← Back
CWE-416

7,645 CVEs • Abstraction: Variant • Likelihood of Exploit: High

Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

JSON object

Loading...

CVEs (7,645)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
1Linux
1Linux Kernel
Jun 17, 2026
Oct 9, 2024
N/A· v4
5.5 MEDIUM· v3
N/A· v2
In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Set phy->enable_completion only when we wait for it pm8001_phy_control() populates the enable_completion pointer with a stack address, s...Show more
In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Set phy->enable_completion only when we wait for it pm8001_phy_control() populates the enable_completion pointer with a stack address, sends a PHY_LINK_RESET / PHY_HARD_RESET, waits 300 ms, and returns. The problem arises when a phy control response comes late. After 300 ms the pm8001_phy_control() function returns and the passed enable_completion stack address is no longer valid. Late phy control response invokes complete() on a dangling enable_completion pointer which leads to a kernel crash.Show less
1Adobe
1Substance 3d Stager
Jun 17, 2026
Oct 9, 2024
N/A· v4
7.8 HIGH· v3
N/A· v2
Substance3D - Stager versions 3.0.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user in...Show more
Substance3D - Stager versions 3.0.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
2Debian
Mozilla
3Debian Linux
FirefoxThunderbird
Jun 17, 2026
Oct 9, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. This vulnerability affec...Show more
An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. This vulnerability affects Firefox < 131.0.2, Firefox ESR < 128.3.1, Firefox ESR < 115.16.1, Thunderbird < 131.0.1, Thunderbird < 128.3.1, and Thunderbird < 115.16.0.Show less
1Adobe
1Animate
Jun 17, 2026
Oct 9, 2024
N/A· v4
7.8 HIGH· v3
N/A· v2
Animate versions 23.0.7, 24.0.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user intera...Show more
Animate versions 23.0.7, 24.0.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
1Adobe
1Animate
Jun 17, 2026
Oct 9, 2024
N/A· v4
7.8 HIGH· v3
N/A· v2
Animate versions 23.0.7, 24.0.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user intera...Show more
Animate versions 23.0.7, 24.0.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
1Adobe
1Animate
Jun 17, 2026
Oct 9, 2024
N/A· v4
7.8 HIGH· v3
N/A· v2
Animate versions 23.0.7, 24.0.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user intera...Show more
Animate versions 23.0.7, 24.0.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
1Adobe
1Animate
Jun 17, 2026
Oct 9, 2024
N/A· v4
7.8 HIGH· v3
N/A· v2
Animate versions 23.0.7, 24.0.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user intera...Show more
Animate versions 23.0.7, 24.0.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
1Adobe
1Animate
Jun 17, 2026
Oct 9, 2024
N/A· v4
7.8 HIGH· v3
N/A· v2
Animate versions 23.0.7, 24.0.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user intera...Show more
Animate versions 23.0.7, 24.0.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
1Adobe
1Dimension
Jun 17, 2026
Oct 9, 2024
N/A· v4
7.8 HIGH· v3
N/A· v2
Dimension versions 4.0.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction i...Show more
Dimension versions 4.0.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
1Microsoft
15Windows 10 1507
Windows 10 1607Windows 10 1809+12 more
Jun 17, 2026
Oct 8, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
Remote Desktop Client Remote Code Execution Vulnerability
1Microsoft
10Windows 10 1809
Windows 10 21h2Windows 10 22h2+7 more
Jun 17, 2026
Oct 8, 2024
N/A· v4
8.1 HIGH· v3
N/A· v2
Remote Desktop Protocol Server Remote Code Execution Vulnerability
1Microsoft
8Windows 10 21h2
Windows 10 22h2Windows 11 21h2+5 more
Jun 17, 2026
Oct 8, 2024
N/A· v4
8.3 HIGH· v3
N/A· v2
Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability
1Microsoft
15Windows 10 1507
Windows 10 1607Windows 10 1809+12 more
Jun 17, 2026
Oct 8, 2024
N/A· v4
7.0 HIGH· v3
N/A· v2
Windows Kernel Elevation of Privilege Vulnerability
1Microsoft
15Windows 10 1507
Windows 10 1607Windows 10 1809+12 more
Jun 17, 2026
Oct 8, 2024
N/A· v4
7.8 HIGH· v3
N/A· v2
Windows Graphics Component Elevation of Privilege Vulnerability
1Microsoft
4Windows 11 22h2
Windows 11 23h2Windows 11 24h2+1 more
Jun 17, 2026
Oct 8, 2024
N/A· v4
7.3 HIGH· v3
N/A· v2
Windows Shell Remote Code Execution Vulnerability
1Microsoft
15Windows 10 1507
Windows 10 1607Windows 10 1809+12 more
Jun 17, 2026
Oct 8, 2024
N/A· v4
7.0 HIGH· v3
N/A· v2
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
1Microsoft
6Windows 11 21h2
Windows 11 22h2Windows 11 23h2+3 more
Jun 17, 2026
Oct 8, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
Remote Desktop Client Remote Code Execution Vulnerability
1Microsoft
15Windows 10 1507
Windows 10 1607Windows 10 1809+12 more
Jun 17, 2026
Oct 8, 2024
N/A· v4
7.8 HIGH· v3
N/A· v2
Windows Graphics Component Elevation of Privilege Vulnerability
1Microsoft
4365 Apps
ExcelOffice+1 more
Jun 17, 2026
Oct 8, 2024
N/A· v4
7.8 HIGH· v3
N/A· v2
Microsoft Excel Remote Code Execution Vulnerability
1Microsoft
2.net
Visual Studio 2022
Jun 17, 2026
Oct 8, 2024
N/A· v4
8.1 HIGH· v3
N/A· v2
.NET and Visual Studio Remote Code Execution Vulnerability