Lucene search
+L

105478 matches found

RedHat Linux
RedHat Linux
added 9 hours ago7 views

kernel: rtmutex: Use waiter::task instead of current in remove_waiter()

A flaw was found in the Linux kernel. When the kernel's real-time mutex rtmutex component performs a specific operation called 'proxy-lock rollback' during futex requeue, it incorrectly handles task pointers. This can lead to a 'Use-After-Free' UAF vulnerability, where the system attempts to use...

7.8CVSS6.7AI score0.00125EPSS
Exploits24References6
RedHat Linux
RedHat Linux
added 9 hours ago7 views

kernel: xfrm: defensively unhash xfrm_state lists in __xfrm_state_delete

A flaw was found in the Linux kernel's xfrm IPSec framework subsystem. This vulnerability, a use-after-free, occurs when the system incorrectly manages memory related to security policies, specifically during the deletion of xfrmstate lists. An attacker with local access could exploit this flaw b...

7.8CVSS6.3AI score0.0013EPSS
Exploits1References5
BDU FSTEC
BDU FSTEC
added 10 hours ago18 views

The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed, allowing an attacker to execute arbitrary code.

The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

8.4CVSS6AI score0.00456EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 13 hours ago4 views

kernel: KVM: x86: Fix shadow paging use-after-free due to unexpected role

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM x86 shadow paging mechanism. This vulnerability occurs when a host page directory entry PDE mapping is changed from within the guest, leading to an unexpected role mismatch in shadow paging. This mismatch can cause a...

7.6AI score0.00176EPSS
Exploits5References6
RedHat Linux
RedHat Linux
added 13 hours ago3 views

kernel: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN

A flaw was found in the Linux kernel's KVM Kernel-based Virtual Machine x86 shadow paging mechanism. This use-after-free vulnerability arises from incorrect handling of Guest Frame Numbers GFNs when guest page tables are modified. A local attacker with control over a guest virtual machine could...

8.8CVSS6.2AI score0.00126EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 18 hours ago3 views

CVE-2026-57076

A flaw was found in YAML::Syck. An attacker could exploit a heap use-after-free vulnerability by providing a specially crafted YAML document that reuses an anchor name as an anchors-table key. This flaw causes the software to read freed heap memory, which may lead to information disclosure or...

7.8CVSS6AI score
Exploits0References5
OSV
OSV
added yesterday2 views

DEBIAN-CVE-2026-57076

YAML::Syck versions before 1.47 for Perl allow a heap use-after-free via an anchor name reused as an anchors-table key in syckhdlraddanchor. In the bundled libsyck an anchor name allocated by syckstrndup is stored both as node-anchor, freed when the node is freed, and as the key in the parser's...

7.8CVSS5.4AI score
Exploits0References1
NVD
NVD
added yesterday5 views

CVE-2026-57076

YAML::Syck versions before 1.47 for Perl allow a heap use-after-free via an anchor name reused as an anchors-table key in syckhdlraddanchor. In the bundled libsyck an anchor name allocated by syckstrndup is stored both as node-anchor, freed when the node is freed, and as the key in the parser's...

7.8CVSS
Exploits0References3
OSV
OSV
added yesterday2 views

DEBIAN-CVE-2026-13713

YAML::Syck versions before 1.47 for Perl allow a use-after-free and double-free via an anchor node freed while still on the parser value stack. In the bundled libsyck, when an anchor name is redefined or removed, syckhdlraddanchor and syckhdlrremoveanchor free the node stored under that name with...

6.2CVSS5.4AI score
Exploits0References1
NVD
NVD
added yesterday6 views

CVE-2026-13713

YAML::Syck versions before 1.47 for Perl allow a use-after-free and double-free via an anchor node freed while still on the parser value stack. In the bundled libsyck, when an anchor name is redefined or removed, syckhdlraddanchor and syckhdlrremoveanchor free the node stored under that name with...

6.2CVSS
Exploits0References3
RedHat Linux
RedHat Linux
added yesterday7 views

kernel: rtmutex: Use waiter::task instead of current in remove_waiter()

A flaw was found in the Linux kernel. When the kernel's real-time mutex rtmutex component performs a specific operation called 'proxy-lock rollback' during futex requeue, it incorrectly handles task pointers. This can lead to a 'Use-After-Free' UAF vulnerability, where the system attempts to use...

7.8CVSS6.8AI score0.00125EPSS
Exploits24References6
RedHat Linux
RedHat Linux
added yesterday4 views

kernel: rtmutex: Use waiter::task instead of current in remove_waiter()

A flaw was found in the Linux kernel. When the kernel's real-time mutex rtmutex component performs a specific operation called 'proxy-lock rollback' during futex requeue, it incorrectly handles task pointers. This can lead to a 'Use-After-Free' UAF vulnerability, where the system attempts to use...

7.8CVSS6.8AI score0.00125EPSS
Exploits24References6
CVE
CVE
added yesterday8 views

CVE-2026-13713

CVE-2026-13713 affects YAML::Syck versions before 1.47 (Perl). A use-after-free and double-free occurs when an anchor is redefined while still on the parser value stack, due to how syck_hdlr_add_anchor and syck_hdlr_remove_anchor free the node. The freed node may still be live on the value stack,...

6.2CVSS6.1AI score
Exploits0References3
Cvelist
Cvelist
added yesterday33 views

CVE-2026-13713 YAML::Syck versions before 1.47 for Perl allow a use-after-free and double-free via an anchor node freed while still on the parser value stack

YAML::Syck versions before 1.47 for Perl allow a use-after-free and double-free via an anchor node freed while still on the parser value stack. In the bundled libsyck, when an anchor name is redefined or removed, syckhdlraddanchor and syckhdlrremoveanchor free the node stored under that name with...

Exploits0References2
OSV
OSV
added yesterday4 views

GHSA-GGXF-9F6J-W742 Diesel has possible use after free when deserializing a SQLite database via `SqliteConnection::deserialize_readonly_database`

Diesel allows loading a SQLite database from a byte buffer, represented as &u8, at runtime via the SqliteConnection::deserializereadonlydatabase function. In previous versions of Diesel, this buffer was passed directly to libsqlite3. Since libsqlite3 requires the buffer to remain alive for as lon...

6.9CVSS6.2AI score
Exploits0References3
RedhatCVE
RedhatCVE
added yesterday6 views

CVE-2026-43731

A flaw was found in WebKitGTK. Processing maliciously crafted web content can trigger a use-after-free due to improper memory management, leading to memory corruption...

8.8CVSS6AI score0.00201EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added yesterday6 views

CVE-2026-43740

A flaw was found in WebKitGTK. Processing maliciously crafted web content can trigger a use-after-free due to improper memory handling, leading to disclosure of process memory...

6.5CVSS6AI score0.00203EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added yesterday5 views

CVE-2026-43742

A flaw was found in WebKitGTK. Processing maliciously crafted web content can trigger a use-after-free due to improper memory management, resulting in an unexpected process crash...

6.5CVSS6AI score0.0025EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added yesterday5 views

CVE-2026-43734

A flaw was found in WebKitGTK. Processing maliciously crafted web content can trigger a use-after-free due to improper memory management, resulting in an unexpected process crash...

6.5CVSS6AI score0.0024EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added yesterday6 views

CVE-2026-43727

A flaw was found in WebKitGTK. Processing maliciously crafted web content can trigger a use-after-free due to improper memory management, resulting in an unexpected process crash...

6.5CVSS6AI score0.00196EPSS
Exploits0References5
Rows per page
Query Builder