← Back
CWE-416

7,674 CVEs • Abstraction: Variant • Likelihood of Exploit: High

Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

JSON object

Loading...

CVEs (7,674)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
1Adobe
1Substance 3d Stager
Jun 17, 2026
May 13, 2025
N/A· v4
7.8 HIGH· v3
N/A· v2
Substance3D - Stager versions 3.1.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user in...Show more
Substance3D - Stager versions 3.1.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
1Adobe
1Substance 3d Stager
Jun 17, 2026
May 13, 2025
N/A· v4
7.8 HIGH· v3
N/A· v2
Substance3D - Stager versions 3.1.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user in...Show more
Substance3D - Stager versions 3.1.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
1Adobe
1Substance 3d Stager
Jun 17, 2026
May 13, 2025
N/A· v4
7.8 HIGH· v3
N/A· v2
Substance3D - Stager versions 3.1.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user in...Show more
Substance3D - Stager versions 3.1.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
1Intel
1Proset/wireless Wifi
Jun 17, 2026
May 13, 2025
7.0 HIGH· v4
6.1 MEDIUM· v3
N/A· v2
Use after free for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
1Intel
1Proset/wireless Wifi
Jun 17, 2026
May 13, 2025
7.2 HIGH· v4
8.0 HIGH· v3
N/A· v2
Use after free for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
1Intel
1Proset/wireless Wifi
Jun 17, 2026
May 13, 2025
8.3 HIGH· v4
7.4 HIGH· v3
N/A· v2
Use after free for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
1Microsoft
15Windows 10 1507
Windows 10 1607Windows 10 1809+12 more
Jun 17, 2026
May 13, 2025
N/A· v4
7.8 HIGH· v3
N/A· v2
Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
1Microsoft
15Windows 10 1507
Windows 10 1607Windows 10 1809+12 more
Jun 17, 2026
May 13, 2025
N/A· v4
7.8 HIGH· v3
N/A· v2
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
1Microsoft
10Windows 10 1809
Windows 10 21h2Windows 10 22h2+7 more
Jun 17, 2026
May 13, 2025
N/A· v4
7.8 HIGH· v3
N/A· v2
Use after free in Windows DWM allows an authorized attacker to elevate privileges locally.
1Microsoft
2365 Apps
Office Long Term Servicing Channel
Jun 17, 2026
May 13, 2025
N/A· v4
7.8 HIGH· v3
N/A· v2
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
1Microsoft
4365 Apps
365 CopilotOffice+1 more
Jun 17, 2026
May 13, 2025
N/A· v4
7.8 HIGH· v3
N/A· v2
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
1Microsoft
14Windows 10 1607
Windows 10 1809Windows 10 21h2+11 more
Jun 17, 2026
May 13, 2025
N/A· v4
7.8 HIGH· v3
N/A· v2
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
1Microsoft
5365 Apps
ExcelOffice+2 more
Jun 17, 2026
May 13, 2025
N/A· v4
7.8 HIGH· v3
N/A· v2
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
1Microsoft
2365 Apps
Office Long Term Servicing Channel
Jun 17, 2026
May 13, 2025
N/A· v4
7.8 HIGH· v3
N/A· v2
Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.
1Microsoft
5365 Apps
ExcelOffice+2 more
Jun 17, 2026
May 13, 2025
N/A· v4
7.8 HIGH· v3
N/A· v2
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
1Microsoft
3Windows 11 24h2
Windows Server 2022 23h2Windows Server 2025
Jun 17, 2026
May 13, 2025
N/A· v4
7.8 HIGH· v3
N/A· v2
Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.
1Microsoft
8Windows 10 21h2
Windows 10 22h2Windows 11 22h2+5 more
Jun 17, 2026
May 13, 2025
N/A· v4
7.0 HIGH· v3
N/A· v2
Concurrent execution using shared resource with improper synchronization ('race condition') in Universal Print Management Service allows an authorized attacker to elevate privileges locally.
1Microsoft
7Windows Server 2008
Windows Server 2012Windows Server 2016+4 more
Jun 17, 2026
May 13, 2025
N/A· v4
7.5 HIGH· v3
N/A· v2
Use after free in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.
1Apple
6Ipados
Iphone OsMacos+3 more
Jun 17, 2026
May 12, 2025
N/A· v4
4.3 MEDIUM· v3
N/A· v2
A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6, tvOS 18.5, visionOS 2.5...Show more
A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6, tvOS 18.5, visionOS 2.5, watchOS 11.5. Parsing a file may lead to an unexpected app termination.Show less
1Linux
1Linux Kernel
Jun 17, 2026
May 10, 2025
N/A· v4
7.8 HIGH· v3
N/A· v2
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition In btsdio_probe, the data->work is bound with btsdio_work. It will be...Show more
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition In btsdio_probe, the data->work is bound with btsdio_work. It will be started in btsdio_send_frame. If the btsdio_remove runs with a unfinished work, there may be a race condition that hdev is freed but used in btsdio_work. Fix it by canceling the work before do cleanup in btsdio_remove.Show less