20 matches found
Microsoft Windows win32full Improper Release Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull...
CVE-2025-10865
Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of reference counting to cause a potential use after free. Improper reference counting on an internal resource caused scenario where potential for use after free was present...
CVE-2025-10865
Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of reference counting to cause a potential use after free. Improper reference counting on an internal resource caused scenario where potential for use after free was present...
CVE-2025-10865
CVE-2025-10865 affects the Imagination Graphics DDK (GPU driver) where DevmemIntGetReservationData does not properly ref the PMR, leading to improper reference counting and a potential use-after-free vulnerability. The issue is described as arising when unprivileged users run GPU system calls, wi...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from improper handling of reference counting during netpoll cleanup, which could lead to a memory leak...
CVE-2021-30264
Possible use after free due improper validation of reference from call back to internal store table in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure a...
kernel: vmxnet3: disable rx data ring on dma allocation failure
A vulnerability was found in the Linux kernel's vmxnet3 driver in the vmxnet3rqcreate function, where this issue occurs when memory allocation fails for the RX data ring, leading to an improper reference size that may cause the hypervisor to access invalid memory during packet reception, which ca...
Linux kernel 资源管理错误漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an improper reference to vma in the hugetlb error path...
The vulnerability of the PLUGScheduler component in Windows operating systems allows a hacker to increase their privileges.
The vulnerability of the PLUGScheduler component in Windows operating systems is related to an incorrect definition of the reference before accessing the file. Exploiting this vulnerability can allow an attacker to increase their privileges...
SUSE CVE-2016-0975
Use-after-free vulnerability in the instanceof function in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260...
kernel: use-after-free due to improper update of reference count in net/sched/cls_u32.c
A use-after-free flaw was found in u32change in net/sched/clsu32.c in the network subcomponent of the Linux kernel. This flaw allows a local attacker to crash the system, cause a privilege escalation, and leak kernel information...
CVE-2022-38999
The AOD module has the improper update of reference count vulnerability. Successful exploitation of this vulnerability may affect data integrity, confidentiality, and availability...
PT-2022-14353 · Ion · Ion
Name of the Vulnerable Software and Affected Versions: ion affected versions not specified Description: The issue is related to a possible use after free due to improper update of reference count in ion. This could lead to local escalation of privilege with no additional execution privileges...
CVE-2022-22195
An Improper Update of Reference Count vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to trigger a counter overflow, eventually causing a Denial of Service DoS. This issue affects Juniper Networks Junos OS Evolved: All versions...
The vulnerability of the mysql_install_db function in the MariaDB database management system arises from an improper definition of the reference before accessing the file, allowing attackers to escalate their privileges.
The vulnerability of the mysqlinstalldb function in the MariaDB database management system is related to an incorrect definition of the reference before accessing the file. Exploiting this vulnerability can allow attackers to enhance their privileges...
nss: Use-after-free in sftk_FreeSession due to improper refcounting
A use-after-free flaw was found in Mozilla Network Security Services NSS related to PK11 session handling. An attacker could use this flaw to execute arbitrary code with the permissions of the user running the application compiled with NSS...
CVE-2016-0975
Use-after-free vulnerability in the instanceof function in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260...
CVE-2016-0975
Use-after-free vulnerability in the instanceof function in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260...
CVE-2016-0975
Use-after-free vulnerability in the instanceof function in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260...
w3wp remote DoS due to improper reference of STA COM components in ASP.NET
Often developers forget to use the “AspCompat” directive which is required while referencing COM components in ASP.NET. Missing AspCompat directive causes general instability and poor performance of the web application, just a simple increase of load on a web server may cause it to crash. After...