Skip to main content

Memory Corruption

15289 CVEs technique

Monthly

CVE-2024-20142 MEDIUM This Month

In V5 DA, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android Google
NVD
CVSS 3.1
6.6
EPSS
0.0%
CVE-2025-21671 HIGH PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: zram: fix potential UAF of zram table If zram_meta_alloc failed early, it frees allocated zram->table without setting it NULL. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Information Disclosure Memory Corruption Use After Free Linux Linux Kernel +2
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-47900 HIGH This Month

Software installed and run as a non-privileged user may conduct improper GPU system calls to access OOB kernel memory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Information Disclosure
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-47899 HIGH This Month

Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Use After Free Information Disclosure
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-47898 HIGH This Month

Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Use After Free Information Disclosure
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-47891 HIGH This Month

Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Use After Free Information Disclosure
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-23969 HIGH This Month

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Buffer Overflow Home Flex Nema 14 50 Plug Firmware Home Flex Hardwired Firmware +1
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-0147 HIGH This Month

Type confusion in the Zoom Workplace App for Linux before 6.2.10 may allow an authorized user to conduct an escalation of privilege via network access. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Privilege Escalation Meeting Software Development Kit Video Software Development Kit Workplace Desktop
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2025-0144 LOW Monitor

Out-of-bounds write in some Zoom Workplace Apps may allow an authorized user to conduct a loss of integrity via network access. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Memory Corruption Buffer Overflow Meeting Software Development Kit Rooms Rooms Controller +4
NVD
CVSS 3.1
3.1
EPSS
0.1%
CVE-2025-0143 MEDIUM Monitor

Out-of-bounds write in the Zoom Workplace App for Linux before version 6.2.5 may allow an unauthorized user to conduct a denial of service via network access. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service Meeting Software Development Kit Video Software Development Kit +1
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-12248 CRITICAL This Week

Contec Health CMS8000 Patient Monitor is vulnerable to an out-of-bounds write, which could allow an attacker to send specially formatted UDP requests in order to write arbitrary data. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Buffer Overflow
NVD
CVSS 4.0
9.3
EPSS
3.4%
CVE-2025-0762 HIGH PATCH This Month

Use after free in DevTools in Google Chrome prior to 132.0.6834.159 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Memory Corruption Use After Free Denial Of Service Chrome +1
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2024-7695 HIGH This Month

Multiple switches are affected by an out-of-bounds write vulnerability. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow
NVD
CVSS 4.0
8.7
EPSS
0.2%
CVE-2024-40676 HIGH This Month

In checkKeyIntent of AccountManagerService.java, there is a possible way to bypass intent security check and install an unknown app due to a confused deputy. Rated high severity (CVSS 7.7), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Privilege Escalation Android Google
NVD
CVSS 3.1
7.7
EPSS
0.1%
CVE-2024-40670 HIGH This Month

In TBD of TBD, there is a possible use after free due to a race condition. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Denial Of Service Privilege Escalation Android +1
NVD
CVSS 3.1
8.4
EPSS
0.0%
CVE-2024-40669 HIGH This Month

In TBD of TBD, there is a possible use after free due to a race condition. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Denial Of Service Privilege Escalation Android +1
NVD
CVSS 3.1
8.4
EPSS
0.0%
CVE-2024-40651 HIGH This Month

In TBD of TBD, there is a possible use-after-free due to a logic error in the code. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Privilege Escalation Android Google
NVD
CVSS 3.1
8.4
EPSS
0.0%
CVE-2024-40649 HIGH This Month

In TBD of TBD, there is a possible use-after-free due to a logic error in the code. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Privilege Escalation Android Google
NVD
CVSS 3.1
8.4
EPSS
0.0%
CVE-2024-34748 HIGH This Month

In _DevmemXReservationPageAddress of devicemem_server.c, there is a possible use-after-free due to improper casting. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Privilege Escalation Android Google
NVD
CVSS 3.1
8.4
EPSS
0.0%
CVE-2018-9373 HIGH This Week

In TdlsexRxFrameHandle of the MTK WLAN driver, there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android Google
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2024-0150 HIGH PATCH This Month

NVIDIA GPU display driver for Windows and Linux contains a vulnerability where data is written past the end or before the beginning of a buffer. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Nvidia Microsoft +3
NVD
CVSS 3.1
7.1
EPSS
0.1%
CVE-2024-0147 MEDIUM PATCH This Month

NVIDIA GPU display driver for Windows and Linux contains a vulnerability where referencing memory after it has been freed can lead to denial of service or data tampering. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Denial Of Service Nvidia Microsoft Memory Corruption +2
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2024-12649 CRITICAL This Week

Buffer overflow in XPS data font processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Memory Corruption Buffer Overflow RCE Mf455dw Firmware +21
NVD
CVSS 3.1
9.8
EPSS
0.3%
CVE-2024-12648 CRITICAL This Week

Buffer overflow in TIFF data EXIF tag processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Memory Corruption Buffer Overflow RCE Mf455dw Firmware +21
NVD
CVSS 3.1
9.8
EPSS
0.3%
CVE-2024-12647 CRITICAL This Week

Buffer overflow in CPCA font download processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Memory Corruption Buffer Overflow RCE Mf455dw Firmware +21
NVD
CVSS 3.1
9.8
EPSS
0.3%
CVE-2025-24154 CRITICAL Act Now

An out-of-bounds write was addressed with improved input validation. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Apple
NVD
CVSS 3.1
9.1
EPSS
0.3%
CVE-2025-24139 MEDIUM This Month

The issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Apple
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-24137 HIGH This Week

A type confusion issue was addressed with improved checks. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Apple
NVD
CVSS 3.1
8.0
EPSS
0.6%
CVE-2025-24129 HIGH This Week

A type confusion issue was addressed with improved checks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Memory Corruption Apple
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2025-24122 MEDIUM This Month

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Apple Intel
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-24118 HIGH This Month

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 27.0% and no vendor patch available.

Memory Corruption Buffer Overflow Apple Ipados macOS +1
NVD
CVSS 3.1
7.1
EPSS
27.0%
CVE-2025-24085 CRITICAL POC KEV THREAT Emergency

Apple CoreMedia contains a use-after-free vulnerability allowing malicious applications to elevate privileges, exploited in the wild against iOS versions before iOS 17.2 as part of targeted surveillance operations.

Memory Corruption Use After Free Apple Denial Of Service
NVD GitHub Exploit-DB VulDB
CVSS 3.1
10.0
EPSS
25.2%
Threat
5.8
CVE-2024-54543 HIGH PATCH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Apple
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2024-54523 MEDIUM This Month

The issue was addressed with improved bounds checks. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Apple
NVD VulDB
CVSS 3.1
6.3
EPSS
0.2%
CVE-2024-54522 HIGH This Week

The issue was addressed with improved bounds checks. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Apple
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-54517 HIGH This Week

The issue was addressed with improved bounds checks. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Apple
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-54509 HIGH This Week

An out-of-bounds write issue was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Apple
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-54507 MEDIUM This Month

A type confusion issue was addressed with improved memory handling. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Memory Corruption Apple
NVD VulDB
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-54499 HIGH This Week

A use-after-free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Use After Free Apple
NVD VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2022-49043 HIGH PATCH This Week

xmlXIncludeAddNode in xinclude.c in libxml2 before 2.11.0 has a use-after-free. Rated high severity (CVSS 8.1), this vulnerability is no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Use After Free Information Disclosure Libxml2 Red Hat +1
NVD GitHub
CVSS 3.1
8.1
EPSS
0.2%
CVE-2024-55194 CRITICAL POC Act Now

OpenImageIO v3.1.0.0dev was discovered to contain a heap overflow via the component /OpenImageIO/fmath.h. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Openimageio Suse
NVD GitHub
CVSS 3.1
9.8
EPSS
0.2%
CVE-2024-55192 CRITICAL POC Act Now

OpenImageIO v3.1.0.0dev was discovered to contain a heap overflow via the component OpenImageIO_v3_1_0::farmhash::inlined::Fetch64(char const*). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Openimageio Suse
NVD GitHub
CVSS 3.1
9.8
EPSS
0.2%
CVE-2024-50664 HIGH POC This Month

gpac 2.4 contains a heap-buffer-overflow at isomedia/sample_descs.c:1799 in gf_isom_new_mpha_description in gpac/MP4Box. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Gpac
NVD GitHub
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-22153 PyPI HIGH PATCH This Month

RestrictedPython is a tool that helps to define a subset of the Python language which allows to provide a program input into a trusted environment. Rated high severity (CVSS 7.9), this vulnerability is remotely exploitable. No vendor patch available.

Memory Corruption Authentication Bypass Python
NVD GitHub
CVSS 3.1
7.9
EPSS
0.1%
CVE-2024-49749 HIGH This Month

In DGifSlurp of dgif_lib.c, there is a possible out of bounds write due to an integer overflow. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Buffer Overflow Android Google
NVD
CVSS 3.1
8.8
EPSS
2.7%
CVE-2024-49748 CRITICAL This Week

In gatts_process_primary_service_req of gatt_sr.cc, there is a possible out of bounds write due to a heap buffer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Buffer Overflow Android Google
NVD
CVSS 3.1
9.8
EPSS
5.6%
CVE-2024-49745 HIGH This Month

In growData of Parcel.cpp, there is a possible out of bounds write due to an incorrect bounds check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android Google
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-49738 HIGH This Month

In writeInplace of Parcel.cpp, there is a possible out of bounds write. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android Google
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-43096 HIGH This Month

In build_read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Buffer Overflow Android Google
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2024-24423 HIGH POC This Month

The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_esm_message_container function at. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service Magma
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2024-24422 HIGH POC This Month

The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a stack overflow in the decode_protocol_configuration_options function at. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service Magma
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2023-37032 HIGH POC This Week

A Stack-based buffer overflow in the Mobile Management Entity (MME) of Magma versions <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows remote attackers to crash the MME. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Magma
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2024-57943 HIGH PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: exfat: fix the new buffer was not zeroed before writing Before writing, if a buffer_head marked as new, its data must be zeroed,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Memory Corruption Linux Linux Kernel Red Hat +1
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-24014 MEDIUM PATCH Monitor

Vim is an open source, command line text editor. Rated medium severity (CVSS 4.2). This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Vim Hci Compute Node Firmware Red Hat +1
NVD GitHub
CVSS 3.1
4.2
EPSS
0.1%
CVE-2025-21655 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: io_uring/eventfd: ensure io_eventfd_signal() defers another RCU period io_eventfd_do_signal() is invoked from an RCU callback, but. Rated medium severity (CVSS 4.7). This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Information Disclosure Memory Corruption Use After Free Linux
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2024-57926 HIGH PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Set private->all_drm_private[i]->drm to NULL if mtk_drm_bind returns err The pointer need to be set to NULL,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Mediatek Memory Corruption Linux +3
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-21652 HIGH PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix use-after-free in ipvlan_get_iflink(). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Information Disclosure Memory Corruption Use After Free Linux Linux Kernel +2
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-21650 HIGH PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fixed hclge_fetch_pf_reg accesses bar space out of bounds issue The TQP BAR space is divided into two segments. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Linux Linux Kernel Red Hat +1
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-21631 HIGH PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix waker_bfqq UAF after bfq_split_bfqq() Our syzkaller report a following UAF for v6.6: BUG: KASAN:. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Information Disclosure Memory Corruption Use After Free Linux Linux Kernel +2
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2018-9405 MEDIUM This Month

In BnDmAgent::onTransact of dm_agent.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android Google
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2018-9389 HIGH This Week

In ip6_append_data of ip6_output.c, there is a possible way to achieve code execution due to a heap buffer overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Memory Corruption Buffer Overflow Privilege Escalation Android +1
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-57704 HIGH POC This Week

Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ac8 Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
0.4%
CVE-2024-57703 CRITICAL POC Act Now

Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ac8 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.4%
CVE-2024-57582 CRITICAL POC Act Now

Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the startIP parameter in the formSetPPTPServer function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ac18 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.4%
CVE-2024-57581 CRITICAL POC Act Now

Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the firewallEn parameter in the formSetFirewallCfg function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ac18 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.4%
CVE-2024-57580 CRITICAL POC Act Now

Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ac18 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.2%
CVE-2024-57579 CRITICAL This Week

Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the limitSpeedUp parameter in the formSetClientState function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Tenda Buffer Overflow Ac18 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.5%
CVE-2024-57578 HIGH POC This Week

Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the funcpara1 parameter in the formSetCfm function. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ac18 Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
0.2%
CVE-2024-57577 MEDIUM This Month

Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Tenda Buffer Overflow Ac18 Firmware
NVD GitHub
CVSS 3.1
5.7
EPSS
0.2%
CVE-2024-57575 CRITICAL This Week

Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Tenda Buffer Overflow Ac18 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.4%
CVE-2024-57900 HIGH PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ila: serialize calls to nf_register_net_hooks() syzbot found a race in ila_add_mapping() [1] commit 031ae72825ce ("ila: call. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Google Use After Free Information Disclosure Memory Corruption Linux +3
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-57896 HIGH PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount During the unmount path, at close_ctree(), we. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Google Use After Free Information Disclosure Memory Corruption Linux +3
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-57892 HIGH PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv When mounting ocfs2 and then remounting it as read-only, a. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Information Disclosure Memory Corruption Use After Free Linux Linux Kernel +2
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-57887 HIGH PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: drm: adv7511: Fix use-after-free in adv7533_attach_dsi() The host_node pointer was assigned and freed in adv7533_parse_dt(), and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Information Disclosure Memory Corruption Use After Free Linux Linux Kernel +2
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-57857 HIGH PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Remove direct link to net_device Do not manage a per device direct link to net_device. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Information Disclosure Memory Corruption Use After Free Linux Linux Kernel +2
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-57801 HIGH PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Skip restore TC rules for vport rep without loaded flag During driver unload, unregister_netdev is called after. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Information Disclosure Memory Corruption Use After Free Linux Linux Kernel +2
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-57795 HIGH PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Remove the direct link to net_device The similar patch in siw is in the link:. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Google Use After Free Information Disclosure Memory Corruption Linux +3
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-21138 HIGH This Month

Substance3D - Designer versions 14.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Buffer Overflow Substance 3d Designer
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-21136 HIGH This Month

Substance3D - Designer versions 14.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Buffer Overflow Substance 3d Designer
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-21132 HIGH This Month

Substance3D - Stager versions 3.0.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Buffer Overflow Substance 3d Stager
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-21131 HIGH This Month

Substance3D - Stager versions 3.0.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Buffer Overflow Substance 3d Stager
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-21130 HIGH This Month

Substance3D - Stager versions 3.0.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Buffer Overflow Substance 3d Stager
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-48856 CRITICAL This Week

Out-of-bounds write in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition or execute code in the context of the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Qnx Software Development Platform
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2025-21372 HIGH PATCH This Month

Microsoft Brokering File System Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8). This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Microsoft Memory Corruption Use After Free Information Disclosure Windows 11 24h2 +2
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2025-21366 HIGH PATCH CERT-EU This Month

Microsoft Access Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Microsoft Memory Corruption Use After Free RCE 365 Apps +3
NVD
CVSS 3.1
7.8
EPSS
1.8%
CVE-2025-21362 HIGH PATCH CERT-EU This Month

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Microsoft Memory Corruption Use After Free RCE 365 Apps +4
NVD
CVSS 3.1
8.4
EPSS
0.6%
CVE-2025-21345 HIGH PATCH This Month

Microsoft Office Visio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Microsoft Memory Corruption Use After Free RCE 365 Apps +2
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2025-21335 HIGH KEV PATCH THREAT CERT-EU Act Now

Windows Hyper-V NT Kernel Integration VSP contains a use-after-free vulnerability for local privilege escalation, the third of three Hyper-V zero-days exploited in January 2025.

Microsoft Memory Corruption Use After Free Information Disclosure Windows 10 21h2 +7
NVD
CVSS 3.1
7.8
EPSS
8.7%
CVE-2025-21334 HIGH KEV PATCH THREAT CERT-EU Act Now

Windows Hyper-V NT Kernel Integration VSP contains a use-after-free vulnerability allowing local privilege escalation, the second of three Hyper-V zero-days in January 2025.

Microsoft Memory Corruption Use After Free Information Disclosure Windows 10 21h2 +7
NVD
CVSS 3.1
7.8
EPSS
6.6%
CVE-2025-21326 HIGH PATCH This Month

Internet Explorer Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

RCE Memory Corruption Windows Server 2022 23h2 Windows Server 2025 Microsoft
NVD
CVSS 3.1
7.8
EPSS
0.6%
EPSS 0% CVSS 6.6
MEDIUM This Month

In V5 DA, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: zram: fix potential UAF of zram table If zram_meta_alloc failed early, it frees allocated zram->table without setting it NULL. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Information Disclosure Memory Corruption Use After Free +4
NVD
EPSS 0% CVSS 7.8
HIGH This Month

Software installed and run as a non-privileged user may conduct improper GPU system calls to access OOB kernel memory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Information Disclosure
NVD
EPSS 0% CVSS 7.8
HIGH This Month

Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Use After Free Information Disclosure
NVD
EPSS 0% CVSS 7.8
HIGH This Month

Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Use After Free Information Disclosure
NVD
EPSS 0% CVSS 7.8
HIGH This Month

Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Use After Free Information Disclosure
NVD
EPSS 0% CVSS 8.8
HIGH This Month

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Buffer Overflow +3
NVD
EPSS 1% CVSS 8.8
HIGH This Month

Type confusion in the Zoom Workplace App for Linux before 6.2.10 may allow an authorized user to conduct an escalation of privilege via network access. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Privilege Escalation Meeting Software Development Kit +2
NVD
EPSS 0% CVSS 3.1
LOW Monitor

Out-of-bounds write in some Zoom Workplace Apps may allow an authorized user to conduct a loss of integrity via network access. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Memory Corruption Buffer Overflow Meeting Software Development Kit +6
NVD
EPSS 0% CVSS 4.3
MEDIUM Monitor

Out-of-bounds write in the Zoom Workplace App for Linux before version 6.2.5 may allow an unauthorized user to conduct a denial of service via network access. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service +3
NVD
EPSS 3% CVSS 9.3
CRITICAL This Week

Contec Health CMS8000 Patient Monitor is vulnerable to an out-of-bounds write, which could allow an attacker to send specially formatted UDP requests in order to write arbitrary data. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Buffer Overflow
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Month

Use after free in DevTools in Google Chrome prior to 132.0.6834.159 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Memory Corruption Use After Free +3
NVD
EPSS 0% CVSS 8.7
HIGH This Month

Multiple switches are affected by an out-of-bounds write vulnerability. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow
NVD
EPSS 0% CVSS 7.7
HIGH This Month

In checkKeyIntent of AccountManagerService.java, there is a possible way to bypass intent security check and install an unknown app due to a confused deputy. Rated high severity (CVSS 7.7), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Privilege Escalation Android +1
NVD
EPSS 0% CVSS 8.4
HIGH This Month

In TBD of TBD, there is a possible use after free due to a race condition. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Denial Of Service +3
NVD
EPSS 0% CVSS 8.4
HIGH This Month

In TBD of TBD, there is a possible use after free due to a race condition. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Denial Of Service +3
NVD
EPSS 0% CVSS 8.4
HIGH This Month

In TBD of TBD, there is a possible use-after-free due to a logic error in the code. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Privilege Escalation +2
NVD
EPSS 0% CVSS 8.4
HIGH This Month

In TBD of TBD, there is a possible use-after-free due to a logic error in the code. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Privilege Escalation +2
NVD
EPSS 0% CVSS 8.4
HIGH This Month

In _DevmemXReservationPageAddress of devicemem_server.c, there is a possible use-after-free due to improper casting. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Privilege Escalation +2
NVD
EPSS 2% CVSS 8.8
HIGH This Week

In TdlsexRxFrameHandle of the MTK WLAN driver, there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 7.1
HIGH PATCH This Month

NVIDIA GPU display driver for Windows and Linux contains a vulnerability where data is written past the end or before the beginning of a buffer. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure +5
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

NVIDIA GPU display driver for Windows and Linux contains a vulnerability where referencing memory after it has been freed can lead to denial of service or data tampering. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Denial Of Service Nvidia +4
NVD
EPSS 0% CVSS 9.8
CRITICAL This Week

Buffer overflow in XPS data font processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Memory Corruption Buffer Overflow +23
NVD
EPSS 0% CVSS 9.8
CRITICAL This Week

Buffer overflow in TIFF data EXIF tag processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Memory Corruption Buffer Overflow +23
NVD
EPSS 0% CVSS 9.8
CRITICAL This Week

Buffer overflow in CPCA font download processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Memory Corruption Buffer Overflow +23
NVD
EPSS 0% CVSS 9.1
CRITICAL Act Now

An out-of-bounds write was addressed with improved input validation. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Apple
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

The issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Apple
NVD
EPSS 1% CVSS 8.0
HIGH This Week

A type confusion issue was addressed with improved checks. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Apple
NVD
EPSS 0% CVSS 7.5
HIGH This Week

A type confusion issue was addressed with improved checks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Memory Corruption Apple
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Apple +1
NVD VulDB
EPSS 27% CVSS 7.1
HIGH This Month

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 27.0% and no vendor patch available.

Memory Corruption Buffer Overflow Apple +3
NVD
EPSS 25% 5.8 CVSS 10.0
CRITICAL POC KEV THREAT Emergency

Apple CoreMedia contains a use-after-free vulnerability allowing malicious applications to elevate privileges, exploited in the wild against iOS versions before iOS 17.2 as part of targeted surveillance operations.

Memory Corruption Use After Free Apple +1
NVD GitHub Exploit-DB VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Apple
NVD VulDB
EPSS 0% CVSS 6.3
MEDIUM This Month

The issue was addressed with improved bounds checks. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Apple
NVD VulDB
EPSS 0% CVSS 7.8
HIGH This Week

The issue was addressed with improved bounds checks. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Apple
NVD VulDB
EPSS 0% CVSS 7.8
HIGH This Week

The issue was addressed with improved bounds checks. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Apple
NVD VulDB
EPSS 0% CVSS 7.8
HIGH This Week

An out-of-bounds write issue was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Apple
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM This Month

A type confusion issue was addressed with improved memory handling. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Memory Corruption Apple
NVD VulDB
EPSS 0% CVSS 8.8
HIGH This Week

A use-after-free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Use After Free +1
NVD VulDB
EPSS 0% CVSS 8.1
HIGH PATCH This Week

xmlXIncludeAddNode in xinclude.c in libxml2 before 2.11.0 has a use-after-free. Rated high severity (CVSS 8.1), this vulnerability is no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Use After Free Information Disclosure +3
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

OpenImageIO v3.1.0.0dev was discovered to contain a heap overflow via the component /OpenImageIO/fmath.h. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Openimageio +1
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

OpenImageIO v3.1.0.0dev was discovered to contain a heap overflow via the component OpenImageIO_v3_1_0::farmhash::inlined::Fetch64(char const*). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Openimageio +1
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Month

gpac 2.4 contains a heap-buffer-overflow at isomedia/sample_descs.c:1799 in gf_isom_new_mpha_description in gpac/MP4Box. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Gpac
NVD GitHub
EPSS 0% CVSS 7.9
HIGH PATCH This Month

RestrictedPython is a tool that helps to define a subset of the Python language which allows to provide a program input into a trusted environment. Rated high severity (CVSS 7.9), this vulnerability is remotely exploitable. No vendor patch available.

Memory Corruption Authentication Bypass Python
NVD GitHub
EPSS 3% CVSS 8.8
HIGH This Month

In DGifSlurp of dgif_lib.c, there is a possible out of bounds write due to an integer overflow. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Buffer Overflow +2
NVD
EPSS 6% CVSS 9.8
CRITICAL This Week

In gatts_process_primary_service_req of gatt_sr.cc, there is a possible out of bounds write due to a heap buffer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Buffer Overflow +2
NVD
EPSS 0% CVSS 7.8
HIGH This Month

In growData of Parcel.cpp, there is a possible out of bounds write due to an incorrect bounds check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 7.8
HIGH This Month

In writeInplace of Parcel.cpp, there is a possible out of bounds write. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 8.8
HIGH This Month

In build_read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Buffer Overflow +2
NVD
EPSS 0% CVSS 7.5
HIGH POC This Month

The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_esm_message_container function at. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service +1
NVD
EPSS 0% CVSS 7.5
HIGH POC This Month

The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a stack overflow in the decode_protocol_configuration_options function at. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service +1
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

A Stack-based buffer overflow in the Mobile Management Entity (MME) of Magma versions <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows remote attackers to crash the MME. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Magma
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: exfat: fix the new buffer was not zeroed before writing Before writing, if a buffer_head marked as new, its data must be zeroed,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Memory Corruption Linux +3
NVD
EPSS 0% CVSS 4.2
MEDIUM PATCH Monitor

Vim is an open source, command line text editor. Rated medium severity (CVSS 4.2). This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Vim +3
NVD GitHub
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: io_uring/eventfd: ensure io_eventfd_signal() defers another RCU period io_eventfd_do_signal() is invoked from an RCU callback, but. Rated medium severity (CVSS 4.7). This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Information Disclosure Memory Corruption Use After Free +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Set private->all_drm_private[i]->drm to NULL if mtk_drm_bind returns err The pointer need to be set to NULL,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Mediatek +5
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix use-after-free in ipvlan_get_iflink(). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Information Disclosure Memory Corruption Use After Free +4
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fixed hclge_fetch_pf_reg accesses bar space out of bounds issue The TQP BAR space is divided into two segments. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Linux +3
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix waker_bfqq UAF after bfq_split_bfqq() Our syzkaller report a following UAF for v6.6: BUG: KASAN:. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Information Disclosure Memory Corruption Use After Free +4
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In BnDmAgent::onTransact of dm_agent.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

In ip6_append_data of ip6_output.c, there is a possible way to achieve code execution due to a heap buffer overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Memory Corruption Buffer Overflow +3
NVD
EPSS 0% CVSS 8.8
HIGH POC This Week

Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow +1
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow +1
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the startIP parameter in the formSetPPTPServer function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow +1
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the firewallEn parameter in the formSetFirewallCfg function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow +1
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow +1
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL This Week

Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the limitSpeedUp parameter in the formSetClientState function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Tenda Buffer Overflow +1
NVD GitHub
EPSS 0% CVSS 8.8
HIGH POC This Week

Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the funcpara1 parameter in the formSetCfm function. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow +1
NVD GitHub
EPSS 0% CVSS 5.7
MEDIUM This Month

Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Tenda Buffer Overflow +1
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL This Week

Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Tenda Buffer Overflow +1
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ila: serialize calls to nf_register_net_hooks() syzbot found a race in ila_add_mapping() [1] commit 031ae72825ce ("ila: call. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Google Use After Free Information Disclosure +5
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount During the unmount path, at close_ctree(), we. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Google Use After Free Information Disclosure +5
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv When mounting ocfs2 and then remounting it as read-only, a. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Information Disclosure Memory Corruption Use After Free +4
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: drm: adv7511: Fix use-after-free in adv7533_attach_dsi() The host_node pointer was assigned and freed in adv7533_parse_dt(), and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Information Disclosure Memory Corruption Use After Free +4
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Remove direct link to net_device Do not manage a per device direct link to net_device. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Information Disclosure Memory Corruption Use After Free +4
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Skip restore TC rules for vport rep without loaded flag During driver unload, unregister_netdev is called after. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Information Disclosure Memory Corruption Use After Free +4
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Remove the direct link to net_device The similar patch in siw is in the link:. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Google Use After Free Information Disclosure +5
NVD
EPSS 0% CVSS 7.8
HIGH This Month

Substance3D - Designer versions 14.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Buffer Overflow +1
NVD
EPSS 0% CVSS 7.8
HIGH This Month

Substance3D - Designer versions 14.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Buffer Overflow +1
NVD
EPSS 0% CVSS 7.8
HIGH This Month

Substance3D - Stager versions 3.0.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Buffer Overflow +1
NVD
EPSS 0% CVSS 7.8
HIGH This Month

Substance3D - Stager versions 3.0.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Buffer Overflow +1
NVD
EPSS 0% CVSS 7.8
HIGH This Month

Substance3D - Stager versions 3.0.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Buffer Overflow +1
NVD
EPSS 1% CVSS 9.8
CRITICAL This Week

Out-of-bounds write in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition or execute code in the context of the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Qnx Software Development Platform
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Month

Microsoft Brokering File System Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8). This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Microsoft Memory Corruption Use After Free +4
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Month

Microsoft Access Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Microsoft Memory Corruption Use After Free +5
NVD
EPSS 1% CVSS 8.4
HIGH PATCH This Month

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Microsoft Memory Corruption Use After Free +6
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Month

Microsoft Office Visio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Microsoft Memory Corruption Use After Free +4
NVD
EPSS 9% CVSS 7.8
HIGH KEV PATCH THREAT Act Now

Windows Hyper-V NT Kernel Integration VSP contains a use-after-free vulnerability for local privilege escalation, the third of three Hyper-V zero-days exploited in January 2025.

Microsoft Memory Corruption Use After Free +9
NVD
EPSS 7% CVSS 7.8
HIGH KEV PATCH THREAT Act Now

Windows Hyper-V NT Kernel Integration VSP contains a use-after-free vulnerability allowing local privilege escalation, the second of three Hyper-V zero-days in January 2025.

Microsoft Memory Corruption Use After Free +9
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Month

Internet Explorer Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

RCE Memory Corruption Windows Server 2022 23h2 +2
NVD
Prev Page 40 of 170 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy