CWE-416
7,666 CVEs • Abstraction: Variant • Likelihood of Exploit: High
Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
CVEs (7,666)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Microsoft 15Windows 10 1507 Windows 10 1607Windows 10 1809+12 moreJun 17, 2026 Apr 8, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in RPC Endpoint Mapper Service allows an authorized attacker to elevate privileges locally. |
1Microsoft 7Windows Server 2008 Windows Server 2012Windows Server 2016+4 moreJun 17, 2026 Apr 8, 2025 N/A· v4 8.1 HIGH· v3 N/A· v2 Use after free in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network. |
1Microsoft 15Windows 10 1507 Windows 10 1607Windows 10 1809+12 moreJun 17, 2026 Apr 8, 2025 N/A· v4 8.1 HIGH· v3 N/A· v2 Use after free in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to execute code over a network. |
1Microsoft 15Windows 10 1507 Windows 10 1607Windows 10 1809+12 moreJun 17, 2026 Apr 8, 2025 N/A· v4 8.1 HIGH· v3 N/A· v2 Use after free in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to execute code over a network. |
1Microsoft 6Windows 11 22h2 Windows 11 23h2Windows 11 24h2+3 moreJun 17, 2026 Apr 8, 2025 N/A· v4 7.0 HIGH· v3 N/A· v2 Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Secure Channel allows an authorized attacker to elevate privileges locally. |
1Microsoft 15Windows 10 1507 Windows 10 1607Windows 10 1809+12 moreJun 17, 2026 Apr 8, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Sensitive data storage in improperly locked memory in Windows Kernel allows an authorized attacker to elevate privileges locally. |
1Microsoft 9Windows 10 1809 Windows 10 21h2Windows 10 22h2+6 moreJun 17, 2026 Apr 8, 2025 N/A· v4 7.0 HIGH· v3 N/A· v2 Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally. |
c-ares is an asynchronous resolver library. From 1.32.3 through 1.34.4, there is a use-after-free in read_answers() when process_answer() may re-enqueue a query either due to a DNS Cookie Failure or when the upstream ser...Show more |
1Qualcomm 31Qam8255p Firmware Qam8295p FirmwareQam8620p Firmware+28 moreJun 17, 2026 Apr 7, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption while processing memory map or unmap IOCTL operations simultaneously. |
1Qualcomm 25Fastconnect 7800 Firmware Qmp1000 FirmwareSm8735 Firmware+22 moreJun 17, 2026 Apr 7, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption may occur while initiating two IOCTL calls simultaneously to create processes from two different threads. |
1Qualcomm 145Ar8035 Firmware Fastconnect 6200 FirmwareFastconnect 6700 Firmware+142 moreJun 17, 2026 Apr 7, 2025 N/A· v4 6.7 MEDIUM· v3 N/A· v2 Memory corruption while processing multiple IOCTL calls from HLOS to DSP. |
1Qualcomm 44C V2x 9150 Firmware Fastconnect 6800 FirmwareFastconnect 6900 Firmware+41 moreJun 17, 2026 Apr 7, 2025 N/A· v4 6.6 MEDIUM· v3 N/A· v2 Memory corruption while processing IOCTL calls to add route entry in the HW. |
1Qualcomm 68C V2x 9150 Firmware Fastconnect 6200 FirmwareFastconnect 6800 Firmware+65 moreJun 17, 2026 Apr 7, 2025 N/A· v4 6.6 MEDIUM· v3 N/A· v2 Memory corruption while invoking IOCTL map buffer request from userspace. |
1Qualcomm 98Csrb31024 Firmware Fastconnect 6200 FirmwareFastconnect 6700 Firmware+95 moreJun 17, 2026 Apr 7, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption while handling file descriptor during listener registration/de-registration. |
In PHP versions 8.3.* before 8.3.19 and 8.4.* before 8.4.5, a code sequence involving __set handler or ??= operator and exceptions can lead to a use-after-free vulnerability. If the third party can control the memory la...Show more |
Use after free in Microsoft Edge (Chromium-based) allows an authorized attacker to execute code over a network. |
XZ Utils provide a general-purpose data-compression library plus command-line tools. In XZ Utils 5.3.3alpha to 5.8.0, the multithreaded .xz decoder in liblzma has a bug where invalid input can at least result in a crash....Show more |
In the Linux kernel, the following vulnerability has been resolved:
net: atm: fix use after free in lec_send()
The ->send() operation frees skb so save the length before calling
->send() to avoid a use after free. |
In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in proc_get_inode() Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde->proc_ops don't belong to /proc, it...Show more |
Use after free in Site Isolation in Google Chrome prior to 135.0.7049.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |