Weaknesses of type CWE-416

4,151 results
CVE-2026-27915HIGHWindows UPnP Device Host Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2026-40408HIGHWindows WAN ARP Driver Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2026-20924HIGHWindows Management Services Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2025-62569HIGHMicrosoft Brokering File System Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2026-32161HIGHWindows Native WiFi Miniport Driver Remote Code Execution VulnerabilityEPSS 0.3%CVE-2026-20873HIGHWindows Management Services Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2026-20877HIGHWindows Management Services Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2026-43716MEDIUMThe issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.EPSS 0.3%CVE-2026-20874HIGHWindows Management Services Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2025-48752LOWIn the process-sync crate 0.2.2 for Rust, the drop function lacks a check for whether the pthread_mutex is unlocked.EPSS 0.3%CVE-2021-39216MEDIUMUse after free passing `externref`s to Wasm in WasmtimeEPSS 0.3%CVE-2026-20918HIGHWindows Management Services Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2021-4028A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a soEPSS 0.3%CVE-2023-4208HIGHUse-after-free in Linux kernel's net/sched: cls_u32 componentEPSS 0.3%CVE-2026-9995HIGHUse after free in WebXR in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a EPSS 0.3%CVE-2022-43652LOWBentley View SKP File Parsing Use-After-Free Information Disclosure VulnerabilityEPSS 0.3%CVE-2025-29699MEDIUMNetSurf 3.11 is vulnerable to Use After Free in dom_node_set_text_content function.EPSS 0.3%CVE-2025-62788MEDIUMWazuh Vulnerable to Heap Use After Free in w_copy_event_for_logEPSS 0.3%CVE-2026-20644MEDIUMThe issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOSEPSS 0.3%CVE-2026-21908HIGHJunos OS and Junos OS Evolved: Use after free vulnerability In 802.1X authentication daemon can cause crash of the dot1xd processEPSS 0.3%