use after free

Microsoft has published a security advisory and accompanying fixes for CVE-2025-58737, a use‑after‑free vulnerability in Windows Remote Desktop that can lead to local remote code execution when exploited under specific conditions. The advisory and industry trackers indicate the vulnerability was...

Microsoft has published an advisory for CVE-2025-59238, a use‑after‑free vulnerability in Microsoft PowerPoint that can allow an attacker to execute arbitrary code on a local system when a user opens a crafted presentation. Microsoft’s advisory and multiple third‑party trackers place the CVSS...

Microsoft has published an advisory for CVE-2025-58718, a high-severity use‑after‑free vulnerability in the Remote Desktop Client that can lead to remote code execution when a user connects to a malicious RDP server; the weakness received a CVSS v3.1 base score of 8.8 and should be treated as an...

Microsoft has published an advisory for CVE-2025-58718, a high‑severity use‑after‑free vulnerability in the Remote Desktop Client that can allow a malicious RDP server to execute arbitrary code on a client that connects to it; the vendor and multiple independent trackers assign a CVSS v3.1 base...

Microsoft’s October Patch Tuesday closed a cluster of use‑after‑free bugs in Windows “Inbox COM Objects” — one of which, tracked as CVE‑2025‑58735, is described by Microsoft and multiple independent trackers as a high‑impact memory‑corruption flaw that can lead to local code execution when a...

Microsoft has recorded CVE-2025-55686 as a use‑after‑free (CWE‑416) elevation‑of‑privilege flaw in the Windows PrintWorkflowUserSvc, a privileged print‑stack service, and Microsoft’s advisory plus independent trackers list it with a High (7.0) CVSS v3.1 base score — a local attack that can let a...

A newly reported elevation‑of‑privilege issue tied to Windows push/notification components has reignited concern about memory‑safety defects in user‑facing Windows subsystems — however, the precise CVE identifier you provided (CVE‑2025‑53725) could not be independently verified in public vendor...

A critical security vulnerability has surfaced in Chromium, identified as CVE-2025-8576, raising urgent alarms for users of all Chromium-based browsers, including Microsoft Edge. This flaw, classified as a "use after free" in Extensions, exposes millions of users to potential cyberattacks...

A critical security vulnerability, identified as CVE-2025-8292, has been discovered in Google Chrome's Media Stream component. This "use after free" flaw allows remote attackers to exploit heap corruption through specially crafted HTML pages, potentially leading to arbitrary code execution. The...

The Microsoft Office Remote Code Execution Vulnerability, identified as CVE-2025-49695, has raised significant concerns within the cybersecurity community. This vulnerability stems from a "use after free" error in Microsoft Office, potentially allowing unauthorized attackers to execute arbitrary...

Here’s what is known about CVE-2025-49682: Title: Windows Media Elevation of Privilege Vulnerability Type: Use After Free Description: An authorized attacker can exploit a use-after-free vulnerability in Windows Media to locally elevate their privileges on an affected system. Attack Vector...

The Kernel Streaming WOW Thunk Service Driver, a critical component within the Windows operating system, has recently been identified as vulnerable to a significant security flaw, designated as CVE-2025-49675. This vulnerability, classified as a "use after free" issue, allows authenticated local...

Microsoft Excel, a cornerstone of the Office suite, has recently been identified as vulnerable to a critical security flaw designated as CVE-2025-49711. This vulnerability, stemming from a "use after free" error, permits unauthorized attackers to execute arbitrary code on affected systems...

A critical security vulnerability, identified as CVE-2025-47986, has been discovered in Microsoft's Universal Print Management Service. This flaw allows authorized local attackers to elevate their privileges by exploiting a "use after free" condition within the service. This vulnerability poses...

A recent security vulnerability, identified as CVE-2025-6555, has been discovered in Google Chrome's animation component. This "use after free" flaw allows remote attackers to potentially exploit heap corruption through specially crafted HTML pages. The vulnerability affects Chrome versions...

A critical security vulnerability, identified as CVE-2025-5958, has been discovered in the Chromium project, specifically affecting the Media component. This "use after free" flaw poses significant risks to users of Chromium-based browsers, including Google Chrome and Microsoft Edge...

A newly disclosed vulnerability, CVE-2025-47175, has sent ripples through the Windows and cybersecurity communities due to its potential impact on Microsoft PowerPoint—a staple of modern business, education, and government environments. This remote code execution vulnerability, classified as a...

Microsoft Office has long held a place of critical importance in the daily workflows of individuals, businesses, and institutions worldwide. Its ubiquity, however, also makes it a high-value target for cyber attackers seeking to exploit vulnerabilities for unauthorized access, data theft, or...

A critical security flaw tracked as CVE-2025-5068 has recently garnered significant attention among cybersecurity professionals, browser developers, and enterprise IT administrators alike. Identified within the Chromium project, this vulnerability relates to a "use after free" issue in Blink...

In May 2025, a critical security vulnerability identified as CVE-2025-5283 was discovered in the libvpx library, a widely used open-source video codec developed by Google and the Alliance for Open Media. This vulnerability, classified as a "use after free" flaw, poses significant risks to users...