Fallos del tipo CWE-416

4172 resultados
CVE-2026-27915HIGHWindows UPnP Device Host Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2024-22920HIGHswftools 0.9.2 was discovered to contain a heap-use-after-free via the function bufferWriteData in swftools/lib/action/compile.c.EPSS 0.3%CVE-2026-40408HIGHWindows WAN ARP Driver Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2022-1419The root cause of this vulnerability is that the ioctl$DRM_IOCTL_MODE_DESTROY_DUMB can decrease refcount of *drm_vgem_gem_object *(created iEPSS 0.3%CVE-2025-59215HIGHWindows Graphics Component Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2025-55228HIGHWindows Graphics Component Remote Code Execution VulnerabilityEPSS 0.3%CVE-2026-20924HIGHWindows Management Services Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2026-20877HIGHWindows Management Services Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2026-43716MEDIUMThe issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.EPSS 0.3%CVE-2021-39216MEDIUMUse after free passing `externref`s to Wasm in WasmtimeEPSS 0.3%CVE-2025-62569HIGHMicrosoft Brokering File System Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2026-20874HIGHWindows Management Services Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2026-20873HIGHWindows Management Services Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2026-32161HIGHWindows Native WiFi Miniport Driver Remote Code Execution VulnerabilityEPSS 0.3%CVE-2025-48752LOWIn the process-sync crate 0.2.2 for Rust, the drop function lacks a check for whether the pthread_mutex is unlocked.EPSS 0.3%CVE-2026-20918HIGHWindows Management Services Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2022-43652LOWBentley View SKP File Parsing Use-After-Free Information Disclosure VulnerabilityEPSS 0.3%CVE-2023-4208HIGHUse-after-free in Linux kernel's net/sched: cls_u32 componentEPSS 0.3%CVE-2021-4028A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a soEPSS 0.3%CVE-2026-9995HIGHUse after free in WebXR in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a EPSS 0.3%