Search Results (9048 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-1689 4 Apple, Debian, Mit and 1 more 5 Mac Os X, Mac Os X Server, Debian Linux and 2 more 2026-04-16 9.8 Critical
Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to execute arbitrary code via certain error conditions.
CVE-2002-0059 2 Redhat, Zlib 3 Linux, Powertools, Zlib 2026-04-16 9.8 Critical
The decompression algorithm in zlib 1.1.3 and earlier, as used in many different utilities and packages, causes inflateEnd to release certain memory more than once (a "double free"), which may allow local and remote attackers to execute arbitrary code via a block of malformed compression data.
CVE-2003-1048 1 Microsoft 8 Internet Explorer, Outlook, Windows 98 and 5 more 2026-04-16 7.8 High
Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image.
CVE-2026-0885 1 Mozilla 3 Firefox, Firefox Esr, Thunderbird 2026-04-15 6.5 Medium
Use-after-free in the JavaScript: GC component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7.
CVE-2026-23013 1 Linux 1 Linux Kernel 2026-04-15 7 High
In the Linux kernel, the following vulnerability has been resolved: net: octeon_ep_vf: fix free_irq dev_id mismatch in IRQ rollback octep_vf_request_irqs() requests MSI-X queue IRQs with dev_id set to ioq_vector. If request_irq() fails part-way, the rollback loop calls free_irq() with dev_id set to 'oct', which does not match the original dev_id and may leave the irqaction registered. This can keep IRQ handlers alive while ioq_vector is later freed during unwind/teardown, leading to a use-after-free or crash when an interrupt fires. Fix the error path to free IRQs with the same ioq_vector dev_id used during request_irq().
CVE-2020-27153 4 Bluez, Debian, Opensuse and 1 more 4 Bluez, Debian Linux, Leap and 1 more 2026-04-15 8.6 High
In BlueZ before 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c. A remote attacker could potentially cause a denial of service or code execution, during service discovery, due to a redundant disconnect MGMT event.
CVE-2026-23207 1 Linux 1 Linux Kernel 2026-04-15 4.7 Medium
In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad: Protect curr_xfer check in IRQ handler Now that all other accesses to curr_xfer are done under the lock, protect the curr_xfer NULL check in tegra_qspi_isr_thread() with the spinlock. Without this protection, the following race can occur: CPU0 (ISR thread) CPU1 (timeout path) ---------------- ------------------- if (!tqspi->curr_xfer) // sees non-NULL spin_lock() tqspi->curr_xfer = NULL spin_unlock() handle_*_xfer() spin_lock() t = tqspi->curr_xfer // NULL! ... t->len ... // NULL dereference! With this patch, all curr_xfer accesses are now properly synchronized. Although all accesses to curr_xfer are done under the lock, in tegra_qspi_isr_thread() it checks for NULL, releases the lock and reacquires it later in handle_cpu_based_xfer()/handle_dma_based_xfer(). There is a potential for an update in between, which could cause a NULL pointer dereference. To handle this, add a NULL check inside the handlers after acquiring the lock. This ensures that if the timeout path has already cleared curr_xfer, the handler will safely return without dereferencing the NULL pointer.
CVE-2026-2772 1 Mozilla 3 Firefox, Firefox Esr, Thunderbird 2026-04-15 8.8 High
Use-after-free in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVE-2026-34854 1 Huawei 2 Emui, Harmonyos 2026-04-15 5.7 Medium
UAF vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
CVE-2026-34859 1 Huawei 2 Emui, Harmonyos 2026-04-15 5.9 Medium
UAF vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
CVE-2026-21235 1 Microsoft 21 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 18 more 2026-04-15 7.3 High
Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
CVE-2026-27292 2 Adobe, Microsoft 2 Framemaker, Windows 2026-04-15 7.8 High
Adobe Framemaker versions 2022.8 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-0882 1 Mozilla 3 Firefox, Firefox Esr, Thunderbird 2026-04-15 8.8 High
Use-after-free in the IPC component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7.
CVE-2026-0884 1 Mozilla 3 Firefox, Firefox Esr, Thunderbird 2026-04-15 9.8 Critical
Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7.
CVE-2026-2767 1 Mozilla 3 Firefox, Firefox Esr, Thunderbird 2026-04-15 8.8 High
Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVE-2026-24869 1 Mozilla 1 Firefox 2026-04-15 8.8 High
Use-after-free in the Layout: Scrolling and Overflow component. This vulnerability was fixed in Firefox 147.0.2.
CVE-2026-21242 1 Microsoft 19 Windows 10 21h2, Windows 10 21h2, Windows 10 22h2 and 16 more 2026-04-15 7 High
Use after free in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally.
CVE-2026-21253 1 Microsoft 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more 2026-04-15 7 High
Use after free in Mailslot File System allows an authorized attacker to elevate privileges locally.
CVE-2026-21251 1 Microsoft 10 Windows Server 2016, Windows Server 2016 (server Core Installation), Windows Server 2019 and 7 more 2026-04-15 7.8 High
Use after free in Windows Cluster Client Failover allows an authorized attacker to elevate privileges locally.
CVE-2026-21241 1 Microsoft 15 Windows 11 22h3, Windows 11 23h2, Windows 11 23h2 and 12 more 2026-04-15 7 High
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.