| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability |
| Microsoft Brokering File System Elevation of Privilege Vulnerability |
| Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability |
| Windows Telephony Service Remote Code Execution Vulnerability |
| Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability |
| Microsoft Excel Remote Code Execution Vulnerability |
| Microsoft Excel Remote Code Execution Vulnerability |
| Microsoft Office Remote Code Execution Vulnerability |
| Microsoft Excel Remote Code Execution Vulnerability |
| Microsoft Office Remote Code Execution Vulnerability |
| In the Linux kernel, the following vulnerability has been resolved:
HID: uclogic: Correct devm device reference for hidinput input_dev name
Reference the HID device rather than the input device for the devm
allocation of the input_dev name. Referencing the input_dev would lead to a
use-after-free when the input_dev was unregistered and subsequently fires a
uevent that depends on the name. At the point of firing the uevent, the
name would be freed by devres management.
Use devm_kasprintf to simplify the logic for allocating memory and
formatting the input_dev name string. |
| In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix use-after-free in ksmbd_tree_connect_put under concurrency
Under high concurrency, A tree-connection object (tcon) is freed on
a disconnect path while another path still holds a reference and later
executes *_put()/write on it. |
| Memory corruption during concurrent SSR execution due to race condition on the global maps list. |
| Use after free in Site Isolation in Google Chrome prior to 135.0.7049.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| Memory corruption during concurrent access to server info object due to incorrect reference count update. |
| Memory corruption during concurrent buffer access due to modification of the reference count. |
| Memory corruption while encoding JPEG format. |
| Memory corruption while handling multiple IOCTL calls from userspace to operate DMA operations. |
| Use after free in Microsoft Edge (Chromium-based) allows an authorized attacker to execute code over a network. |
| In PHP versions 8.3.* before 8.3.19 and 8.4.* before 8.4.5, a code sequence involving __set handler or ??= operator and exceptions can lead to a use-after-free vulnerability. If the third party can control the memory layout leading to this, for example by supplying specially crafted inputs to the script, it could lead to remote code execution. |
