CWE-416
7,675 CVEs • Abstraction: Variant • Likelihood of Exploit: High
Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
CVEs (7,675)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
A use-after-free vulnerability exists in the PDF file parsing of Foxit PDF Reader before 2025.2.1, 14.0.1, and 13.2.1 on Windows. A PDF object managed by multiple parent objects could be freed while still being reference...Show more |
A use-after-free vulnerability exists in the AcroForm handling of Foxit PDF Reader and Foxit PDF Editor before 2025.2.1,14.0.1 and 13.2.1 on Windows . When opening a PDF containing specially crafted JavaScript, a poin...Show more |
There is a use-after-free vulnerability in sentry!sentry_span_set_data() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation req...Show more |
Use-after-free in the Disability Access APIs component. This vulnerability was fixed in Firefox 146.0.1. |
1Qualcomm 18Fastconnect 6900 Firmware Fastconnect 7800 FirmwareQca0000 Firmware+15 moreJun 17, 2026 Dec 18, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption while handling concurrent memory mapping and unmapping requests from a user-space application. |
1Qualcomm 110Ar8031 Firmware Ar8035 FirmwareCsra6620 Firmware+107 moreJun 17, 2026 Dec 18, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption while handling IOCTL calls to set mode. |
1Qualcomm 111Csra6620 Firmware Csra6640 FirmwareFastconnect 6200 Firmware+108 moreJun 17, 2026 Dec 18, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption during video playback when video session open fails with time out error. |
1Apple 4Ipados Iphone OsMacos+1 moreJun 17, 2026 Dec 17, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2. Processing maliciously crafted web conte...Show more |
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2....Show more |
Use after free in WebGPU in Google Chrome prior to 143.0.7499.147 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.2, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2, watchOS 26.2. Processing...Show more |
Use after free in Password Manager in Google Chrome prior to 143.0.7499.110 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium) |
A vulnerability was detected in ggml-org whisper.cpp up to 1.8.2. Affected is the function read_audio_data of the file /whisper.cpp/examples/common-whisper.cpp. The manipulation results in use after free. The attack requ...Show more |
In AzeoTech DAQFactory release 20.7 (Build 2555), a use after free vulnerability can be exploited to cause memory corruption while parsing specially crafted .ctl files. This could allow an attacker to execute code in the...Show more |
In bigo_worker_thread of private/google-modules/video/gchips/bigo.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges ne...Show more |
In bigo_map of bigo_iommu.c, there is a possible information disclosure due to a use after free. This could lead to local escalation of privilege in the OS Kernel level with System execution privileges needed. User inte...Show more |
An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. A crafted PDF can contain JavaScript that attaches an OnBlur action on a form field that destroys an annotation. D...Show more |
An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 2025 before 2025.2. A crafted PDF containing JavaScript that calls closeDoc() while internal objects are still in use can cause premature releas...Show more |
1Microsoft 12Windows 10 1607 Windows 10 1809Windows 10 21h2+9 moreJun 17, 2026 Dec 9, 2025 N/A· v4 7.0 HIGH· v3 N/A· v2 Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally. |
1Microsoft 4Windows 11 24h2 Windows 11 25h2Windows Server 2022 23h2+1 moreJun 17, 2026 Dec 9, 2025 N/A· v4 7.0 HIGH· v3 N/A· v2 Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally. |