Total
7294 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-5702 | 2 Mozilla, Redhat | 7 Firefox, Thunderbird, Enterprise Linux and 4 more | 2025-04-04 | 7.5 High |
| Memory corruption in the networking stack could have led to a potentially exploitable crash. This vulnerability affects Firefox < 125, Firefox ESR < 115.12, and Thunderbird < 115.12. | ||||
| CVE-2021-33641 | 1 Openeuler | 1 Byacc | 2025-04-03 | 7.8 High |
| When processing files, malloc stores the data of the current line. When processing comments, malloc incorrectly accesses the released memory (use after free). | ||||
| CVE-2023-0358 | 1 Gpac | 1 Gpac | 2025-04-03 | 7.8 High |
| Use After Free in GitHub repository gpac/gpac prior to 2.3.0-DEV. | ||||
| CVE-2022-45748 | 1 Assimp | 1 Assimp | 2025-04-03 | 8.8 High |
| An issue was discovered with assimp 5.1.4, a use after free occurred in function ColladaParser::ExtractDataObjectFromChannel in file /code/AssetLib/Collada/ColladaParser.cpp. | ||||
| CVE-2024-27205 | 1 Google | 1 Android | 2025-04-03 | 8.4 High |
| there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-27213 | 1 Google | 1 Android | 2025-04-03 | 8.4 High |
| In BroadcastSystemMessage of servicemgr.cpp, there is a possible Remote Code Execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-25985 | 1 Google | 1 Android | 2025-04-03 | 8.4 High |
| In bigo_unlocked_ioctl of bigo.c, there is a possible UAF due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-25385 | 1 Flvmeta | 1 Flvmeta | 2025-04-03 | 6.2 Medium |
| An issue in flvmeta v.1.2.2 allows a local attacker to cause a denial of service via the flvmeta/src/flv.c:375:21 function in flv_close. | ||||
| CVE-2024-25199 | 2 Opennav, Openrobotics | 2 Nav2, Robot Operating System | 2025-04-02 | 8.1 High |
| Inappropriate pointer order of map_sub_ and map_free(map_) (amcl_node.cpp) in Open Robotics Robotic Operating Sytstem 2 (ROS2) and Nav2 humble versions leads to a use-after-free. | ||||
| CVE-2024-25198 | 2 Opennav, Openrobotics | 2 Nav2, Robot Operating System | 2025-04-02 | 9.1 Critical |
| Inappropriate pointer order of laser_scan_filter_.reset() and tf_listener_.reset() (amcl_node.cpp) in Open Robotics Robotic Operating Sytstem 2 (ROS2) and Nav2 humble versions leads to a use-after-free. | ||||
| CVE-2023-0414 | 1 Wireshark | 1 Wireshark | 2025-04-02 | 6.3 Medium |
| Crash in the EAP dissector in Wireshark 4.0.0 to 4.0.2 allows denial of service via packet injection or crafted capture file | ||||
| CVE-2023-20928 | 1 Google | 1 Android | 2025-04-02 | 7.8 High |
| In binder_vma_close of binder.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-254837884References: Upstream kernel | ||||
| CVE-2023-20925 | 1 Google | 1 Android | 2025-04-02 | 7.8 High |
| In setUclampMinLocked of PowerSessionManager.cpp, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-236674672References: N/A | ||||
| CVE-2023-20920 | 1 Google | 1 Android | 2025-04-02 | 7.8 High |
| In queue of UsbRequest.java, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-204584366 | ||||
| CVE-2025-2476 | 1 Google | 1 Chrome | 2025-04-01 | 8.8 High |
| Use after free in Lens in Google Chrome prior to 134.0.6998.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) | ||||
| CVE-2024-4771 | 1 Mozilla | 1 Firefox | 2025-04-01 | 8.6 High |
| A memory allocation check was missing which would lead to a use-after-free if the allocation failed. This could have triggered a crash or potentially be leveraged to achieve code execution. This vulnerability affects Firefox < 126. | ||||
| CVE-2024-4770 | 2 Mozilla, Redhat | 7 Firefox, Thunderbird, Enterprise Linux and 4 more | 2025-04-01 | 8.8 High |
| When saving a page to PDF, certain font styles could have led to a potential use-after-free crash. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. | ||||
| CVE-2024-4764 | 1 Mozilla | 1 Firefox | 2025-04-01 | 9.8 Critical |
| Multiple WebRTC threads could have claimed a newly connected audio input leading to use-after-free. This vulnerability affects Firefox < 126. | ||||
| CVE-2024-27284 | 1 Cassandra-rs Project | 1 Cassandra-rs | 2025-04-01 | 7.5 High |
| cassandra-rs is a Cassandra (CQL) driver for Rust. Code that attempts to use an item (e.g., a row) returned by an iterator after the iterator has advanced to the next item will be accessing freed memory and experience undefined behaviour. The problem has been fixed in version 3.0.0. | ||||
| CVE-2023-0469 | 1 Linux | 1 Linux Kernel | 2025-04-01 | 5.5 Medium |
| A use-after-free flaw was found in io_uring/filetable.c in io_install_fixed_file in the io_uring subcomponent in the Linux Kernel during call cleanup. This flaw may lead to a denial of service. | ||||