Total
6312 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-9157 | 1 Appneta | 1 Tcpreplay | 2025-08-21 | 5.3 Medium |
| A vulnerability was determined in appneta tcpreplay up to 4.5.2-beta2. The impacted element is the function untrunc_packet of the file src/tcpedit/edit_packet.c of the component tcprewrite. Executing manipulation can lead to use after free. It is possible to launch the attack on the local host. The exploit has been publicly disclosed and may be utilized. This patch is called 73008f261f1cdf7a1087dc8759115242696d35da. Applying a patch is advised to resolve this issue. | ||||
| CVE-2025-21436 | 1 Qualcomm | 50 Fastconnect 7800, Fastconnect 7800 Firmware, Qmp1000 and 47 more | 2025-08-20 | 7.8 High |
| Memory corruption may occur while initiating two IOCTL calls simultaneously to create processes from two different threads. | ||||
| CVE-2025-21437 | 1 Qualcomm | 62 Qam8255p, Qam8255p Firmware, Qam8295p and 59 more | 2025-08-20 | 7.8 High |
| Memory corruption while processing memory map or unmap IOCTL operations simultaneously. | ||||
| CVE-2025-27031 | 1 Qualcomm | 43 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 40 more | 2025-08-20 | 7.8 High |
| memory corruption while processing IOCTL commands, when the buffer in write loopback mode is accessed after being freed. | ||||
| CVE-2025-21456 | 1 Qualcomm | 129 Ar8035, Ar8035 Firmware, C-v2x 9150 and 126 more | 2025-08-20 | 7.8 High |
| Memory corruption while processing IOCTL command when multiple threads are called to map/unmap buffer concurrently. | ||||
| CVE-2024-27246 | 1 Zoom | 5 Meeting Software Development Kit, Rooms, Workplace and 2 more | 2025-08-20 | 4.3 Medium |
| Use after free in some Zoom Workplace Apps and SDKs may allow an authenticated user to conduct a denial of service via network access. | ||||
| CVE-2025-1432 | 1 Autodesk | 9 Advance Steel, Autocad, Autocad Architecture and 6 more | 2025-08-19 | 7.8 High |
| A maliciously crafted 3DM file, when parsed through Autodesk AutoCAD, can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2025-49761 | 1 Microsoft | 21 Server, Windows, Windows 10 1507 and 18 more | 2025-08-19 | 7.8 High |
| Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-21915 | 1 Linux | 1 Linux Kernel | 2025-08-19 | 7.8 High |
| In the Linux kernel, the following vulnerability has been resolved: cdx: Fix possible UAF error in driver_override_show() Fixed a possible UAF problem in driver_override_show() in drivers/cdx/cdx.c This function driver_override_show() is part of DEVICE_ATTR_RW, which includes both driver_override_show() and driver_override_store(). These functions can be executed concurrently in sysfs. The driver_override_store() function uses driver_set_override() to update the driver_override value, and driver_set_override() internally locks the device (device_lock(dev)). If driver_override_show() reads cdx_dev->driver_override without locking, it could potentially access a freed pointer if driver_override_store() frees the string concurrently. This could lead to printing a kernel address, which is a security risk since DEVICE_ATTR can be read by all users. Additionally, a similar pattern is used in drivers/amba/bus.c, as well as many other bus drivers, where device_lock() is taken in the show function, and it has been working without issues. This potential bug was detected by our experimental static analysis tool, which analyzes locking APIs and paired functions to identify data races and atomicity violations. | ||||
| CVE-2025-53133 | 1 Microsoft | 6 Server, Windows, Windows 11 and 3 more | 2025-08-19 | 7.8 High |
| Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-53132 | 1 Microsoft | 19 Windows, Windows 10 1507, Windows 10 1607 and 16 more | 2025-08-19 | 8 High |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2025-50177 | 1 Microsoft | 21 Windows, Windows 10, Windows 10 1507 and 18 more | 2025-08-19 | 8.1 High |
| Use after free in Windows Message Queuing allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-6636 | 1 Autodesk | 17 3ds Max, Advance Steel, Autocad and 14 more | 2025-08-19 | 7.8 High |
| A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2025-5036 | 1 Autodesk | 1 Revit | 2025-08-19 | 7.8 High |
| A maliciously crafted RFA file, when linked or imported into Autodesk Revit, can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2025-53137 | 1 Microsoft | 19 Windows, Windows 10 1507, Windows 10 1607 and 16 more | 2025-08-19 | 7 High |
| Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-21458 | 1 Qualcomm | 49 Fastconnect 6900, Fastconnect 6900 Firmware, Qam8255p and 46 more | 2025-08-19 | 7.8 High |
| Memory corruption when IOCTL interface is called to map and unmap buffers simultaneously. | ||||
| CVE-2025-21474 | 1 Qualcomm | 91 Fastconnect 6800, Fastconnect 6800 Firmware, Fastconnect 6900 and 88 more | 2025-08-19 | 7.8 High |
| Memory corruption while processing commands from A2dp sink command queue. | ||||
| CVE-2025-26603 | 2 Netapp, Vim | 2 Hci Compute Node, Vim | 2025-08-18 | 4.2 Medium |
| Vim is a greatly improved version of the good old UNIX editor Vi. Vim allows to redirect screen messages using the `:redir` ex command to register, variables and files. It also allows to show the contents of registers using the `:registers` or `:display` ex command. When redirecting the output of `:display` to a register, Vim will free the register content before storing the new content in the register. Now when redirecting the `:display` command to a register that is being displayed, Vim will free the content while shortly afterwards trying to access it, which leads to a use-after-free. Vim pre 9.1.1115 checks in the ex_display() function, that it does not try to redirect to a register while displaying this register at the same time. However this check is not complete, and so Vim does not check the `+` and `*` registers (which typically donate the X11/clipboard registers, and when a clipboard connection is not possible will fall back to use register 0 instead. In Patch 9.1.1115 Vim will therefore skip outputting to register zero when trying to redirect to the clipboard registers `*` or `+`. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2025-49733 | 1 Microsoft | 13 Windows, Windows 10, Windows 10 1809 and 10 more | 2025-08-18 | 7.8 High |
| Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-49725 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more | 2025-08-18 | 7.8 High |
| Use after free in Windows Notification allows an authorized attacker to elevate privileges locally. | ||||