Total
7030 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-20787 | 2 Google, Mediatek | 31 Android, Mt2718, Mt6739 and 28 more | 2026-02-26 | 6.7 Medium |
| In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10149879; Issue ID: MSV-4658. | ||||
| CVE-2025-20804 | 2 Google, Mediatek | 3 Android, Mt6899, Mt6991 | 2026-02-26 | 6.7 Medium |
| In dpe, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is needed for exploitation. Patch ID: ALPS10198951; Issue ID: MSV-4503. | ||||
| CVE-2025-20805 | 2 Google, Mediatek | 4 Android, Mt6899, Mt6991 and 1 more | 2026-02-26 | 6.7 Medium |
| In dpe, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10114696; Issue ID: MSV-4480. | ||||
| CVE-2025-20806 | 2 Google, Mediatek | 4 Android, Mt6899, Mt6991 and 1 more | 2026-02-26 | 6.7 Medium |
| In dpe, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10114835; Issue ID: MSV-4479. | ||||
| CVE-2026-20968 | 1 Samsung | 3 Android, Mobile, Samsung Mobile | 2026-02-26 | 6.7 Medium |
| Use after free in DualDAR prior to SMR Jan-2026 Release 1 allows local privileged attackers to execute arbitrary code. | ||||
| CVE-2026-20971 | 1 Samsung | 3 Android, Mobile, Mobile Devices | 2026-02-26 | 7.8 High |
| Use After Free in PROCA driver prior to SMR Jan-2026 Release 1 allows local attackers to potentially execute arbitrary code. | ||||
| CVE-2025-33217 | 1 Nvidia | 6 Display Driver, Geforce, Quadro and 3 more | 2026-02-26 | 7.8 High |
| NVIDIA Display Driver for Windows contains a vulnerability where an attacker could trigger a use after free. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure. | ||||
| CVE-2025-33220 | 1 Nvidia | 6 Geforce, Quadro, Rtx and 3 more | 2026-02-26 | 7.8 High |
| NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause heap memory access after the memory is freed. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure. | ||||
| CVE-2026-20411 | 2 Google, Mediatek | 26 Android, Mt6781, Mt6878 and 23 more | 2026-02-26 | 7.8 High |
| In cameraisp, there is a possible escalation of privilege due to use after free. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10351676; Issue ID: MSV-5737. | ||||
| CVE-2026-20414 | 2 Google, Mediatek | 9 Android, Mt6897, Mt6989 and 6 more | 2026-02-26 | 6.7 Medium |
| In imgsys, there is a possible escalation of privilege due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10362999; Issue ID: MSV-5625. | ||||
| CVE-2026-20822 | 1 Microsoft | 18 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 15 more | 2026-02-26 | 7.8 High |
| Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-47358 | 1 Qualcomm | 43 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 40 more | 2026-02-26 | 7.8 High |
| Memory Corruption when user space address is modified and passed to mem_free API, causing kernel memory to be freed inadvertently. | ||||
| CVE-2025-47359 | 1 Qualcomm | 75 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 72 more | 2026-02-26 | 7.8 High |
| Memory Corruption when multiple threads simultaneously access a memory free API. | ||||
| CVE-2026-20842 | 1 Microsoft | 14 Windows 10 21h2, Windows 10 21h2, Windows 10 22h2 and 11 more | 2026-02-26 | 7 High |
| Use after free in Windows DWM allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-20844 | 1 Microsoft | 18 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 15 more | 2026-02-26 | 7.4 High |
| Use after free in Windows Clipboard Server allows an unauthorized attacker to elevate privileges locally. | ||||
| CVE-2025-47398 | 1 Qualcomm | 307 Ar8031, Ar8031 Firmware, Csra6620 and 304 more | 2026-02-26 | 7.8 High |
| Memory Corruption while deallocating graphics processing unit memory buffers due to improper handling of memory pointers. | ||||
| CVE-2026-20858 | 1 Microsoft | 16 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 13 more | 2026-02-26 | 7.8 High |
| Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-20859 | 1 Microsoft | 5 Windows 11 24h2, Windows 11 24h2, Windows 11 25h2 and 2 more | 2026-02-26 | 7.8 High |
| Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-20865 | 1 Microsoft | 16 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 13 more | 2026-02-26 | 7.8 High |
| Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-20877 | 1 Microsoft | 16 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 13 more | 2026-02-26 | 7.8 High |
| Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally. | ||||