabling attackers to access freed memory structures. No patch is currently available for this HIGH severity vulnerability affecting Linux distributions.

Linux Google Use After Free Memory Corruption Information Disclosure
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-71162 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: dmaengine: tegra-adma: Fix use-after-free A use-after-free bug exists in the Tegra ADMA driver when audio streams are terminated, particularly during XRUN conditions. [CVSS 7.8 HIGH]

Linux Use After Free Denial Of Service Memory Corruption
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-24403 HIGH POC PATCH This Week

Integer overflow in iccDEV's ICC profile parsing (versions 2.3.1.1 and below) allows remote attackers to corrupt memory or trigger denial of service by crafting malicious profile headers with tampered tag tables or offset fields, with public exploit code available. The vulnerability can potentially enable arbitrary code execution or bypass security checks in applications using affected iccDEV libraries. Users should upgrade to version 2.3.1.2 or later to remediate this risk.

Integer Overflow Memory Corruption Iccdev
NVD GitHub
CVSS 3.1
7.1
EPSS
0.2%
CVE-2026-22980 HIGH PATCH This Week

The Linux kernel NFSv4 grace period handler contains a use-after-free vulnerability in the v4_end_grace function that can be triggered by local attackers with unprivileged access, allowing them to read or modify sensitive kernel memory or cause a denial of service. The vulnerability arises from improper synchronization between the grace period shutdown logic and the NFSv4 client tracking mechanism, which can result in memory being accessed after it has been freed. A patch is available to add proper locking that prevents concurrent access to the vulnerable code path.

Linux Use After Free Memory Corruption Authentication Bypass
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-71155 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: KVM: s390: Fix gmap_helper_zap_one_page() again A few checks were missing in gmap_helper_zap_one_page(), which can lead to memory corruption in the guest under specific circumstances. Add the missing checks. [CVSS 7.8 HIGH]

Linux Memory Corruption Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-69764 CRITICAL POC Act Now

Tenda AX3 firmware has another stack-based buffer overflow in formGetIptv through a different input path, enabling remote code execution.

RCE Buffer Overflow Stack Overflow Memory Corruption Ax3 Firmware +1
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-69209 This Week

ArduinoCore-avr contains the source code and configuration files of the Arduino AVR Boards platform. A vulnerability in versions prior to 1.8.7 allows an attacker to trigger a stack-based buffer overflow when converting floating-point values to strings with high precision. By passing very large `decimalPlaces` values to the affected String constructors or concat methods, the `dtostrf` function writes beyond fixed-size stack buffers, causing memory corruption and denial of service. Under speci...

Github Buffer Overflow Stack Overflow Memory Corruption Denial Of Service +1
NVD GitHub
EPSS
0.0%
CVE-2025-69766 CRITICAL POC Act Now

Tenda AX3 firmware has a third stack-based buffer overflow in formGetIptv, allowing unauthenticated remote code execution through the router's web interface.

RCE Buffer Overflow Stack Overflow Memory Corruption Ax3 Firmware +1
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2025-69763 CRITICAL POC Act Now

Tenda AX3 firmware has a second stack overflow in formSetIptv via the vlanId parameter, allowing remote code execution through the IPTV configuration endpoint.

RCE Stack Overflow Memory Corruption Ax3 Firmware Tenda
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2025-69762 CRITICAL POC Act Now

Tenda AX3 firmware v16.03.12.11 has a stack overflow in formSetIptv via the list parameter, enabling remote attackers to crash the router or execute arbitrary code.

RCE Stack Overflow Memory Corruption Ax3 Firmware Tenda
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2026-23884 HIGH POC PATCH This Week

Denial of service and potential remote code execution affects FreeRDP RDP clients prior to version 3.21.0, where deleting an offscreen bitmap leaves the gdi->drawing pointer referencing freed memory and subsequent update packets trigger a use-after-free (CWE-416). A malicious or compromised RDP server can drive a connected client into the freed-memory access, reliably crashing it and potentially corrupting the heap for code execution depending on allocator state. Publicly available exploit code exists, though EPSS exploitation probability is low (0.17%, 38th percentile) and the issue is not listed in CISA KEV.

Use After Free Denial Of Service Freerdp Memory Corruption
NVD GitHub VulDB
CVSS 4.0
7.7
EPSS
0.2%
CVE-2026-23883 HIGH POC PATCH This Week

Client-side denial of service in the FreeRDP RDP client (X11 frontend) prior to version 3.21.0 lets a malicious or compromised RDP server crash the connecting client and potentially corrupt its heap. The flaw is a double-free of the cursor pixel buffer in xf_Pointer_New: on an allocation/setup failure the function frees cursorPixels, and a later pointer_free call invokes xf_Pointer_Free which frees the same buffer again (CWE-416 use-after-free/double-free). Publicly available exploit code exists and an EPSS of 0.17% indicates currently low probability of widespread exploitation; impact is rated availability-only (VA:H), though the description notes heap-corruption could escalate to code execution depending on allocator behavior.

Use After Free Denial Of Service Freerdp Memory Corruption
NVD GitHub VulDB
CVSS 4.0
7.7
EPSS
0.2%
CVE-2025-13845 HIGH This Week

CWE-416: Use After Free vulnerability that could cause remote code execution when the end user imports the malicious project file (SSD file) into Rapsody.

RCE Use After Free Denial Of Service Memory Corruption Ecostruxure Power Build Rapsody
NVD
CVSS 4.0
8.4
EPSS
0.0%
CVE-2025-13844 MEDIUM This Month

CWE-415: Double Free vulnerability exists that could cause heap memory corruption when the end user imports a malicious project file (SSD file) shared by the attacker into Rapsody. [CVSS 5.3 MEDIUM]

Memory Corruption Ecostruxure Power Build Rapsody
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-22853 MEDIUM POC PATCH This Month

FreeRDP RDPEAR NDR array reader has a heap overflow due to missing bounds checking on element counts. Malicious RDP server can overwrite heap memory. PoC available. Fixed in 3.20.1.

Buffer Overflow Freerdp Memory Corruption
NVD GitHub VulDB
CVSS 4.0
6.8
EPSS
0.1%
CVE-2026-22852 CRITICAL POC PATCH Act Now

FreeRDP client before 3.20.1 has a heap buffer overflow in AUDIN format processing. A malicious RDP server can corrupt memory and crash the client. PoC available.

Memory Corruption Denial Of Service Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-22211 MEDIUM This Month

TinyOS versions up to and including 2.1.2 contain a global buffer overflow vulnerability in the printfUART formatted output implementation used within the ZigBee / IEEE 802.15.4 networking stack.

Buffer Overflow Memory Corruption Denial Of Service Information Disclosure
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.0%
CVE-2025-71137 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: fix "UBSAN: shift-out-of-bounds error" This patch ensures that the RX ring size (rx_pending) is not set below the permitted length.

Linux Buffer Overflow Memory Corruption Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-71110 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: mm/slub: reset KASAN tag in defer_free() before accessing freed memory When CONFIG_SLUB_TINY is enabled, kfree_nolock() calls kasan_slab_free() before defer_free().

Linux Use After Free Information Disclosure Memory Corruption Linux Kernel +2
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-71109 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: MIPS: ftrace: Fix memory corruption when kernel is located beyond 32 bits Since commit e424054000878 ("MIPS: Tracing: Reduce the overhead of dynamic Function Tracer"), the macro UASM_i_LA_mostly has been used, and this macro can generate more than 2 instructions.

Linux Buffer Overflow Memory Corruption Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-71099 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Fix potential UAF in xe_oa_add_config_ioctl() In xe_oa_add_config_ioctl(), we accessed oa_config->id after dropping metrics_lock.

Linux Use After Free Information Disclosure Memory Corruption Linux Kernel +2
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-71092 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix OOB write in bnxt_re_copy_err_stats() Commit ef56081d1864 ("RDMA/bnxt_re: RoCE related hardware counters update") added three new counters and placed them after BNXT_RE_OUT_OF_SEQ_ERR.

Linux Buffer Overflow Memory Corruption Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-71075 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: scsi: aic94xx: fix use-after-free in device removal path The asd_pci_remove() function fails to synchronize with pending tasklets before freeing the asd_ha structure, leading to a potential use-after-free vulnerability.

Linux Use After Free Memory Corruption Information Disclosure
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-71073 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: Input: lkkbd - disable pending work before freeing device lkkbd_interrupt() schedules lk->tq via schedule_work(), and the work handler lkkbd_reinit() dereferences the lkkbd structure and its serio/input_dev fields.

Linux Use After Free Information Disclosure Memory Corruption Linux Kernel +2
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-71071 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: fix use-after-free on probe deferral The driver is dropping the references taken to the larb devices during probe after successful lookup as well as on errors.

Linux Use After Free Mediatek Memory Corruption Information Disclosure +3
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-68792 PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: tpm2-sessions: Fix out of range indexing in name_size 'name_size' does not have any range checks, and it just directly indexes with TPM_ALG_ID, which could lead into memory corruption at worst.

Linux Memory Corruption Linux Kernel
NVD VulDB
EPSS
0.0%
CVE-2026-0885 MEDIUM PATCH This Month

Memory corruption in Firefox and Thunderbird's JavaScript garbage collection engine allows remote attackers to crash the application or potentially leak sensitive information without user interaction. The vulnerability affects Firefox versions below 147, Firefox ESR below 140.7, Thunderbird below 147, and Thunderbird ESR below 140.7, with no patch currently available.

Use After Free Memory Corruption Mozilla Information Disclosure
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-0884 CRITICAL PATCH Act Now

Firefox JavaScript engine has a use-after-free vulnerability. Affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147 and < 140.7.

Use After Free Memory Corruption Mozilla Information Disclosure
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-0882 HIGH PATCH This Week

A use-after-free vulnerability in the IPC component of Firefox (versions below 147 and ESR versions below 115.32/140.7) and Thunderbird (versions below 147 and 140.7) enables remote code execution when users interact with malicious content. The flaw requires user interaction and network access, allowing attackers to achieve full system compromise with high integrity and confidentiality impact. No patch is currently available for this vulnerability.

Use After Free Memory Corruption Mozilla Information Disclosure Thunderbird
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-69195 HIGH PATCH This Week

A flaw was found in GNU Wget2. This vulnerability, a stack-based buffer overflow, occurs in the filename sanitization logic when processing attacker-controlled URL paths, particularly when filename restriction options are active. [CVSS 7.6 HIGH]

Buffer Overflow Stack Overflow Memory Corruption Denial Of Service Wget2 +2
NVD
CVSS 3.1
7.6
EPSS
0.1%
CVE-2026-21869 HIGH POC This Week

Llama.cpp server endpoints fail to validate the n_discard parameter from JSON input, allowing negative values that trigger out-of-bounds memory writes when the context buffer fills. This memory corruption vulnerability affects LLM inference operations and can be exploited remotely without authentication to crash the service or achieve code execution; public exploit code exists and no patch is currently available.

RCE Memory Corruption Denial Of Service AI / ML Llama.Cpp +2
NVD GitHub
CVSS 3.1
8.8
EPSS
0.3%
CVE-2026-22184 MEDIUM PATCH This Month

Local privilege escalation in zlib 1.3.1.2 and earlier allows authenticated users to achieve arbitrary code execution through a buffer overflow in the contrib/untgz utility when processing command-line arguments with excessively long archive names. The vulnerability affects only the standalone untgz demonstration tool and does not impact the core zlib library. No patch is currently available.

Buffer Overflow Memory Corruption Zlib
NVD GitHub VulDB
CVSS 4.0
4.6
EPSS
0.0%
CVE-2025-47396 HIGH PATCH This Week

Memory corruption occurs when a secure application is launched on a device with insufficient memory. [CVSS 7.8 HIGH]

Memory Corruption Snapdragon Ar1 Gen 1 Platform Firmware Wcd9395 Firmware Wcn3950 Firmware Wcn7750 Firmware +39
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-47394 HIGH PATCH This Week

Memory corruption when copying overlapping buffers during memory operations due to incorrect offset calculations. [CVSS 7.8 HIGH]

Memory Corruption Sg6150 Firmware Snapdragon 6 Gen 1 Mobile Platform Firmware Video Collaboration Vc1 Platform Firmware Wcn7881 Firmware +40
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-47393 HIGH This Week

Memory corruption when accessing resources in kernel driver. [CVSS 7.8 HIGH]

Linux Memory Corruption Qamsrv1h Firmware Qca6595 Firmware Qam8775p Firmware +15
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-47388 HIGH PATCH This Week

Memory corruption while passing pages to DSP with an unaligned starting address. [CVSS 7.8 HIGH]

Memory Corruption Sm6475 Firmware Fastconnect 6200 Firmware Wsa8845h Firmware Wcd9370 Firmware +40
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-47380 HIGH This Week

Memory corruption while preprocessing IOCTLs in sensors. [CVSS 7.8 HIGH]

Memory Corruption Wsa8845 Firmware Wsa8840 Firmware Wcd9378c Firmware X2000090 Firmware +10
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-47356 HIGH This Week

Memory Corruption when multiple threads concurrently access and modify shared resources. [CVSS 7.8 HIGH]

Memory Corruption Fastconnect 7800 Firmware Wcd9385 Firmware Cologne Firmware Wsa8840 Firmware +15
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-47348 HIGH This Week

Memory corruption while processing identity credential operations in the trusted application. [CVSS 7.8 HIGH]

Memory Corruption Qca6696 Firmware Qamsrv1m Firmware Qam8620p Firmware Qca6688aq Firmware +181
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-47346 HIGH This Week

Memory corruption while processing a secure logging command in the trusted application. [CVSS 7.8 HIGH]

Memory Corruption Sm4635 Firmware Wcn7881 Firmware Ar8035 Firmware Fastconnect 7800 Firmware +108
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-47344 MEDIUM PATCH This Month

Memory corruption while handling sensor utility operations. [CVSS 6.7 MEDIUM]

Memory Corruption Wcd9335 Firmware Snapdragon 695 5g Mobile Platform Firmware Qca6698aq Firmware Fastconnect 7800 Firmware +75
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-47343 HIGH This Week

Video Collaboration Vc3 Platform Firmware versions up to - contains a security vulnerability (CVSS 7.8).

Memory Corruption Fastconnect 6700 Firmware Xg101039 Firmware Fastconnect 6900 Firmware X2000086 Firmware +21
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-47339 HIGH This Week

Memory corruption while deinitializing a HDCP session. [CVSS 7.8 HIGH]

Memory Corruption Qca6174a Firmware Qca6678aq Firmware Qca9990 Firmware Qcn6274 Firmware +180
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-47337 MEDIUM PATCH This Month

Memory corruption while accessing a synchronization object during concurrent operations. [CVSS 6.7 MEDIUM]

Memory Corruption Qca6797aq Firmware Qcm5430 Firmware Qca6698aq Firmware Qcs5430 Firmware +58
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-47336 MEDIUM PATCH This Month

Memory corruption while performing sensor register read operations. [CVSS 6.7 MEDIUM]

Memory Corruption Fastconnect 7800 Firmware Sm8735 Firmware Wsa8845 Firmware Sm8750 Firmware +14
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-47335 MEDIUM PATCH This Month

Memory corruption while parsing clock configuration data for a specific hardware type. [CVSS 6.7 MEDIUM]

Memory Corruption Fastconnect 6700 Firmware Sm6650 Firmware Wsa8840 Firmware Wsa8830 Firmware +41
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-47334 MEDIUM PATCH This Month

Memory corruption while processing shared command buffer packet between camera userspace and kernel. [CVSS 6.7 MEDIUM]

Linux Memory Corruption Sm8635p Firmware Wcn7881 Firmware Sm6650 Firmware +132
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-47333 MEDIUM PATCH This Month

Memory corruption while handling buffer mapping operations in the cryptographic driver. [CVSS 6.6 MEDIUM]

Memory Corruption Snapdragon 778g 5g Mobile Platform Firmware Sa6150p Firmware Qam8650p Firmware Qfw7114 Firmware +217
NVD
CVSS 3.1
6.6
EPSS
0.0%
CVE-2025-47332 MEDIUM PATCH This Month

Memory corruption while processing a config call from userspace. [CVSS 6.7 MEDIUM]

Memory Corruption Wsa8815 Firmware Sm8635p Firmware Sm7635p Firmware Sm7550p Firmware +66
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-20806 MEDIUM This Month

In dpe, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. [CVSS 6.7 MEDIUM]

Use After Free Memory Corruption Privilege Escalation Android Google
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-20805 MEDIUM This Month

In dpe, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. [CVSS 6.7 MEDIUM]

Use After Free Memory Corruption Privilege Escalation Android Google
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-20804 MEDIUM This Month

In dpe, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. [CVSS 6.7 MEDIUM]

Use After Free Memory Corruption Privilege Escalation Android Google
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-20803 MEDIUM This Month

In dpe, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. [CVSS 6.7 MEDIUM]

Integer Overflow Memory Corruption Privilege Escalation Android Google
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-20802 MEDIUM This Month

In geniezone, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. [CVSS 6.7 MEDIUM]

Use After Free Memory Corruption Privilege Escalation Android Google
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-20799 HIGH This Week

In c2ps, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. [CVSS 7.8 HIGH]

Use After Free Memory Corruption Privilege Escalation Android Google
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-20787 MEDIUM This Month

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. [CVSS 6.7 MEDIUM]

Use After Free Memory Corruption Privilege Escalation Android Google
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-20786 MEDIUM This Month

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. [CVSS 6.7 MEDIUM]

Use After Free Memory Corruption Privilege Escalation Denial Of Service Buffer Overflow
NVD VulDB
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-20785 MEDIUM This Month

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. [CVSS 6.7 MEDIUM]

Use After Free Memory Corruption Privilege Escalation Android Google
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-20784 MEDIUM This Month

Android versions up to 14.0 contains a vulnerability that allows attackers to local escalation of privilege if a malicious actor has already obtained the Syst (CVSS 6.7).

Memory Corruption Privilege Escalation Android Google
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-20781 HIGH This Week

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. [CVSS 7.8 HIGH]

Use After Free Memory Corruption Privilege Escalation Denial Of Service Buffer Overflow
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-20780 HIGH This Week

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. [CVSS 7.8 HIGH]

Use After Free Memory Corruption Privilege Escalation Android Google
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-66023 MEDIUM PATCH This Month

NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. Versions prior to 0.24.5 have a Heap-Use-After-Free (UAF) vulnerability within the MQTT bridge client component (implemented via the underlying NanoNNG library). [CVSS 4.9 MEDIUM]

Use After Free Memory Corruption Denial Of Service Nanomq
NVD GitHub
CVSS 3.1
4.9
EPSS
0.1%
CVE-2025-14739 MEDIUM This Month

Access of Uninitialized Pointer vulnerability in TP-Link WR940N and WR941ND allows local unauthenticated attackers the ability to execute DoS attack and potentially arbitrary code execution under the context of the ‘root’ user.This issue affects WR940N and WR941ND: ≤ WR940N v5 3.20.1 Build 200316, ≤ WR941ND v6 3.16.9 Build 151203.

Memory Corruption TP-Link RCE
NVD
CVSS 4.0
6.8
EPSS
0.0%
CVE-2025-14860 CRITICAL PATCH Act Now

Remote code execution in Mozilla Firefox via use-after-free in Disability Access APIs allows unauthenticated network attackers to compromise browser integrity with high impact. The vulnerability (CWE-416) affects Firefox versions prior to 146.0.1 and requires no user interaction or special privileges. With CVSS 9.8 (Critical) but low EPSS (0.07%, 21st percentile), real-world exploitation probability remains limited despite theoretical severity. No public exploit identified at time of analysis, and vendor-released patch 146.0.1 available.

Memory Corruption Mozilla Use After Free Information Disclosure Suse
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-43529 HIGH KEV PATCH THREAT Act Now

WebKit arbitrary code execution via use-after-free memory corruption affects Safari 26.2, iOS/iPadOS 18.7.3 through 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, and watchOS 26.2, allowing remote attackers to execute arbitrary code by convincing users to visit malicious websites. This vulnerability is confirmed actively exploited (CISA KEV) in extremely sophisticated targeted attacks against specific individuals on iOS versions prior to iOS 26, per Apple's security bulletin. EPSS score of 0.12% (32nd percentile) significantly understates real-world risk given confirmed exploitation. Related vulnerability CVE-2025-14174 was issued for the same exploitation campaign, suggesting a complex attack chain targeting Apple ecosystem users.

Apple Use After Free RCE Memory Corruption Red Hat +1
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-43539 HIGH This Week

Memory corruption via out-of-bounds write in Apple operating systems allows remote attackers to execute arbitrary code when victims process a malicious file. The vulnerability affects macOS (Sonoma 14.x, Sequoia 15.x, Tahoe 26.x), iOS/iPadOS (18.x, 26.x), tvOS, visionOS, and watchOS 26.x. Despite a high CVSS score of 8.8, EPSS data indicates only 0.05% exploitation probability (15th percentile), and no public exploit code or active exploitation is confirmed. The flaw stems from inadequate bounds checking (CWE-787) in file processing routines, requiring user interaction but no authentication, making it a realistic phishing or malicious download target.

Apple iOS macOS Memory Corruption
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-43532 LOW Monitor

Memory corruption in Apple operating systems due to insufficient bounds checking allows local authenticated users to cause denial of service through malicious data processing, affecting iOS, iPadOS, macOS, tvOS, visionOS, and watchOS. The vulnerability requires local access and user interaction, with no public exploit identified; EPSS score of 0.02% indicates minimal real-world exploitation probability despite the assigned CVSS score of 2.8.

Apple iOS macOS Memory Corruption Denial Of Service
NVD
CVSS 3.1
2.8
EPSS
0.0%
CVE-2025-43520 MEDIUM POC KEV THREAT This Month

Apple kernel memory corruption in multiple operating systems allows a malicious application to cause unexpected system termination or write kernel memory via an out-of-bounds write flaw addressed in watchOS 26.1, iOS 18.7.2, and macOS Tahoe 26.1.

Buffer Overflow Apple Memory Corruption
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
Threat
4.1
CVE-2025-43511 MEDIUM PATCH This Month

Use-after-free memory corruption in Apple WebKit allows remote attackers to crash Safari and iOS/iPadOS applications via maliciously crafted web content, resulting in denial of service. The vulnerability affects Safari 26.2, iOS 18.7.2 and 26.2, iPadOS 18.7.2 and 26.2, macOS Tahoe 26.2, visionOS 26.2, and watchOS 26.2. No public exploit code has been identified, and the vulnerability is not confirmed as actively exploited; however, the network-accessible attack vector and low complexity make it a moderate priority despite the low EPSS score.

Apple Use After Free Denial Of Service Ipados Iphone Os +1
NVD VulDB
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-43402 HIGH This Week

Memory corruption in macOS kernel allows authenticated local users to execute arbitrary code or crash the system. Apple fixed the vulnerability via improved memory handling in macOS Sequoia 15.7.4, Sonoma 14.8.4, and Tahoe 26.1. With CVSS 7.8 (High severity) reflecting local attack vector requiring low privileges, and EPSS at 0.01% (2nd percentile), this represents a moderate real-world risk despite high CVSS scoring. No public exploit identified at time of analysis, and no evidence of active exploitation (not in CISA KEV).

Apple macOS Memory Corruption Denial Of Service
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-66590 HIGH This Week

Out-of-bounds write in AzeoTech DAQFactory release 20.7 (Build 2555) enables arbitrary code execution or denial of service when a local user opens or interacts with attacker-supplied content. The flaw was reported through CISA ICS-CERT and disclosed in ICS advisory ICSA-25-345-03, indicating ICS/SCADA operational technology impact, though no public exploit identified at time of analysis and no CISA KEV listing exists.

Memory Corruption Buffer Overflow RCE Daqfactory
NVD GitHub VulDB
CVSS 4.0
8.4
EPSS
0.2%
CVE-2025-66588 HIGH This Week

Arbitrary code execution in AzeoTech DAQFactory release 20.7 (Build 2555) is possible when a local user opens or interacts with attacker-supplied content that triggers an access-of-uninitialized-pointer condition. The flaw was reported through CISA ICS-CERT and is tracked in ICS advisory ICSA-25-345-03; no public exploit identified at time of analysis and the CVSS 4.0 vector (AV:L/AC:L/PR:N/UI:A) indicates local vector with required user interaction rather than remote network exploitation.

Memory Corruption RCE Daqfactory
NVD GitHub VulDB
CVSS 4.0
8.4
EPSS
0.2%
CVE-2025-66586 HIGH This Week

Type confusion in AzeoTech DAQFactory 20.7 (Build 2555) enables arbitrary code execution when a user opens a maliciously crafted .ctl project file, corrupting memory in the parser and running attacker-controlled code in the process context. Reported through CISA ICS-CERT and tracked in ICS advisory ICSA-25-345-03, the flaw affects industrial data acquisition and HMI deployments; no public exploit identified at time of analysis and EPSS data was not provided.

Memory Corruption Buffer Overflow Daqfactory
NVD GitHub VulDB
CVSS 4.0
7.3
EPSS
0.0%
EPSS 0% CVSS 6.8
MEDIUM This Month

Memory corruption when calculating oversized partition sizes without proper checks. [CVSS 6.8 MEDIUM]

Memory Corruption Sa8255p Firmware Sa8150p Firmware +33
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory Corruption when multiple threads simultaneously access a memory free API. [CVSS 7.8 HIGH]

Memory Corruption Sc8180xp Ad Firmware Wsa8845h Firmware +35
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory Corruption when user space address is modified and passed to mem_free API, causing kernel memory to be freed inadvertently. [CVSS 7.8 HIGH]

Linux Memory Corruption X2000092 Firmware +20
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Android versions up to 15.0 contains a vulnerability that allows attackers to local denial of service if a malicious actor has already obtained the System pri (CVSS 5.5).

Memory Corruption Denial Of Service Android +1
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Remote code execution in TP-Link VIGI C385 cameras results from improper input validation in the Web API that allows authenticated attackers to trigger buffer overflows and corrupt memory. An attacker with valid credentials can exploit this vulnerability to execute arbitrary code with elevated privileges on affected devices. No patch is currently available for this high-severity issue.

TP-Link RCE Buffer Overflow +2
NVD
EPSS 0% CVSS 8.4
HIGH POC This Week

Gnome Fonts Viewer 3.34.0 contains a heap corruption vulnerability that allows attackers to trigger an out-of-bounds write by crafting a malicious TTF font file. [CVSS 7.5 HIGH]

Memory Corruption Buffer Overflow
NVD Exploit-DB VulDB
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

bulk_extractor digital forensics tool starting from version 1.4 has a heap buffer overflow in its embedded unrar code that can be triggered by crafted RAR archives.

Industrial Memory Corruption Denial Of Service +2
NVD GitHub
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Firefox versions prior to 147.0.2 contain a use-after-free vulnerability in the Layout: Scrolling and Overflow component that can be triggered by user interaction, allowing remote attackers to achieve code execution with high integrity and confidentiality impact. The vulnerability requires network access and user interaction but does not require authentication, making it exploitable through malicious web content. No patch is currently available for this vulnerability.

Use After Free Memory Corruption Buffer Overflow +1
NVD VulDB
EPSS 0% CVSS 7.4
HIGH PATCH This Week

Issue summary: Calling PKCS12_get_friendlyname() function on a maliciously crafted PKCS#12 file with a BMPString (UTF-16BE) friendly name containing non-ASCII BMP code point can trigger a one byte write before the allocated buffer. [CVSS 7.4 HIGH]

OpenSSL Memory Corruption Denial Of Service +1
NVD GitHub VulDB
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. [CVSS 4.7 MEDIUM]

OpenSSL Memory Corruption Denial Of Service +1
NVD GitHub VulDB
EPSS 0% CVSS 5.9
MEDIUM POC PATCH This Month

Issue summary: A TLS 1.3 connection using certificate compression can be forced to allocate a large buffer before decompression without checking against the configured certificate size limit. [CVSS 5.9 MEDIUM]

OpenSSL TLS Memory Corruption +4
NVD GitHub VulDB
EPSS 1% 5.3 CVSS 8.8
HIGH POC PATCH Act Now

OpenSSL has a critical out-of-bounds write when parsing CMS AuthEnvelopedData/EnvelopedData with malicious AEAD parameters, enabling potential RCE.

OpenSSL RCE Buffer Overflow +1
NVD GitHub VulDB
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

GLib's Unicode case conversion function contains an integer overflow flaw that causes undersized memory allocation when processing extremely large strings, enabling out-of-bounds writes. Applications using GLib for string operations could experience crashes or instability when exposed to specially crafted input. No patch is currently available for this medium-severity vulnerability.

Memory Corruption Buffer Overflow
NVD VulDB
EPSS 0% CVSS 4.2
MEDIUM PATCH This Month

GLib's Base64 encoder miscalculates buffer boundaries when handling extremely large inputs due to integer type misuse, potentially causing out-of-bounds memory writes. Applications processing untrusted large Base64 data could experience crashes or unpredictable behavior, though code execution is not indicated by the vector constraints. No patch is currently available for this medium-severity vulnerability.

Buffer Overflow Memory Corruption
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH This Week

The Linux kernel's Octeon EP VF driver contains a use-after-free vulnerability in IRQ error handling where mismatched device IDs between request_irq() and free_irq() calls can leave IRQ handlers registered after their associated memory is freed. A local attacker with standard privileges can trigger an interrupt after the vulnerable ioq_vector structure is deallocated, causing a kernel crash or potential code execution. No patch is currently available.

Linux Use After Free Denial Of Service +3
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A use-after-free vulnerability in Linux kernel DAMON subsystem allows local users with sysfs write permissions to trigger memory corruption by calling damon_call() against inactive contexts, causing dangling pointers in the call_controls list. An attacker could leverage this to achieve information disclosure or denial of service, though exploitation complexity is moderate due to permission requirements. The vulnerability currently lacks a patch and affects Linux kernel versions with the vulnerable DAMON code.

Linux Use After Free Information Disclosure +4
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A use-after-free vulnerability in the Linux kernel's IPv6 address deletion function allows local attackers with user privileges to corrupt memory and potentially execute arbitrary code or cause a denial of service. The flaw occurs when ipv6_del_addr() is called prematurely before temporary address flags are read, leaving a dangling pointer reference. No patch is currently available for this high-severity vulnerability affecting Linux systems.

Linux Use After Free Information Disclosure +2
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A use-after-free vulnerability in the Linux kernel's macvlan driver allows local attackers with user privileges to cause memory corruption and potential privilege escalation through improper RCU synchronization in the macvlan_forward_source() function. The flaw stems from missing RCU protection when clearing vlan pointers during source entry deletion, enabling attackers to access freed memory structures. No patch is currently available for this HIGH severity vulnerability affecting Linux distributions.

Linux Google Use After Free +2
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: dmaengine: tegra-adma: Fix use-after-free A use-after-free bug exists in the Tegra ADMA driver when audio streams are terminated, particularly during XRUN conditions. [CVSS 7.8 HIGH]

Linux Use After Free Denial Of Service +1
NVD VulDB
EPSS 0% CVSS 7.1
HIGH POC PATCH This Week

Integer overflow in iccDEV's ICC profile parsing (versions 2.3.1.1 and below) allows remote attackers to corrupt memory or trigger denial of service by crafting malicious profile headers with tampered tag tables or offset fields, with public exploit code available. The vulnerability can potentially enable arbitrary code execution or bypass security checks in applications using affected iccDEV libraries. Users should upgrade to version 2.3.1.2 or later to remediate this risk.

Integer Overflow Memory Corruption Iccdev
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

The Linux kernel NFSv4 grace period handler contains a use-after-free vulnerability in the v4_end_grace function that can be triggered by local attackers with unprivileged access, allowing them to read or modify sensitive kernel memory or cause a denial of service. The vulnerability arises from improper synchronization between the grace period shutdown logic and the NFSv4 client tracking mechanism, which can result in memory being accessed after it has been freed. A patch is available to add proper locking that prevents concurrent access to the vulnerable code path.

Linux Use After Free Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: KVM: s390: Fix gmap_helper_zap_one_page() again A few checks were missing in gmap_helper_zap_one_page(), which can lead to memory corruption in the guest under specific circumstances. Add the missing checks. [CVSS 7.8 HIGH]

Linux Memory Corruption Linux Kernel +2
NVD VulDB
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Tenda AX3 firmware has another stack-based buffer overflow in formGetIptv through a different input path, enabling remote code execution.

RCE Buffer Overflow Stack Overflow +3
NVD
EPSS 0%
This Week

ArduinoCore-avr contains the source code and configuration files of the Arduino AVR Boards platform. A vulnerability in versions prior to 1.8.7 allows an attacker to trigger a stack-based buffer overflow when converting floating-point values to strings with high precision. By passing very large `decimalPlaces` values to the affected String constructors or concat methods, the `dtostrf` function writes beyond fixed-size stack buffers, causing memory corruption and denial of service. Under speci...

Github Buffer Overflow Stack Overflow +3
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Tenda AX3 firmware has a third stack-based buffer overflow in formGetIptv, allowing unauthenticated remote code execution through the router's web interface.

RCE Buffer Overflow Stack Overflow +3
NVD
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Tenda AX3 firmware has a second stack overflow in formSetIptv via the vlanId parameter, allowing remote code execution through the IPTV configuration endpoint.

RCE Stack Overflow Memory Corruption +2
NVD
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Tenda AX3 firmware v16.03.12.11 has a stack overflow in formSetIptv via the list parameter, enabling remote attackers to crash the router or execute arbitrary code.

RCE Stack Overflow Memory Corruption +2
NVD
EPSS 0% CVSS 7.7
HIGH POC PATCH This Week

Denial of service and potential remote code execution affects FreeRDP RDP clients prior to version 3.21.0, where deleting an offscreen bitmap leaves the gdi->drawing pointer referencing freed memory and subsequent update packets trigger a use-after-free (CWE-416). A malicious or compromised RDP server can drive a connected client into the freed-memory access, reliably crashing it and potentially corrupting the heap for code execution depending on allocator state. Publicly available exploit code exists, though EPSS exploitation probability is low (0.17%, 38th percentile) and the issue is not listed in CISA KEV.

Use After Free Denial Of Service Freerdp +1
NVD GitHub VulDB
EPSS 0% CVSS 7.7
HIGH POC PATCH This Week

Client-side denial of service in the FreeRDP RDP client (X11 frontend) prior to version 3.21.0 lets a malicious or compromised RDP server crash the connecting client and potentially corrupt its heap. The flaw is a double-free of the cursor pixel buffer in xf_Pointer_New: on an allocation/setup failure the function frees cursorPixels, and a later pointer_free call invokes xf_Pointer_Free which frees the same buffer again (CWE-416 use-after-free/double-free). Publicly available exploit code exists and an EPSS of 0.17% indicates currently low probability of widespread exploitation; impact is rated availability-only (VA:H), though the description notes heap-corruption could escalate to code execution depending on allocator behavior.

Use After Free Denial Of Service Freerdp +1
NVD GitHub VulDB
EPSS 0% CVSS 8.4
HIGH This Week

CWE-416: Use After Free vulnerability that could cause remote code execution when the end user imports the malicious project file (SSD file) into Rapsody.

RCE Use After Free Denial Of Service +2
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

CWE-415: Double Free vulnerability exists that could cause heap memory corruption when the end user imports a malicious project file (SSD file) shared by the attacker into Rapsody. [CVSS 5.3 MEDIUM]

Memory Corruption Ecostruxure Power Build Rapsody
NVD
EPSS 0% CVSS 6.8
MEDIUM POC PATCH This Month

FreeRDP RDPEAR NDR array reader has a heap overflow due to missing bounds checking on element counts. Malicious RDP server can overwrite heap memory. PoC available. Fixed in 3.20.1.

Buffer Overflow Freerdp Memory Corruption
NVD GitHub VulDB
EPSS 0% CVSS 9.8
CRITICAL POC PATCH Act Now

FreeRDP client before 3.20.1 has a heap buffer overflow in AUDIN format processing. A malicious RDP server can corrupt memory and crash the client. PoC available.

Memory Corruption Denial Of Service Freerdp +2
NVD GitHub VulDB
EPSS 0% CVSS 5.1
MEDIUM This Month

TinyOS versions up to and including 2.1.2 contain a global buffer overflow vulnerability in the printfUART formatted output implementation used within the ZigBee / IEEE 802.15.4 networking stack.

Buffer Overflow Memory Corruption Denial Of Service +1
NVD GitHub VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: fix "UBSAN: shift-out-of-bounds error" This patch ensures that the RX ring size (rx_pending) is not set below the permitted length.

Linux Buffer Overflow Memory Corruption +3
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: mm/slub: reset KASAN tag in defer_free() before accessing freed memory When CONFIG_SLUB_TINY is enabled, kfree_nolock() calls kasan_slab_free() before defer_free().

Linux Use After Free Information Disclosure +4
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: MIPS: ftrace: Fix memory corruption when kernel is located beyond 32 bits Since commit e424054000878 ("MIPS: Tracing: Reduce the overhead of dynamic Function Tracer"), the macro UASM_i_LA_mostly has been used, and this macro can generate more than 2 instructions.

Linux Buffer Overflow Memory Corruption +3
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Fix potential UAF in xe_oa_add_config_ioctl() In xe_oa_add_config_ioctl(), we accessed oa_config->id after dropping metrics_lock.

Linux Use After Free Information Disclosure +4
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix OOB write in bnxt_re_copy_err_stats() Commit ef56081d1864 ("RDMA/bnxt_re: RoCE related hardware counters update") added three new counters and placed them after BNXT_RE_OUT_OF_SEQ_ERR.

Linux Buffer Overflow Memory Corruption +3
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: scsi: aic94xx: fix use-after-free in device removal path The asd_pci_remove() function fails to synchronize with pending tasklets before freeing the asd_ha structure, leading to a potential use-after-free vulnerability.

Linux Use After Free Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: Input: lkkbd - disable pending work before freeing device lkkbd_interrupt() schedules lk->tq via schedule_work(), and the work handler lkkbd_reinit() dereferences the lkkbd structure and its serio/input_dev fields.

Linux Use After Free Information Disclosure +4
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: fix use-after-free on probe deferral The driver is dropping the references taken to the larb devices during probe after successful lookup as well as on errors.

Linux Use After Free Mediatek +5
NVD VulDB
EPSS 0%
PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: tpm2-sessions: Fix out of range indexing in name_size 'name_size' does not have any range checks, and it just directly indexes with TPM_ALG_ID, which could lead into memory corruption at worst.

Linux Memory Corruption Linux Kernel
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Memory corruption in Firefox and Thunderbird's JavaScript garbage collection engine allows remote attackers to crash the application or potentially leak sensitive information without user interaction. The vulnerability affects Firefox versions below 147, Firefox ESR below 140.7, Thunderbird below 147, and Thunderbird ESR below 140.7, with no patch currently available.

Use After Free Memory Corruption Mozilla +1
NVD VulDB
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Firefox JavaScript engine has a use-after-free vulnerability. Affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147 and < 140.7.

Use After Free Memory Corruption Mozilla +1
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

A use-after-free vulnerability in the IPC component of Firefox (versions below 147 and ESR versions below 115.32/140.7) and Thunderbird (versions below 147 and 140.7) enables remote code execution when users interact with malicious content. The flaw requires user interaction and network access, allowing attackers to achieve full system compromise with high integrity and confidentiality impact. No patch is currently available for this vulnerability.

Use After Free Memory Corruption Mozilla +2
NVD VulDB
EPSS 0% CVSS 7.6
HIGH PATCH This Week

A flaw was found in GNU Wget2. This vulnerability, a stack-based buffer overflow, occurs in the filename sanitization logic when processing attacker-controlled URL paths, particularly when filename restriction options are active. [CVSS 7.6 HIGH]

Buffer Overflow Stack Overflow Memory Corruption +4
NVD
EPSS 0% CVSS 8.8
HIGH POC This Week

Llama.cpp server endpoints fail to validate the n_discard parameter from JSON input, allowing negative values that trigger out-of-bounds memory writes when the context buffer fills. This memory corruption vulnerability affects LLM inference operations and can be exploited remotely without authentication to crash the service or achieve code execution; public exploit code exists and no patch is currently available.

RCE Memory Corruption Denial Of Service +4
NVD GitHub
EPSS 0% CVSS 4.6
MEDIUM PATCH This Month

Local privilege escalation in zlib 1.3.1.2 and earlier allows authenticated users to achieve arbitrary code execution through a buffer overflow in the contrib/untgz utility when processing command-line arguments with excessively long archive names. The vulnerability affects only the standalone untgz demonstration tool and does not impact the core zlib library. No patch is currently available.

Buffer Overflow Memory Corruption Zlib
NVD GitHub VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption occurs when a secure application is launched on a device with insufficient memory. [CVSS 7.8 HIGH]

Memory Corruption Snapdragon Ar1 Gen 1 Platform Firmware Wcd9395 Firmware +41
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption when copying overlapping buffers during memory operations due to incorrect offset calculations. [CVSS 7.8 HIGH]

Memory Corruption Sg6150 Firmware Snapdragon 6 Gen 1 Mobile Platform Firmware +42
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption when accessing resources in kernel driver. [CVSS 7.8 HIGH]

Linux Memory Corruption Qamsrv1h Firmware +17
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while passing pages to DSP with an unaligned starting address. [CVSS 7.8 HIGH]

Memory Corruption Sm6475 Firmware Fastconnect 6200 Firmware +42
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption while preprocessing IOCTLs in sensors. [CVSS 7.8 HIGH]

Memory Corruption Wsa8845 Firmware Wsa8840 Firmware +12
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory Corruption when multiple threads concurrently access and modify shared resources. [CVSS 7.8 HIGH]

Memory Corruption Fastconnect 7800 Firmware Wcd9385 Firmware +17
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption while processing identity credential operations in the trusted application. [CVSS 7.8 HIGH]

Memory Corruption Qca6696 Firmware Qamsrv1m Firmware +183
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption while processing a secure logging command in the trusted application. [CVSS 7.8 HIGH]

Memory Corruption Sm4635 Firmware Wcn7881 Firmware +110
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Memory corruption while handling sensor utility operations. [CVSS 6.7 MEDIUM]

Memory Corruption Wcd9335 Firmware Snapdragon 695 5g Mobile Platform Firmware +77
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Video Collaboration Vc3 Platform Firmware versions up to - contains a security vulnerability (CVSS 7.8).

Memory Corruption Fastconnect 6700 Firmware Xg101039 Firmware +23
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption while deinitializing a HDCP session. [CVSS 7.8 HIGH]

Memory Corruption Qca6174a Firmware Qca6678aq Firmware +182
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Memory corruption while accessing a synchronization object during concurrent operations. [CVSS 6.7 MEDIUM]

Memory Corruption Qca6797aq Firmware Qcm5430 Firmware +60
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Memory corruption while performing sensor register read operations. [CVSS 6.7 MEDIUM]

Memory Corruption Fastconnect 7800 Firmware Sm8735 Firmware +16
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Memory corruption while parsing clock configuration data for a specific hardware type. [CVSS 6.7 MEDIUM]

Memory Corruption Fastconnect 6700 Firmware Sm6650 Firmware +43
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Memory corruption while processing shared command buffer packet between camera userspace and kernel. [CVSS 6.7 MEDIUM]

Linux Memory Corruption Sm8635p Firmware +134
NVD
EPSS 0% CVSS 6.6
MEDIUM PATCH This Month

Memory corruption while handling buffer mapping operations in the cryptographic driver. [CVSS 6.6 MEDIUM]

Memory Corruption Snapdragon 778g 5g Mobile Platform Firmware Sa6150p Firmware +219
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Memory corruption while processing a config call from userspace. [CVSS 6.7 MEDIUM]

Memory Corruption Wsa8815 Firmware Sm8635p Firmware +68
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In dpe, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. [CVSS 6.7 MEDIUM]

Use After Free Memory Corruption Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In dpe, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. [CVSS 6.7 MEDIUM]

Use After Free Memory Corruption Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In dpe, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. [CVSS 6.7 MEDIUM]

Use After Free Memory Corruption Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In dpe, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. [CVSS 6.7 MEDIUM]

Integer Overflow Memory Corruption Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In geniezone, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. [CVSS 6.7 MEDIUM]

Use After Free Memory Corruption Privilege Escalation +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

In c2ps, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. [CVSS 7.8 HIGH]

Use After Free Memory Corruption Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. [CVSS 6.7 MEDIUM]

Use After Free Memory Corruption Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. [CVSS 6.7 MEDIUM]

Use After Free Memory Corruption Privilege Escalation +2
NVD VulDB
EPSS 0% CVSS 6.7
MEDIUM This Month

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. [CVSS 6.7 MEDIUM]

Use After Free Memory Corruption Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Android versions up to 14.0 contains a vulnerability that allows attackers to local escalation of privilege if a malicious actor has already obtained the Syst (CVSS 6.7).

Memory Corruption Privilege Escalation Android +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. [CVSS 7.8 HIGH]

Use After Free Memory Corruption Privilege Escalation +2
NVD VulDB
EPSS 0% CVSS 7.8
HIGH This Week

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. [CVSS 7.8 HIGH]

Use After Free Memory Corruption Privilege Escalation +2
NVD
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. Versions prior to 0.24.5 have a Heap-Use-After-Free (UAF) vulnerability within the MQTT bridge client component (implemented via the underlying NanoNNG library). [CVSS 4.9 MEDIUM]

Use After Free Memory Corruption Denial Of Service +1
NVD GitHub
EPSS 0% CVSS 6.8
MEDIUM This Month

Access of Uninitialized Pointer vulnerability in TP-Link WR940N and WR941ND allows local unauthenticated attackers the ability to execute DoS attack and potentially arbitrary code execution under the context of the ‘root’ user.This issue affects WR940N and WR941ND: ≤ WR940N v5 3.20.1 Build 200316, ≤ WR941ND v6 3.16.9 Build 151203.

Memory Corruption TP-Link RCE
NVD
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Remote code execution in Mozilla Firefox via use-after-free in Disability Access APIs allows unauthenticated network attackers to compromise browser integrity with high impact. The vulnerability (CWE-416) affects Firefox versions prior to 146.0.1 and requires no user interaction or special privileges. With CVSS 9.8 (Critical) but low EPSS (0.07%, 21st percentile), real-world exploitation probability remains limited despite theoretical severity. No public exploit identified at time of analysis, and vendor-released patch 146.0.1 available.

Memory Corruption Mozilla Use After Free +2
NVD
EPSS 0% CVSS 8.8
HIGH KEV PATCH THREAT Act Now

WebKit arbitrary code execution via use-after-free memory corruption affects Safari 26.2, iOS/iPadOS 18.7.3 through 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, and watchOS 26.2, allowing remote attackers to execute arbitrary code by convincing users to visit malicious websites. This vulnerability is confirmed actively exploited (CISA KEV) in extremely sophisticated targeted attacks against specific individuals on iOS versions prior to iOS 26, per Apple's security bulletin. EPSS score of 0.12% (32nd percentile) significantly understates real-world risk given confirmed exploitation. Related vulnerability CVE-2025-14174 was issued for the same exploitation campaign, suggesting a complex attack chain targeting Apple ecosystem users.

Apple Use After Free RCE +3
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Memory corruption via out-of-bounds write in Apple operating systems allows remote attackers to execute arbitrary code when victims process a malicious file. The vulnerability affects macOS (Sonoma 14.x, Sequoia 15.x, Tahoe 26.x), iOS/iPadOS (18.x, 26.x), tvOS, visionOS, and watchOS 26.x. Despite a high CVSS score of 8.8, EPSS data indicates only 0.05% exploitation probability (15th percentile), and no public exploit code or active exploitation is confirmed. The flaw stems from inadequate bounds checking (CWE-787) in file processing routines, requiring user interaction but no authentication, making it a realistic phishing or malicious download target.

Apple iOS macOS +1
NVD
EPSS 0% CVSS 2.8
LOW Monitor

Memory corruption in Apple operating systems due to insufficient bounds checking allows local authenticated users to cause denial of service through malicious data processing, affecting iOS, iPadOS, macOS, tvOS, visionOS, and watchOS. The vulnerability requires local access and user interaction, with no public exploit identified; EPSS score of 0.02% indicates minimal real-world exploitation probability despite the assigned CVSS score of 2.8.

Apple iOS macOS +2
NVD
EPSS 0% 4.1 CVSS 5.5
MEDIUM POC KEV THREAT This Month

Apple kernel memory corruption in multiple operating systems allows a malicious application to cause unexpected system termination or write kernel memory via an out-of-bounds write flaw addressed in watchOS 26.1, iOS 18.7.2, and macOS Tahoe 26.1.

Buffer Overflow Apple Memory Corruption
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Use-after-free memory corruption in Apple WebKit allows remote attackers to crash Safari and iOS/iPadOS applications via maliciously crafted web content, resulting in denial of service. The vulnerability affects Safari 26.2, iOS 18.7.2 and 26.2, iPadOS 18.7.2 and 26.2, macOS Tahoe 26.2, visionOS 26.2, and watchOS 26.2. No public exploit code has been identified, and the vulnerability is not confirmed as actively exploited; however, the network-accessible attack vector and low complexity make it a moderate priority despite the low EPSS score.

Apple Use After Free Denial Of Service +3
NVD VulDB
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in macOS kernel allows authenticated local users to execute arbitrary code or crash the system. Apple fixed the vulnerability via improved memory handling in macOS Sequoia 15.7.4, Sonoma 14.8.4, and Tahoe 26.1. With CVSS 7.8 (High severity) reflecting local attack vector requiring low privileges, and EPSS at 0.01% (2nd percentile), this represents a moderate real-world risk despite high CVSS scoring. No public exploit identified at time of analysis, and no evidence of active exploitation (not in CISA KEV).

Apple macOS Memory Corruption +1
NVD
EPSS 0% CVSS 8.4
HIGH This Week

Out-of-bounds write in AzeoTech DAQFactory release 20.7 (Build 2555) enables arbitrary code execution or denial of service when a local user opens or interacts with attacker-supplied content. The flaw was reported through CISA ICS-CERT and disclosed in ICS advisory ICSA-25-345-03, indicating ICS/SCADA operational technology impact, though no public exploit identified at time of analysis and no CISA KEV listing exists.

Memory Corruption Buffer Overflow RCE +1
NVD GitHub VulDB
EPSS 0% CVSS 8.4
HIGH This Week

Arbitrary code execution in AzeoTech DAQFactory release 20.7 (Build 2555) is possible when a local user opens or interacts with attacker-supplied content that triggers an access-of-uninitialized-pointer condition. The flaw was reported through CISA ICS-CERT and is tracked in ICS advisory ICSA-25-345-03; no public exploit identified at time of analysis and the CVSS 4.0 vector (AV:L/AC:L/PR:N/UI:A) indicates local vector with required user interaction rather than remote network exploitation.

Memory Corruption RCE Daqfactory
NVD GitHub VulDB
EPSS 0% CVSS 7.3
HIGH This Week

Type confusion in AzeoTech DAQFactory 20.7 (Build 2555) enables arbitrary code execution when a user opens a maliciously crafted .ctl project file, corrupting memory in the parser and running attacker-controlled code in the process context. Reported through CISA ICS-CERT and tracked in ICS advisory ICSA-25-345-03, the flaw affects industrial data acquisition and HMI deployments; no public exploit identified at time of analysis and EPSS data was not provided.

Memory Corruption Buffer Overflow Daqfactory
NVD GitHub VulDB
Prev Page 23 of 170 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy