CWE-416
7,674 CVEs • Abstraction: Variant • Likelihood of Exploit: High
Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
CVEs (7,674)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
Substance3D - Stager versions 3.1.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user in...Show more |
Substance3D - Stager versions 3.1.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user in...Show more |
Substance3D - Stager versions 3.1.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user in...Show more |
Use after free for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow an unauthenticated user to potentially enable denial of service via adjacent access. |
Use after free for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow an unauthenticated user to potentially enable denial of service via adjacent access. |
Use after free for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow an unauthenticated user to potentially enable denial of service via adjacent access. |
1Microsoft 15Windows 10 1507 Windows 10 1607Windows 10 1809+12 moreJun 17, 2026 May 13, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. |
1Microsoft 15Windows 10 1507 Windows 10 1607Windows 10 1809+12 moreJun 17, 2026 May 13, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. |
1Microsoft 10Windows 10 1809 Windows 10 21h2Windows 10 22h2+7 moreJun 17, 2026 May 13, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Windows DWM allows an authorized attacker to elevate privileges locally. |
1Microsoft 2365 Apps Office Long Term Servicing ChannelJun 17, 2026 May 13, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
1Microsoft 4365 Apps 365 CopilotOffice+1 moreJun 17, 2026 May 13, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. |
1Microsoft 14Windows 10 1607 Windows 10 1809Windows 10 21h2+11 moreJun 17, 2026 May 13, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. |
1Microsoft 5365 Apps ExcelOffice+2 moreJun 17, 2026 May 13, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. |
1Microsoft 2365 Apps Office Long Term Servicing ChannelJun 17, 2026 May 13, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally. |
1Microsoft 5365 Apps ExcelOffice+2 moreJun 17, 2026 May 13, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
1Microsoft 3Windows 11 24h2 Windows Server 2022 23h2Windows Server 2025Jun 17, 2026 May 13, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally. |
1Microsoft 8Windows 10 21h2 Windows 10 22h2Windows 11 22h2+5 moreJun 17, 2026 May 13, 2025 N/A· v4 7.0 HIGH· v3 N/A· v2 Concurrent execution using shared resource with improper synchronization ('race condition') in Universal Print Management Service allows an authorized attacker to elevate privileges locally. |
1Microsoft 7Windows Server 2008 Windows Server 2012Windows Server 2016+4 moreJun 17, 2026 May 13, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Use after free in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network. |
1Apple 6Ipados Iphone OsMacos+3 moreJun 17, 2026 May 12, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6, tvOS 18.5, visionOS 2.5...Show more |
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition In btsdio_probe, the data->work is bound with btsdio_work. It will be...Show more |