CWE-416
7,549 CVEs • Abstraction: Variant • Likelihood of Exploit: High
Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
CVEs (7,549)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
2Debian Linux2Debian Linux Linux KernelJun 17, 2026 Jan 11, 2024 N/A· v4 7.0 HIGH· v3 N/A· v2 An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl in net/rose/af_rose.c has a use-after-free because of a rose_accept race condition. |
2Debian Linux2Debian Linux Linux KernelJun 17, 2026 Jan 11, 2024 N/A· v4 7.0 HIGH· v3 N/A· v2 An issue was discovered in the Linux kernel before 6.6.8. atalk_ioctl in net/appletalk/ddp.c has a use-after-free because of an atalk_recvmsg race condition. |
2Debian Linux2Debian Linux Linux KernelJun 17, 2026 Jan 11, 2024 N/A· v4 7.0 HIGH· v3 N/A· v2 An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race condition. |
A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Sonoma 14, iOS 17 and iPadOS 17. An app may be able to execute arbitrary code with kernel privileges. |
A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 17 and iPadOS 17, iOS 15.8.7 and iPadOS 15.8.7. An app may be able to execute arbitrary code with kernel privileges. |
1Apple 6Ipados Iphone OsMacos+3 moreJun 17, 2026 Jan 10, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 10, iOS 17 and iPadOS 17, tvOS 17, macOS Sonoma 14, Safari 17. Processing web content may lead to arbitrary code execut...Show more |
A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5, macOS Monterey 12.6.4. An app may be able to execute arbitrary code with kernel privi...Show more |
1Microsoft 13Windows 10 1507 Windows 10 1607Windows 10 1809+10 moreJun 17, 2026 Jan 9, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Remote Desktop Client Remote Code Execution Vulnerability |
1Microsoft 13Windows 10 1507 Windows 10 1607Windows 10 1809+10 moreJun 17, 2026 Jan 9, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Win32k Elevation of Privilege Vulnerability |
1Microsoft 7Windows 10 21h2 Windows 10 22h2Windows 11 21h2+4 moreJun 17, 2026 Jan 9, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Windows Subsystem for Linux Elevation of Privilege Vulnerability |
1Microsoft 6Windows Server 2008 Windows Server 2012Windows Server 2016+3 moreJun 17, 2026 Jan 9, 2024 N/A· v4 6.6 MEDIUM· v3 N/A· v2 Microsoft Online Certificate Status Protocol (OCSP) Remote Code Execution Vulnerability |
2Canonical Linux2Linux Kernel Ubuntu LinuxJun 17, 2026 Jan 8, 2024 N/A· v4 7.0 HIGH· v3 N/A· v2 io_uring UAF, Unix SCM garbage collection |
2Canonical Linux2Linux Kernel Ubuntu LinuxJun 17, 2026 Jan 8, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0. |
2Canonical Linux2Linux Kernel Ubuntu LinuxJun 17, 2026 Jan 8, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 It was discovered that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table was deleted. |
2Canonical Linux2Linux Kernel Ubuntu LinuxJun 17, 2026 Jan 8, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free. |
Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious...Show more |
Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious...Show more |
Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious...Show more |
Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious...Show more |
Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious...Show more |