CWE-416
7,688 CVEs • Abstraction: Variant • Likelihood of Exploit: High
Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
CVEs (7,688)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
Use after free in TextEncoding in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
Use after free in Extensions in Google Chrome prior to 146.0.7680.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium sec...Show more |
Use after free in WebMCP in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
Use after free in Agents in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
When doing a second SMB request to the same host again, curl would wrongly use
a data pointer pointing into already freed memory. |
1Adobe 3Acrobat Acrobat DcAcrobat Reader DcJun 17, 2026 Mar 10, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Acrobat Reader versions 24.001.30307, 24.001.30308, 25.001.21265 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation o...Show more |
1Adobe 3Acrobat Acrobat DcAcrobat Reader DcJun 17, 2026 Mar 10, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Acrobat Reader versions 24.001.30307, 24.001.30308, 25.001.21265 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation o...Show more |
In VPU, there is a possible use-after-free read due to a race condition. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. |
In vpu_open_inst of vpu_ioctl.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed...Show more |
Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, At the rate limit filter, if the response phase limit with apply_on_stream_done in the rate limit configuration is enab...Show more |
Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, a logic vulnerability in Envoy's HTTP connection manager (FilterManager) that allows for Zombie Stream Filter Execution...Show more |
Substance3D - Stager versions 3.1.7 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user in...Show more |
Substance3D - Stager versions 3.1.7 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user in...Show more |
Memory safety bugs present in Firefox 148.0.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerabil...Show more |
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a heap-use-after-free in CIccCmm::AddXform() causing invalid vptr dereference and crash. This vulner...Show more |
Integer overflow or wraparound in Microsoft Office allows an authorized attacker to elevate privileges locally. |
1Microsoft 9Windows 10 21h2 Windows 10 22h2Windows 11 23h2+6 moreJun 17, 2026 Mar 10, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. |
1Microsoft 5365 Apps ExcelOffice+2 moreJun 17, 2026 Mar 10, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
1Microsoft 5Windows 10 1809 Windows 10 21h2Windows 10 22h2+2 moreJun 17, 2026 Mar 10, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. |
1Microsoft 14Windows 10 1607 Windows 10 1809Windows 10 21h2+11 moreJun 17, 2026 Mar 10, 2026 N/A· v4 7.0 HIGH· v3 N/A· v2 Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. |