Lucene search
K

715 matches found

NVD
NVD
added 2026/07/06 9:16 p.m.10 views

CVE-2025-59616

Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input due to accessing already freed memory...

7.8CVSS0.00064EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/06 8:9 p.m.6 views

EUVD-2025-210437

Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input due to accessing already freed memory...

6.6CVSS6.1AI score0.00064EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/06 8:9 p.m.6 views

CVE-2025-59616

Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input due to accessing already freed memory...

6.6CVSS6.1AI score0.00064EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.14 views

PT-2026-55986

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Memory corruption occurs when processing multiple IOCTL Input/Output Control calls that use the same buffer file descriptor input. This issue is caused by a...

7.8CVSS6.1AI score0.00064EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/27 3:5 a.m.10 views

CVE-2026-53228

A flaw was found in the Linux kernel's Simple Internet Transition SIT tunnel driver for IPv6. When processing network traffic with Generic Segmentation Offload GSO enabled, the driver may use a stale pointer to the inner IPv6 header after the socket buffer skb head has been reallocated. This can...

9.8CVSS5.8AI score0.00559EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/26 8:4 a.m.6 views

CVE-2026-53189

A flaw was found in the Linux kernel's memory management, specifically within the huge page mechanism. When a huge page is split, the system updates a counter after releasing a reference to the memory. This timing issue can lead to the system attempting to read from memory that has already been...

7.8CVSS5.7AI score0.00138EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/25 8:1 p.m.22 views

CVE-2026-7531 Use-after-free in PQC hybrid key-share handling

Use-after-free in PQC hybrid key-share handling. This is an incomplete-fix follow-up to CVE-2026-5460 released in 5.9.1: a malicious TLS 1.3 server sending a truncated PQC hybrid KeyShare can still trigger the error cleanup path to operate on freed memory...

2.3CVSS0.00346EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/25 5:1 p.m.6 views

CVE-2026-57236

A flaw was found in Nokogiri, an XML and HTML library for Ruby. When an attacker provides an invalid encoding to the Documentencoding= function, the library frees the document's current encoding string without replacing it. This leaves the document referencing freed memory, which can lead to a...

8.2CVSS5.7AI score0.00331EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in libpng1.6

LIBPNG is a reference library used in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. In versions 1.2.1 through 1.6.55, pngsettRNS and pngsetPLTE each act as aliases for a heap-allocated buffer between pngstruct and pnginfo. This buffer shares a...

7.5CVSS6.7AI score0.01052EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2026/06/23 8:6 p.m.9 views

libpng: libpng: Arbitrary code execution due to use-after-free vulnerability

A flaw was found in libpng, a library used for processing PNG Portable Network Graphics image files. This vulnerability arises from improper memory management where a heap-allocated buffer is aliased between internal data structures. When specific functions are called, a freed memory region can...

7.5CVSS7AI score0.01052EPSS
Exploits1References10
Redos
Redos
added 2026/06/23 12:0 a.m.6 views

ROS-20260623-73-0042

The vulnerability of the bytes.decode function in the CPython interpreter relates to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

9.1CVSS6.2AI score0.00579EPSS
Exploits0
Snyk
Snyk
added 2026/06/19 7:34 p.m.4 views

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free in the optsymbolkeysset. An attacker can cause the application to read from freed memory by toggling the symbolkeys option from true to false on a reused parser instance and then invoking the parse method. Remediation...

8.7CVSS5.9AI score0.00428EPSS
Exploits0References2
OSV
OSV
added 2026/06/18 5:6 p.m.2 views

CVE-2026-48984 pam_usb: xfree() does not call explicit_bzero — sensitive cryptographic material may linger in freed heap

pamusb provides hardware authentication for Linux using ordinary removable media. In versions 0.9.1 and below, the xfree memory release helper in calls free without first zeroing the buffer contents, releasing heap-allocated buffers containing sensitive data — including one-time pad bytes read fr...

4.7CVSS6.1AI score0.00109EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.37 views

PT-2026-50769

Name of the Vulnerable Software and Affected Versions pam usb versions 0.9.1 and earlier Description The xfree memory release helper calls free without zeroing buffer contents first. This results in heap-allocated buffers containing sensitive data, such as one-time pad bytes read from disk, being...

4.7CVSS6AI score0.00109EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2026/06/15 12:0 a.m.3 views

The vulnerability of the Windows operating system’s kernel, which allows a hacker to increase their privileges

The vulnerability of Windows operating system kernels is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS5.8AI score0.00267EPSS
Exploits0References2Affected Software16
EUVD
EUVD
added 2026/06/13 12:34 a.m.12 views

EUVD-2026-36630

Software installed and run as a non-privileged user may conduct GPU system calls to write to arbitrary freed physical pages. Physical memory allocated and freed, without the deferred free mechanism can lead to those resources being used for read/write by the GPU after the kernel module has freed...

5.3AI score0.00118EPSS
Exploits0References2
CVE
CVE
added 2026/06/12 9:57 p.m.23 views

CVE-2026-41158

Summary of CVE-2026-41158: The vulnerability concerns GPU DDK where backed sparse PMRs are not handled by the deferred free mechanism after shrink, allowing a non-privileged user to perform GPU system calls that write to arbitrarily freed physical pages. The root cause is that physical memory all...

7.8CVSS5.3AI score0.00118EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.19 views

PT-2026-49023

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Software installed and run as a non-privileged user may perform GPU system calls to write to arbitrary freed physical pages. This occurs because physical memory...

5.2AI score0.00118EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/08 4:28 p.m.15 views

CVE-2026-46274

A flaw was found in the Linux kernel's input/output work queue io-wq component. This vulnerability occurs because the system incorrectly handles work queue entries, leading to a stale pointer. A local attacker could exploit this issue by manipulating work queue operations. Successful exploitation...

7.8CVSS5.4AI score0.00138EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/04 2:3 a.m.9 views

CVE-2026-8829

HTML::Entities versions before 3.84 for Perl read freed heap memory in decodeentities. The XS routine backing HTML::Entities::decodeentities cached a pointer repl into the entity-value SV returned by hvfetch on the entity2char hash. When the input SV was identical to a value SV in that hash, and...

5.9AI score0.0031EPSS
Exploits0References3
Rows per page
Query Builder