Search Results (9031 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-0193 2 Linux, Redhat 26 Linux Kernel, Codeready Linux Builder, Codeready Linux Builder For Eus and 23 more 2026-06-05 7.8 High
A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is removed, the element can be deactivated twice. This can cause a use-after-free issue on an NFT_CHAIN object or NFT_OBJECT object, allowing a local unprivileged user with CAP_NET_ADMIN capability to escalate their privileges on the system.
CVE-2025-66585 1 Azeotech 1 Daqfactory 2026-06-04 7.8 High
In AzeoTech DAQFactory release 20.7 (Build 2555), a use after free vulnerability can be exploited to cause memory corruption while parsing specially crafted .ctl files. This could allow an attacker to execute code in the context of the current process.
CVE-2026-50219 1 Libexpat Project 1 Libexpat 2026-06-04 4.9 Medium
libexpat before 2.8.2 lacks handler call depth tracking for calls to XML_GetBuffer, XML_Parse, XML_ParseBuffer, XML_ParserFree, or XML_ParserReset from within handlers in cases of a policy violation. Thus, a use-after-free can occur,
CVE-2026-10703 1 Eipstackgroup 1 Opener 2026-06-03 6.3 Medium
A security vulnerability has been detected in EIPStackGroup OpENer up to 2.3.0. Affected is the function CreateMessageRouterRequestStructure of the file cipmessagerouter.c of the component SendRRData Handler. The manipulation leads to use after free. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report but has not responded yet.
CVE-2026-10000 2 Google, Microsoft 2 Chrome, Windows 2026-06-03 8.3 High
Use after free in Passwords in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-9881 2 Apple, Google 2 Macos, Chrome 2026-06-03 9 Critical
Use after free in Bluetooth in Google Chrome on Mac prior to 148.0.7778.216 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. (Chromium security severity: Critical)
CVE-2026-9886 2 Apple, Google 2 Macos, Chrome 2026-06-03 9.6 Critical
Use after free in Base in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-9890 2 Google, Microsoft 2 Chrome, Windows 2026-06-03 8.3 High
Use after free in XR in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-9893 1 Google 1 Chrome 2026-06-03 8.3 High
Use after free in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-9894 1 Google 1 Chrome 2026-06-03 8.3 High
Use after free in GPU in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-9899 1 Google 1 Chrome 2026-06-03 8.3 High
Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-9902 1 Google 1 Chrome 2026-06-03 8.3 High
Use after free in Accessibility in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-9904 1 Google 1 Chrome 2026-06-03 8.3 High
Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-40361 1 Microsoft 10 365 Apps, Office, Office 2019 and 7 more 2026-06-03 8.4 High
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2019-18269 1 Omron 2 Plc Cj Firmware, Plc Cs Firmware 2026-06-02 8.6 High
Omron’s CS and CJ series PLCs have an unrestricted externally accessible lock vulnerability.
CVE-2019-10996 1 Redlion 1 Crimson 2026-06-02 7.8 High
Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, allow multiple vulnerabilities to be exploited when a valid user opens a specially crafted, malicious input file that can reference memory after it has been freed.
CVE-2022-24946 1 Mitsubishielectric 64 L02cpu, L02cpu-p, L02cpu-p Firmware and 61 more 2026-06-02 7.5 High
Improper Resource Locking vulnerability in Mitsubishi Electric MELSEC iQ-R Series R12CCPU-V firmware versions "16" and prior, Mitsubishi Electric MELSEC-Q Series Q03UDECPU the first 5 digits of serial No. "24061" and prior, Mitsubishi Electric MELSEC-Q Series Q04/06/10/13/20/26/50/100UDEHCPU the first 5 digits of serial No. "24061" and prior, Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU the first 5 digits of serial number "24051" and prior, Mitsubishi Electric MELSEC-Q Series Q04/06/13/26UDPVCPU the first 5 digits of serial number "24051" and prior, Mitsubishi Electric MELSEC-Q Series Q12DCCPU-V all versions, Mitsubishi Electric MELSEC-Q Series Q24DHCCPU-V(G) all versions, Mitsubishi Electric MELSEC-Q Series Q24/26DHCCPU-LS all versions, Mitsubishi Electric MELSEC-L series L02/06/26CPU(-P) the first 5 digits of serial number "24051" and prior, Mitsubishi Electric MELSEC-L series L26CPU-(P)BT the first 5 digits of serial number "24051" and prior and Mitsubishi Electric MELIPC Series MI5122-VW firmware versions "05" and prior allows a remote unauthenticated attacker to cause a denial of service (DoS) condition in Ethernet communications by sending specially crafted packets. A system reset of the products is required for recovery.
CVE-2026-47310 2 Samsung, Samsung Open Source 2 Escargot, Escargot 2026-06-02 7.8 High
Use after free vulnerability in Samsung Open Source Escargot allows Pointer Manipulation. This issue affects Escargot: 590345cc6258317c5da850d846ce6baaf2afc2d3.
CVE-2026-10232 1 Assimp 1 Assimp 2026-06-02 5.3 Medium
A weakness has been identified in Assimp up to 6.0.4. Affected by this vulnerability is the function aiNode::~aiNode of the file scene.cpp of the component ASE File Parser. Executing a manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been made available to the public and could be used for attacks. The project tagged the reported issue as bug.
CVE-2022-31614 1 Nvidia 1 Virtual Gpu 2026-06-02 7 High
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin) where it may double-free some resources. An attacker may exploit this vulnerability with other vulnerabilities to cause denial of service, code execution, and information disclosure.