Search Results (8325 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-45603 1 Microsoft 26 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 23 more 2026-07-08 7 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2026-45635 1 Microsoft 26 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 23 more 2026-07-08 8.1 High
Access of resource using incompatible type ('type confusion') in Universal Plug and Play (upnp.dll) allows an unauthorized attacker to execute code over a network.
CVE-2026-45601 1 Microsoft 26 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 23 more 2026-07-08 7 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2026-48563 1 Microsoft 18 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 15 more 2026-07-08 7.5 High
Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2026-47654 1 Microsoft 7 Windows Server 2016, Windows Server 2016 (server Core Installation), Windows Server 2019 and 4 more 2026-07-08 7.5 High
Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2026-47653 1 Microsoft 26 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 23 more 2026-07-08 8.8 High
Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2026-45461 1 Microsoft 9 365 Apps, Office, Office 2016 and 6 more 2026-07-08 8.4 High
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-45458 1 Microsoft 13 365 Apps, Microsoft 365, Office 2019 and 10 more 2026-07-08 8.4 High
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-44823 1 Microsoft 9 365 Apps, Excel 2016, Office 2019 and 6 more 2026-07-08 7.8 High
Numeric truncation error in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-45486 1 Microsoft 7 365 Apps, Microsoft 365, Office 2021 and 4 more 2026-07-08 7.8 High
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2026-45474 1 Microsoft 10 365 Apps, Office, Office 2016 and 7 more 2026-07-08 8.4 High
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-45472 1 Microsoft 11 365 Apps, Microsoft 365 Apps For Enterprise, Office and 8 more 2026-07-08 8.4 High
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-48090 1 Envoyproxy 1 Envoy 2026-07-08 5.9 Medium
Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.37.0 until 1.37.5 and 1.38.3, the HTTP OAuth2 filter (envoy.filters.http.oauth2) can leave an in-flight async token exchange attached to a downstream stream that has already been torn down. A late AsyncClient completion can still invoke OAuth2Filter methods that use StreamDecoderFilterCallbacks after that object’s lifetime has ended, causing undefined behavior, worker crashes (availability loss), and use-after-free / invalid-vptr failures under AddressSanitizer. This is a memory-safety / lifetime issue in the data plane, not a trivial config bug. Remote code execution is not claimed here; the primary demonstrated impact is DoS via crash and UB; any further impact would be deployment- and allocator-dependent. This vulnerability is fixed in 1.37.5 and 1.38.3.
CVE-2026-42958 1 Labcenter 1 Proteus 2026-07-08 7.8 High
The application contains a use-after-free vulnerability that can be exploited to cause memory corruption while parsing specially crafted files. This could allow an attacker to execute arbitrary code in the context of the current process.
CVE-2026-60002 1 Openbsd 1 Openssh 2026-07-08 7.7 High
ssh in OpenSSH before 10.4 can have a use-after-free when a server changes its host key during a key re-exchange. (This outcome occurs only on the client side.)
CVE-2025-59615 1 Qualcomm 1 Snapdragon 2026-07-08 6.6 Medium
Memory Corruption when invoking device input/output control operations for mapping and unmapping persistent memory buffers due to improper synchronization.
CVE-2025-59616 1 Qualcomm 1 Snapdragon 2026-07-08 6.6 Medium
Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input due to accessing already freed memory.
CVE-2022-30065 2 Busybox, Siemens 13 Busybox, Scalance Sc622-2c, Scalance Sc622-2c Firmware and 10 more 2026-07-07 7.8 High
A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function.
CVE-2025-59617 1 Qualcomm 1 Snapdragon 2026-07-07 6.6 Medium
Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input.
CVE-2026-54902 1 Ohler 1 Oj 2026-07-06 N/A
Oj (Optimized JSON) is a JSON parser and Object marshaller packaged as a Ruby gem. Prior to version 3.17.2, is vulnerable to Use-After-Free when in SAJ mode. The Oj::Parser does not protect cached object keys (≥ 35 bytes) from garbage collection, and a Ruby callback that triggers GC inside hash_end can cause the key string to be reclaimed while the C parser still holds a pointer to it. The subsequent access to the freed string VALUE results in a segfault, confirmed by an RIP pointing to address 0x4242 (a canary-style pattern suggesting control over the freed memory's content). This issue has been fixed in version 3.17.2.