Critical
CVSS: 9.8
ALGO 8180 IP Audio Alerter SIP Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not r…
High
CVSS: 7.8
Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. User interaction is required to exploi…
High
CVSS: 8.8
Use after free in ANGLE in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)
High
CVSS: 7.7
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, offscreen bitmap deletion leaves `gdi->drawing` pointing to freed memory, causing UAF when related update packets arrive. A malicious server can trigg…
High
CVSS: 7.7
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, `xf_Pointer_New` frees `cursorPixels` on failure, then `pointer_free` calls `xf_Pointer_Free` and frees it again, triggering ASan UAF. A malicious ser…
High
CVSS: 7.1
A Use After Free vulnerability in the chassis daemon (chassisd) of Juniper Networks Junos OS and Junos OS Evolved allows a network-based attacker authenticated with low privileges to cause a Denial-of-Service (DoS).
When telemetry collecto…
High
CVSS: 7.5
A Use After Free vulnerability was identified in the 802.1X authentication daemon (dot1xd) of Juniper Networks Junos OS and Junos OS Evolved that could allow an authenticated, network-adjacent attacker flapping a port to crash the dot1xd pr…
High
CVSS: 8.4
CWE-416: Use After Free vulnerability that could cause remote code execution when the end user imports the malicious project file (SSD file) into Rapsody.
Medium
CVSS: 6.8
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap use-after-free occurs in irp_thread_func because the IRP is freed by irp->Complete() and then accessed again on the error path. This vulnerability is f…
Critical
CVSS: 9.8
FreeImage 3.18.0 contains a Use After Free in PluginTARGA.cpp;loadRLE().
High
CVSS: 7.8
In the Linux kernel, the following vulnerability has been resolved:
mm/slub: reset KASAN tag in defer_free() before accessing freed memory
When CONFIG_SLUB_TINY is enabled, kfree_nolock() calls kasan_slab_free()
before defer_free(). On AR…
High
CVSS: 7.8
Substance3D - Stager versions 3.1.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a…
High
CVSS: 7.0
Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.
High
CVSS: 8.4
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
High
CVSS: 8.4
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
High
CVSS: 7.8
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
High
CVSS: 7.8
Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally.
High
CVSS: 7.8
Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
High
CVSS: 7.8
Use after free in Desktop Windows Manager allows an authorized attacker to elevate privileges locally.
High
CVSS: 7.8
Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.