Search
Search Results (7849 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-47335 | 1 Linux | 1 Linux Kernel | 2025-07-11 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid racing on fsync_entry_slab by multi filesystem instances As syzbot reported, there is an use-after-free issue during f2fs recovery: Use-after-free write at 0xffff88823bc16040 (in kfence-#10): kmem_cache_destroy+0x1f/0x120 mm/slab_common.c:486 f2fs_recover_fsync_data+0x75b0/0x8380 fs/f2fs/recovery.c:869 f2fs_fill_super+0x9393/0xa420 fs/f2fs/super.c:3945 mount_bdev+0x26c/0x3a0 fs/super.c:1367 legacy_get_tree+0xea/0x180 fs/fs_context.c:592 vfs_get_tree+0x86/0x270 fs/super.c:1497 do_new_mount fs/namespace.c:2905 [inline] path_mount+0x196f/0x2be0 fs/namespace.c:3235 do_mount fs/namespace.c:3248 [inline] __do_sys_mount fs/namespace.c:3456 [inline] __se_sys_mount+0x2f9/0x3b0 fs/namespace.c:3433 do_syscall_64+0x3f/0xb0 arch/x86/entry/common.c:47 entry_SYSCALL_64_after_hwframe+0x44/0xae The root cause is multi f2fs filesystem instances can race on accessing global fsync_entry_slab pointer, result in use-after-free issue of slab cache, fixes to init/destroy this slab cache only once during module init/destroy procedure to avoid this issue. | ||||
| CVE-2025-1704 | 1 Google | 1 Chrome Os | 2025-07-11 | 6.5 Medium |
| ComponentInstaller Modification in ComponentInstaller in Google ChromeOS 15823.23.0 on Chromebooks allows enrolled users with local access to unenroll devices and intercept device management requests via loading components from the unencrypted stateful partition. | ||||
| CVE-2025-1290 | 2 Google, Linux | 2 Chrome Os, Linux Kernel | 2025-07-11 | 8.1 High |
| A race condition Use-After-Free vulnerability exists in the virtio_transport_space_update function within the Kernel 5.4 on ChromeOS. Concurrent allocation and freeing of the virtio_vsock_sock structure during an AF_VSOCK connect syscall can occur before a worker thread accesses it resulting in a dangling pointer and potential kernel code execution. | ||||
| CVE-2023-29325 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-07-10 | 8.1 High |
| Windows OLE Remote Code Execution Vulnerability | ||||
| CVE-2023-24953 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2025-07-10 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2023-24947 | 1 Microsoft | 7 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 4 more | 2025-07-10 | 8.8 High |
| Windows Bluetooth Driver Remote Code Execution Vulnerability | ||||
| CVE-2023-24903 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-07-10 | 8.1 High |
| Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | ||||
| CVE-2024-43472 | 1 Microsoft | 1 Edge Chromium | 2025-07-10 | 5.8 Medium |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | ||||
| CVE-2024-38171 | 1 Microsoft | 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more | 2025-07-10 | 7.8 High |
| Microsoft PowerPoint Remote Code Execution Vulnerability | ||||
| CVE-2024-38158 | 1 Microsoft | 1 Azure Iot Hub Device Client Sdk | 2025-07-10 | 7 High |
| Azure IoT SDK Remote Code Execution Vulnerability | ||||
| CVE-2024-38157 | 1 Microsoft | 1 Azure Iot Hub Device Client Sdk | 2025-07-10 | 7 High |
| Azure IoT SDK Remote Code Execution Vulnerability | ||||
| CVE-2024-38150 | 1 Microsoft | 8 Windows 10 21h2, Windows 10 22h2, Windows 11 21h2 and 5 more | 2025-07-10 | 7.8 High |
| Windows DWM Core Library Elevation of Privilege Vulnerability | ||||
| CVE-2024-38147 | 1 Microsoft | 8 Windows 10 21h2, Windows 10 22h2, Windows 11 21h2 and 5 more | 2025-07-10 | 7.8 High |
| Microsoft DWM Core Library Elevation of Privilege Vulnerability | ||||
| CVE-2024-38141 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-07-10 | 7.8 High |
| Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | ||||
| CVE-2024-38140 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-10 | 9.8 Critical |
| Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability | ||||
| CVE-2024-38138 | 1 Microsoft | 4 Windows Server 2016, Windows Server 2019, Windows Server 2022 and 1 more | 2025-07-10 | 7.5 High |
| Windows Deployment Services Remote Code Execution Vulnerability | ||||
| CVE-2024-38137 | 1 Microsoft | 8 Windows 10 21h2, Windows 10 22h2, Windows 11 21h2 and 5 more | 2025-07-10 | 7 High |
| Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability | ||||
| CVE-2024-38136 | 1 Microsoft | 10 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 7 more | 2025-07-10 | 7 High |
| Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability | ||||
| CVE-2024-38199 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-10 | 9.8 Critical |
| Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability | ||||
| CVE-2024-38159 | 1 Microsoft | 2 Windows 10 1607, Windows Server 2016 | 2025-07-10 | 9.1 Critical |
| Windows Network Virtualization Remote Code Execution Vulnerability | ||||