CWE-416
7,674 CVEs • Abstraction: Variant • Likelihood of Exploit: High
Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
CVEs (7,674)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Microsoft 12Windows 10 1507 Windows 10 1607Windows 10 1809+9 moreJun 17, 2026 Aug 12, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Desktop Windows Manager allows an authorized attacker to execute code locally. |
1Microsoft 10Windows 10 1809 Windows 10 21h2Windows 10 22h2+7 moreJun 17, 2026 Aug 12, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. |
1Microsoft 15Windows 10 1507 Windows 10 1607Windows 10 1809+12 moreJun 17, 2026 Aug 12, 2025 N/A· v4 7.0 HIGH· v3 N/A· v2 Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. |
1Microsoft 5Windows 11 22h2 Windows 11 23h2Windows 11 24h2+2 moreJun 17, 2026 Aug 12, 2025 N/A· v4 7.0 HIGH· v3 N/A· v2 Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally. |
1Microsoft 15Windows 10 1507 Windows 10 1607Windows 10 1809+12 moreJun 17, 2026 Aug 12, 2025 N/A· v4 7.0 HIGH· v3 N/A· v2 Use after free in Kernel Transaction Manager allows an authorized attacker to elevate privileges locally. |
1Microsoft 15Windows 10 1507 Windows 10 1607Windows 10 1809+12 moreJun 17, 2026 Aug 12, 2025 N/A· v4 7.0 HIGH· v3 N/A· v2 Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. |
1Microsoft 2Windows 11 24h2 Windows Server 2025Jun 17, 2026 Aug 12, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally. |
1Microsoft 15Windows 10 1507 Windows 10 1607Windows 10 1809+12 moreJun 17, 2026 Aug 12, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. |
1Microsoft 15Windows 10 1507 Windows 10 1607Windows 10 1809+12 moreJun 17, 2026 Aug 12, 2025 N/A· v4 8.1 HIGH· v3 N/A· v2 Use after free in Windows Message Queuing allows an unauthorized attacker to execute code over a network. |
1Microsoft 14Windows 10 1507 Windows 10 1607Windows 10 1809+11 moreJun 17, 2026 Aug 12, 2025 N/A· v4 7.0 HIGH· v3 N/A· v2 Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally. |
1Microsoft 14Windows 10 1507 Windows 10 1607Windows 10 1809+11 moreJun 17, 2026 Aug 12, 2025 N/A· v4 7.3 HIGH· v3 N/A· v2 Use after free in Remote Access Point-to-Point Protocol (PPP) EAP-TLS allows an authorized attacker to elevate privileges locally. |
1Microsoft 12Windows 10 1507 Windows 10 1607Windows 10 1809+9 moreJun 17, 2026 Aug 12, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Desktop Windows Manager allows an authorized attacker to elevate privileges locally. |
1Microsoft 15Windows 10 1507 Windows 10 1607Windows 10 1809+12 moreJun 17, 2026 Aug 12, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. |
1Microsoft 15Windows 10 1507 Windows 10 1607Windows 10 1809+12 moreJun 17, 2026 Aug 12, 2025 N/A· v4 6.7 MEDIUM· v3 N/A· v2 Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. |
Illustrator versions 28.7.8, 29.6.1 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must...Show more |
2Debian Linux2Debian Linux Linux KernelJun 17, 2026 Aug 12, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 In the Linux kernel, the following vulnerability has been resolved: xfrm: interface: fix use-after-free after changing collect_md xfrm interface collect_md property on xfrm interfaces can only be set on device creation...Show more |
Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1400, When processing nested tuples in Vim script, an error during evaluation can trigger a use-after-free in Vim’s internal tuple...Show more |
A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected by this issue is the function do_directive of the file preproc.c. The manipulation leads to use after free. An attack has to be approached locally...Show more |
A vulnerability was identified in JasPer up to 4.2.5. This affects the function jpc_dec_dump of the file src/libjasper/jpc/jpc_dec.c of the component JPEG2000 File Handler. The manipulation leads to use after free. An at...Show more |
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through use after free. |