Lucene search
K

104578 matches found

BDU FSTEC
BDU FSTEC
added 9 hours ago16 views

The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed, allowing an attacker to execute arbitrary code.

The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

8.4CVSS6AI score0.00425EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 11 hours ago6 views

kernel: md/bitmap: fix GPF in write_page caused by resize race

A flaw was found in the Linux kernel's md/bitmap component. This vulnerability involves a use-after-free race condition that occurs during array resize operations. When the bitmapdaemonwork and bitmapresize functions execute concurrently, they can access memory pages that have already been freed...

4.7CVSS6.1AI score0.00091EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 11 hours ago5 views

kernel: rtmutex: Use waiter::task instead of current in remove_waiter()

A flaw was found in the Linux kernel. When the kernel's real-time mutex rtmutex component performs a specific operation called 'proxy-lock rollback' during futex requeue, it incorrectly handles task pointers. This can lead to a 'Use-After-Free' UAF vulnerability, where the system attempts to use...

7.8CVSS6.8AI score0.00125EPSS
Exploits11References6
RedHat Linux
RedHat Linux
added 12 hours ago3 views

firefox: thunderbird: Use-after-free in the Networking: HTTP component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the Networking: HTTP component...

8.8CVSS6AI score0.00382EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 12 hours ago3 views

firefox: thunderbird: Use-after-free in the Networking: HTTP component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the Networking: HTTP component...

8.8CVSS6AI score0.00382EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 16 hours ago9 views

Important: Red Hat Security Advisory: xorg-x11-server-Xwayland security update

An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9CVSS6.1AI score0.00212EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 16 hours ago6 views

X.org: xorg-x11-server: GLX contextTags Use-After-Free in CommonMakeCurrent()

A flaw was found in the X.org X11 server, specifically within the GLX OpenGL Extension to the X Window System dispatch layer. A remote attacker can exploit this vulnerability by sending a series of crafted X11 requests. This can lead to a use-after-free condition, where the server attempts to wri...

9CVSS6AI score0.00192EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 17 hours ago5 views

firefox: thunderbird: Use-after-free in the Networking: HTTP component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the Networking: HTTP component...

8.8CVSS6AI score0.00382EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 17 hours ago5 views

Important: Red Hat Security Advisory: xorg-x11-server-Xwayland security update

An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common...

7.8CVSS6.8AI score0.00165EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 17 hours ago2 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in FreeCounter()

A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter. A client that sets up multiple SyncCounters and awaits on those triggers can trigger a use-after-free when destroying those counters via a second client connection. This may be used to crash the server, or for...

7.8CVSS6.9AI score0.00154EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 17 hours ago4 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in SyncChangeCounter()

A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter. A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those counters. This may be used to crash the server, or f...

7.8CVSS6.8AI score0.0014EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 17 hours ago2 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in miSyncDestroyFence()

A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence. A client that sets up multiple fence triggers can trigger a use-after-free function pointer call. An attacker would connect to the X server to set up a fence and await that fence, then a second X connection...

7.8CVSS6.9AI score0.00142EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 17 hours ago3 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free information disclosure in CreateSaverWindow()

A use-after-free flaw was found in the X.Org X server and Xwayland in CreateSaverWindow. A client can trigger a use-after-free read after changing window attributes and forcing the screen saver, leading to information disclosure...

5.5CVSS6.1AI score0.00141EPSS
Exploits0References7
Rockylinux
Rockylinux
added 20 hours ago4 views

kernel security update

An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

8.8CVSS6.6AI score0.00176EPSS
Exploits3
NVD
NVD
added yesterday8 views

CVE-2026-10663

In Zephyr's experimental USB host stack CONFIGUSBHOSTSTACK, usbhdevicedisconnect subsys/usb/host/usbhdevice.c freed the root usbdevice slab object without clearing the cached pointer ctx-root. The bus removal handler devremovedhandler subsys/usb/host/usbhcore.c decides what to tear down solely fr...

6.1CVSS
Exploits0References2
CVE
CVE
added yesterday14 views

CVE-2026-10667

Zephyr CVE-2026-10667 affects SMP builds with CONFIG_USERSPACE and dynamic objects (CONFIG_DYNAMIC_OBJECTS). The bug is a use-after-free in the dynamic kernel-object tracker: k_object_wordlist_foreach() iterates obj_list under lists_lock while removals and frees occur under objfree_lock/obj_lock,...

7.8CVSS6.1AI score
Exploits0References2
Cvelist
Cvelist
added yesterday23 views

CVE-2026-10667 SMP use-after-free in Zephyr `CONFIG_USERSPACE` dynamic kernel-object tracking, reachable from unprivileged user threads

Zephyr's dynamic kernel-object tracking kernel/userspace/userspace.c, formerly kernel/userspace.c maintains a doubly-linked list objlist of dynamically allocated kernel objects. Iteration over this list in kobjectwordlistforeach was performed under listslock using the SAFE iterator which caches t...

7.8CVSS
Exploits0References2
Cvelist
Cvelist
added yesterday24 views

CVE-2026-10663 Use-after-free / double-free of the root USB device in the experimental USB host stack

In Zephyr's experimental USB host stack CONFIGUSBHOSTSTACK, usbhdevicedisconnect subsys/usb/host/usbhdevice.c freed the root usbdevice slab object without clearing the cached pointer ctx-root. The bus removal handler devremovedhandler subsys/usb/host/usbhcore.c decides what to tear down solely fr...

6.1CVSS
Exploits0References2
CVE
CVE
added yesterday14 views

CVE-2026-10663

The vulnerability CVE-2026-10663 affects Zephyr’s experimental USB host stack (CONFIG_USB_HOST_STACK). freed root usb_device slab in usbh_device_disconnect() leaves ctx->root dangling; bus removal handler dev_removed_handler() uses ctx->root to decide teardown. Synthesis of DEV_REMOVED even...

6.1CVSS6.1AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2 days ago6 views

CVE-2026-61861

A flaw was found in ImageMagick. This use-after-free vulnerability exists in the FormatMagickCaption method. When memory allocation fails, an attacker can trigger a dangling pointer to reference freed memory. This could potentially lead to a denial of service or arbitrary code execution...

6.3CVSS6.2AI score0.00277EPSS
Exploits0References5
Rows per page
Query Builder