Search Results (8176 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-41095 1 Microsoft 14 Windows Server 2012, Windows Server 2012 R2, Windows Server 2012 R2 and 11 more 2026-05-15 7.8 High
Use after free in Data Deduplication allows an authorized attacker to elevate privileges locally.
CVE-2026-40382 1 Microsoft 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more 2026-05-15 7.8 High
Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally.
CVE-2026-40402 1 Microsoft 4 Windows 11 22h3, Windows 11 23h2, Windows 11 23h2 and 1 more 2026-05-15 9.3 Critical
Use after free in Windows Hyper-V allows an unauthorized attacker to elevate privileges locally.
CVE-2026-40406 1 Microsoft 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more 2026-05-15 7.5 High
Use after free in Windows TCP/IP allows an unauthorized attacker to disclose information over a network.
CVE-2026-43370 1 Linux 1 Linux Kernel 2026-05-15 7.8 High
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix use-after-free race in VM acquire Replace non-atomic vm->process_info assignment with cmpxchg() to prevent race when parent/child processes sharing a drm_file both try to acquire the same VM after fork(). (cherry picked from commit c7c573275ec20db05be769288a3e3bb2250ec618)
CVE-2026-43374 1 Linux 1 Linux Kernel 2026-05-15 7.8 High
In the Linux kernel, the following vulnerability has been resolved: net: nexthop: fix percpu use-after-free in remove_nh_grp_entry When removing a nexthop from a group, remove_nh_grp_entry() publishes the new group via rcu_assign_pointer() then immediately frees the removed entry's percpu stats with free_percpu(). However, the synchronize_net() grace period in the caller remove_nexthop_from_groups() runs after the free. RCU readers that entered before the publish still see the old group and can dereference the freed stats via nh_grp_entry_stats_inc() -> get_cpu_ptr(nhge->stats), causing a use-after-free on percpu memory. Fix by deferring the free_percpu() until after synchronize_net() in the caller. Removed entries are chained via nh_list onto a local deferred free list. After the grace period completes and all RCU readers have finished, the percpu stats are safely freed.
CVE-2026-43376 1 Linux 1 Linux Kernel 2026-05-15 9.8 Critical
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free by using call_rcu() for oplock_info ksmbd currently frees oplock_info immediately using kfree(), even though it is accessed under RCU read-side critical sections in places like opinfo_get() and proc_show_files(). Since there is no RCU grace period delay between nullifying the pointer and freeing the memory, a reader can still access oplock_info structure after it has been freed. This can leads to a use-after-free especially in opinfo_get() where atomic_inc_not_zero() is called on already freed memory. Fix this by switching to deferred freeing using call_rcu().
CVE-2026-40408 1 Microsoft 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more 2026-05-15 7.8 High
Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.
CVE-2026-40410 1 Microsoft 29 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 26 more 2026-05-15 7 High
Use after free in Windows SMB Client allows an authorized attacker to elevate privileges locally.
CVE-2026-40415 1 Microsoft 22 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 19 more 2026-05-15 8.1 High
Use after free in Windows TCP/IP allows an unauthorized attacker to execute code over a network.
CVE-2025-48521 2026-05-15 N/A
Improper input validation in the AMD Secure Processor (ASP) PCI driver could allow a local attacker to trigger a Use-After-Free (UAF) condition, potentially resulting in a loss of platform integrity or crash.
CVE-2026-8390 1 Mozilla 1 Firefox 2026-05-14 7.3 High
Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 150.0.3.
CVE-2026-34347 1 Microsoft 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more 2026-05-14 7 High
Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
CVE-2026-35418 1 Microsoft 22 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 19 more 2026-05-14 7.8 High
Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
CVE-2026-34331 1 Microsoft 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more 2026-05-14 7 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
CVE-2026-34333 1 Microsoft 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more 2026-05-14 7.8 High
Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
CVE-2026-34338 1 Microsoft 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more 2026-05-14 7.8 High
Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally.
CVE-2026-32161 1 Microsoft 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more 2026-05-14 7.5 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Native WiFi Miniport Driver allows an unauthorized attacker to execute code over an adjacent network.
CVE-2026-33835 1 Microsoft 22 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 19 more 2026-05-14 7.8 High
Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
CVE-2026-42825 1 Microsoft 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more 2026-05-14 7 High
Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally.