CWE-416
7,674 CVEs • Abstraction: Variant • Likelihood of Exploit: High
Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
CVEs (7,674)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires us...Show more |
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires us...Show more |
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires us...Show more |
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires us...Show more |
InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user...Show more |
InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user...Show more |
InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user...Show more |
InCopy versions 20.4, 19.5.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interacti...Show more |
Animate versions 23.0.12, 24.0.9 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must op...Show more |
Animate versions 23.0.12, 24.0.9 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user inter...Show more |
1Microsoft 2365 Apps Office Long Term Servicing ChannelJun 17, 2026 Aug 12, 2025 N/A· v4 8.4 HIGH· v3 N/A· v2 Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
1Microsoft 4365 Apps OfficeOffice Long Term Servicing Channel+1 moreJun 17, 2026 Aug 12, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally. |
1Microsoft 3365 Apps OfficeOffice Long Term Servicing ChannelJun 17, 2026 Aug 12, 2025 N/A· v4 8.4 HIGH· v3 N/A· v2 Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. |
1Microsoft 4365 Apps OfficeOffice Long Term Servicing Channel+1 moreJun 17, 2026 Aug 12, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
1Microsoft 5365 Apps ExcelOffice+2 moreJun 17, 2026 Aug 12, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
1Microsoft 3365 Apps OfficeOffice Long Term Servicing ChannelJun 17, 2026 Aug 12, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally. |
1Microsoft 3365 Apps OfficeOffice Long Term Servicing ChannelJun 17, 2026 Aug 12, 2025 N/A· v4 8.4 HIGH· v3 N/A· v2 Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. |
1Microsoft 3365 Apps OfficeOffice Long Term Servicing ChannelJun 17, 2026 Aug 12, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally. |
1Microsoft 10Windows 10 1809 Windows 10 21h2Windows 10 22h2+7 moreJun 17, 2026 Aug 12, 2025 N/A· v4 7.0 HIGH· v3 N/A· v2 Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally. |
1Microsoft 15Windows 10 1507 Windows 10 1607Windows 10 1809+12 moreJun 17, 2026 Aug 12, 2025 N/A· v4 7.0 HIGH· v3 N/A· v2 Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. |