Lucene search
K

103881 matches found

BDU FSTEC
BDU FSTEC
added yesterday13 views

The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed, allowing an attacker to execute arbitrary code.

The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

8.4CVSS6AI score0.00425EPSS
Exploits0References2
CVE
CVE
added yesterday4 views

CVE-2025-59617

CVE-2025-59617 describes a memory corruption issue (Use After Free) in Computer Vision when multiple IOCTL calls reuse the same buffer file descriptor input. The CVSS metrics indicate a local attacker with high attack complexity and low privileges, requiring user interaction, with impact to integ...

6.6CVSS6.1AI score
Exploits0References1
Cvelist
Cvelist
added yesterday5 views

CVE-2025-59617 Use After Free in Computer Vision

Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input...

6.6CVSS
Exploits0References1
CVE
CVE
added yesterday3 views

CVE-2025-59616

CVE-2025-59616 : Memory corruption (use-after-free) when processing multiple IOCTL calls using the same buffer file descriptor input, due to accessing memory that has already been freed. Affects the described Computer Vision context; underlying issue is use-after-free in the handling of repeated ...

6.6CVSS6.1AI score
Exploits0References1
Cvelist
Cvelist
added yesterday5 views

CVE-2025-59616 Use After Free in Computer Vision

Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input due to accessing already freed memory...

6.6CVSS
Exploits0References1
CVE
CVE
added yesterday4 views

CVE-2025-59615

CVE-2025-59615 describes a Use-After-Free memory corruption in computer vision code triggered by device IOCTL operations for mapping/unmapping persistent memory buffers, caused by improper synchronization. The issue is rated CVSS v3.1 base score 6.6 (Medium): LOCAL attack, HIGH exploit complexity...

6.6CVSS6AI score
Exploits0References1
OSV
OSV
added yesterday6 views

BIT-PYTHON-2026-6100 Use-after-free in lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile after re-use under memory pressure

Use-after-free UAF was possible in the lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile when a memory allocation fails with a MemoryError and the decompression instance is re-used. This scenario can be triggered if the process is under memory pressure. The fix cleans up the dangling...

9.1CVSS5.7AI score0.00579EPSS
Exploits0References54
OSV
OSV
added yesterday2 views

BIT-LIBPYTHON-2026-6100 Use-after-free in lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile after re-use under memory pressure

Use-after-free UAF was possible in the lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile when a memory allocation fails with a MemoryError and the decompression instance is re-used. This scenario can be triggered if the process is under memory pressure. The fix cleans up the dangling...

9.1CVSS5.7AI score0.00579EPSS
Exploits0References54
RedhatCVE
RedhatCVE
added yesterday5 views

CVE-2026-14760

A flaw was found in radareorg radare2. This vulnerability, a use-after-free, affects the regprofile Handler component. A local attacker can exploit this flaw by performing a specific manipulation, which could lead to a denial of service, making the application unavailable. Mitigation To mitigate...

4.8CVSS5.9AI score0.00115EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added yesterday4 views

openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()

A flaw was found in OpenSSL. When processing a specially crafted PKCS7 or S/MIME Secure/Multipurpose Internet Mail Extensions signed message, a heap use-after-free vulnerability in the PKCS7verify function can be triggered. This occurs if the SignedData digestAlgorithms field is present as an emp...

8.8CVSS6.7AI score0.02719EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added yesterday3 views

kernel: Linux kernel: Use-after-free in traffic control (act_ct) may lead to denial of service or privilege escalation

A flaw was found in the Linux kernel. A use-after-free vulnerability exists in the traffic control actct path when it is incorrectly configured with non-ingress egress qdiscs queueing disciplines. This can allow a local user with specific privileges to trigger a kernel crash, leading to a denial ...

7.8CVSS5.9AI score0.00123EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added yesterday3 views

kernel: mptcp: fix slab-use-after-free in __inet_lookup_established

A flaw was found in the Linux kernel's Multipath TCP MPTCP implementation. Due to incorrect memory allocation for IPv6 subflow child sockets, a use-after-free vulnerability exists. A remote attacker could exploit this by triggering concurrent lookups in the kernel's hash table, potentially leadin...

9.8CVSS6.2AI score0.004EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added yesterday3 views

kernel: ALSA: aloop: Fix peer runtime UAF during format-change stop

A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture aloop driver. This Use-After-Free UAF vulnerability occurs when loopbackcheckformat stops the capture side during a format change, while a concurrent close operation detaches or frees the runtime. An attacker could...

7.8CVSS6.2AI score0.00103EPSS
Exploits0References5
NVD
NVD
added yesterday6 views

CVE-2026-14788

A security vulnerability has been detected in radareorg radare2 up to 6.1.6. Affected by this vulnerability is the function rcorebinload of the file libr/core/cfile.c. Such manipulation leads to use after free. The attack needs to be performed locally. The exploit has been disclosed publicly and...

4.8CVSS0.00115EPSS
Exploits0References7
Cvelist
Cvelist
added yesterday11 views

CVE-2026-14788 radareorg radare2 cfile.c r_core_bin_load use after free

A security vulnerability has been detected in radareorg radare2 up to 6.1.6. Affected by this vulnerability is the function rcorebinload of the file libr/core/cfile.c. Such manipulation leads to use after free. The attack needs to be performed locally. The exploit has been disclosed publicly and...

4.8CVSS0.00115EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added yesterday6 views

CVE-2026-14788

A security vulnerability has been detected in radareorg radare2 up to 6.1.6. Affected by this vulnerability is the function rcorebinload of the file libr/core/cfile.c. Such manipulation leads to use after free. The attack needs to be performed locally. The exploit has been disclosed publicly and...

4.8CVSS5.2AI score0.00115EPSS
Exploits0References7Affected Software1
CVE
CVE
added yesterday9 views

CVE-2026-14788

radare2 (radareorg) up to 6.1.6 contains a use-after-free condition in r_core_bin_load (file libr/core/cfile.c). The issue is exploitable locally and has public exploit information. A patch is available (commit/patch identifier 635ab1eeb30340c26076722a90cb91fb2272130b); applying it is advised to ...

4.8CVSS5.2AI score0.00115EPSS
Exploits0References7
EUVD
EUVD
added yesterday7 views

EUVD-2026-41799

A security vulnerability has been detected in radareorg radare2 up to 6.1.6. Affected by this vulnerability is the function rcorebinload of the file libr/core/cfile.c. Such manipulation leads to use after free. The attack needs to be performed locally. The exploit has been disclosed publicly and...

4.8CVSS5.2AI score0.00115EPSS
Exploits0References7
NVD
NVD
added 2 days ago6 views

CVE-2026-14760

A weakness has been identified in radareorg radare2 up to 6.1.6. Impacted is the function rcoreseekarchbits of the file libr/core/disasm.c of the component regprofile Handler. Executing a manipulation can lead to use after free. The attack requires local access. The exploit has been made availabl...

4.8CVSS0.00115EPSS
Exploits0References7
Cvelist
Cvelist
added 2 days ago36 views

CVE-2026-14760 radareorg radare2 regprofile disasm.c r_core_seek_arch_bits use after free

A weakness has been identified in radareorg radare2 up to 6.1.6. Impacted is the function rcoreseekarchbits of the file libr/core/disasm.c of the component regprofile Handler. Executing a manipulation can lead to use after free. The attack requires local access. The exploit has been made availabl...

4.8CVSS0.00115EPSS
Exploits0References7
Rows per page
Query Builder