CWE-416
7,688 CVEs • Abstraction: Variant • Likelihood of Exploit: High
Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
CVEs (7,688)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. Processing maliciously crafted web conte...Show more |
Use after free in Ozone in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium s...Show more |
Use after free in CSS in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
A use after free in the SEV firmware could allow a malicous hypervisor to activate a migrated guest with the SINGLE_SOCKET policy on a different socket than the migration agent potentially resulting in loss of integrity. |
After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interactio...Show more |
After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interactio...Show more |
After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interactio...Show more |
After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interactio...Show more |
After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interactio...Show more |
1Microsoft 13Windows 10 1607 Windows 10 1809Windows 10 21h2+10 moreJun 17, 2026 Feb 10, 2026 N/A· v4 7.0 HIGH· v3 N/A· v2 Use after free in Mailslot File System allows an authorized attacker to elevate privileges locally. |
1Microsoft 5Windows Server 2016 Windows Server 2019Windows Server 2022+2 moreJun 17, 2026 Feb 10, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Windows Cluster Client Failover allows an authorized attacker to elevate privileges locally. |
1Microsoft 8Windows 10 21h2 Windows 10 22h2Windows 11 23h2+5 moreJun 17, 2026 Feb 10, 2026 N/A· v4 7.0 HIGH· v3 N/A· v2 Use after free in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally. |
1Microsoft 6Windows 11 23h2 Windows 11 24h2Windows 11 25h2+3 moreJun 17, 2026 Feb 10, 2026 N/A· v4 7.0 HIGH· v3 N/A· v2 Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. |
1Microsoft 8Windows 10 21h2 Windows 10 22h2Windows 11 23h2+5 moreJun 17, 2026 Feb 10, 2026 N/A· v4 7.0 HIGH· v3 N/A· v2 Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally. |
1Microsoft 9Windows 10 1607 Windows 10 1809Windows 10 21h2+6 moreJun 17, 2026 Feb 10, 2026 N/A· v4 7.3 HIGH· v3 N/A· v2 Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. |
A vulnerability was found in ckolivas lrzip up to 0.651. This impacts the function lzma_decompress_buf of the file stream.c. Performing a manipulation results in use after free. Attacking locally is a requirement. The ex...Show more |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, the RDPSND async playback thread can process queued PDUs after the channel is closed and internal state is freed, leading to a use after f...Show more |
FreeRDP is a free implementation of the Remote Desktop Protocol. ainput_send_input_event caches channel_callback in a local variable and later uses it without synchronization; a concurrent channel close can free or reini...Show more |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, aAsynchronous bulk transfer completions can use a freed channel callback after URBDRC channel close, leading to a use after free in urb_wr...Show more |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, sdl_Pointer_New frees data on failure, then pointer_free calls sdl_Pointer_Free and frees it again, triggering ASan UAF. This vulnerabilit...Show more |