Total
7030 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-47375 | 1 Qualcomm | 339 Ar8031, Ar8031 Firmware, Ar8035 and 336 more | 2026-03-09 | 7.8 High |
| Memory corruption while handling different IOCTL calls from the user-space simultaneously. | ||||
| CVE-2025-47386 | 1 Qualcomm | 341 Ar8031, Ar8031 Firmware, Ar8035 and 338 more | 2026-03-09 | 7.8 High |
| Memory Corruption while invoking IOCTL calls when concurrent access to shared buffer occurs. | ||||
| CVE-2026-28799 | 1 Pjsip | 1 Pjproject | 2026-03-09 | 7.5 High |
| PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, a heap use-after-free vulnerability exists in PJSIP's event subscription framework (evsub.c) that is triggered during presence unsubscription (SUBSCRIBE with Expires=0). This issue has been patched in version 2.17. | ||||
| CVE-2025-21836 | 1 Linux | 1 Linux Kernel | 2026-03-07 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: io_uring/kbuf: reallocate buf lists on upgrade IORING_REGISTER_PBUF_RING can reuse an old struct io_buffer_list if it was created for legacy selected buffer and has been emptied. It violates the requirement that most of the field should stay stable after publish. Always reallocate it instead. | ||||
| CVE-2025-47379 | 1 Qualcomm | 357 5g Fixed Wireless Access Platform, 5g Fixed Wireless Access Platform Firmware, Ar8031 and 354 more | 2026-03-06 | 7.8 High |
| Memory Corruption when concurrent access to shared buffer occurs due to improper synchronization between assignment and deallocation of buffer resources. | ||||
| CVE-2025-13350 | 1 Canonical | 1 Ubuntu Linux | 2026-03-06 | N/A |
| Ubuntu Linux 6.8 GA retains the legacy AF_UNIX garbage collector but backports upstream commit 8594d9b85c07 ("af_unix: Don’t call skb_get() for OOB skb"). When orphaned MSG_OOB sockets hit unix_gc(), the garbage collector still calls kfree_skb() as if OOB SKBs held two references; on Ubuntu Linux 6.8 (Noble Numbat) kernel tree, they have only the queue reference, so the buffer is freed while still reachable and subsequent queue walks dereference freed memory, yielding a reliable local privilege escalation (LPE) caused by a use-after-free (UAF). Ubuntu builds that have already taken the new GC stack from commit 4090fa373f0e, and mainline Linux kernels shipping that infrastructure are unaffected because they no longer execute the legacy collector path. This issue affects Ubuntu Linux from 6.8.0-56.58 before 6.8.0-84.84. | ||||
| CVE-2023-43000 | 1 Apple | 7 Ios, Ipad Os, Ipados and 4 more | 2026-03-06 | 8.8 High |
| A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.5, iOS 16.6 and iPadOS 16.6, Safari 16.6. Processing maliciously crafted web content may lead to memory corruption. | ||||
| CVE-2023-41974 | 1 Apple | 2 Ipados, Iphone Os | 2026-03-06 | 7.8 High |
| A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 17 and iPadOS 17. An app may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2026-2804 | 1 Mozilla | 2 Firefox, Thunderbird | 2026-03-06 | 5.4 Medium |
| Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148 and Thunderbird < 148. | ||||
| CVE-2026-2799 | 1 Mozilla | 2 Firefox, Thunderbird | 2026-03-06 | 8.8 High |
| Use-after-free in the DOM: Core & HTML component. This vulnerability affects Firefox < 148 and Thunderbird < 148. | ||||
| CVE-2026-2797 | 1 Mozilla | 2 Firefox, Thunderbird | 2026-03-06 | 8.8 High |
| Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148 and Thunderbird < 148. | ||||
| CVE-2026-2786 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2026-03-06 | 8.8 High |
| Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. | ||||
| CVE-2026-2766 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2026-03-06 | 9.8 Critical |
| Use-after-free in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. | ||||
| CVE-2026-2765 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2026-03-06 | 9.8 Critical |
| Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. | ||||
| CVE-2026-2789 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2026-03-06 | 8.8 High |
| Use-after-free in the Graphics: ImageLib component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. | ||||
| CVE-2026-2787 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2026-03-06 | 8.8 High |
| Use-after-free in the DOM: Window and Location component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. | ||||
| CVE-2026-2772 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2026-03-06 | 8.8 High |
| Use-after-free in the Audio/Video: Playback component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. | ||||
| CVE-2026-2770 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2026-03-06 | 8.8 High |
| Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. | ||||
| CVE-2026-2769 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2026-03-06 | 8.8 High |
| Use-after-free in the Storage: IndexedDB component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. | ||||
| CVE-2026-2764 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2026-03-06 | 9.8 Critical |
| JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. | ||||