CWE-825
34 CVEs classified under CWE-825. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-23310 | Critical | 9.8 | 2024-02-20 | A use-after-free vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Project libbiosig 2.5.0 and Master Branch (ab0ee111). A specially cra… |
CVE-2023-48316 | Critical | 9.8 | 2023-12-05 | Azure RTOS NetX Duo is a TCP/IP network stack designed specifically for deeply embedded real-time and IoT applications. An attacker can cause remote code execu… |
CVE-2025-49794 | Critical | 9.1 | 2025-06-16 | A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the… |
CVE-2023-48692 | Critical | 9.1 | 2023-12-05 | Azure RTOS NetX Duo is a TCP/IP network stack designed specifically for deeply embedded real-time and IoT applications. An attacker can cause remote code execu… |
CVE-2023-48315 | High | 8.8 | 2023-12-05 | Azure RTOS NetX Duo is a TCP/IP network stack designed specifically for deeply embedded real-time and IoT applications. An attacker can cause remote code execu… |
CVE-2026-7111 | High | 8.4 | 2026-04-29 | Text::CSV_XS versions before 1.62 for Perl have a use-after-free when registered callbacks extend the Perl argument stack, which may enable type confusion or m… |
CVE-2026-34001 | High | 7.8 | 2026-04-23 | A flaw was found in the X.Org X server. This use-after-free vulnerability occurs in the XSYNC fence triggering logic, specifically within the miSyncTriggerFenc… |
CVE-2026-30978 | High | 7.8 | 2026-03-10 | iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a heap-use-after-free in CIccCmm::AddXf… |
CVE-2024-8250 | High | 7.8 | 2024-08-28 | NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file |
CVE-2026-8854 | High | 7.5 | 2026-05-26 | IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module mod_mem_cache. |
CVE-2026-32873 | High | 7.5 | 2026-03-20 | ewe is a Gleam web server. Versions 0.8.0 through 3.0.4 contain a bug in the handle_trailers function where rejected trailer headers (forbidden or undeclared)… |
CVE-2025-49795 | High | 7.5 | 2025-06-16 | A NULL pointer dereference vulnerability was found in libxml2 when processing XPath XML expressions. This flaw allows an attacker to craft a malicious XML inpu… |
CVE-2024-39792 | High | 7.5 | 2024-08-14 | When the NGINX Plus is configured to use the MQTT pre-read module, undisclosed requests can cause an increase in memory resource utilization. Note: Software v… |
CVE-2023-20212 | High | 7.5 | 2023-08-18 | A vulnerability in the AutoIt module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected devi… |
CVE-2025-12119 | Medium | 6.8 | 2025-11-18 | A mongoc_bulk_operation_t may read invalid memory if large options are passed. |
CVE-2023-48698 | Medium | 6.8 | 2023-12-05 | Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX. An attacker can cause remote code… |
CVE-2023-48694 | Medium | 6.8 | 2023-12-05 | Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX. An attacker can cause remote code… |
CVE-2026-5165 | Medium | 6.7 | 2026-03-30 | A flaw was found in virtio-win, specifically within the VirtIO Block (BLK) device. When the device undergoes a reset, it fails to properly manage memory, resul… |
CVE-2024-45105 | Medium | 6.7 | 2024-09-13 | An internal product security audit discovered a UEFI SMM (System Management Mode) callout vulnerability in some ThinkSystem servers that could allow a local at… |
CVE-2023-48696 | Medium | 6.7 | 2023-12-05 | Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX. An attacker can cause remote code… |