CWE-416
7,549 CVEs • Abstraction: Variant • Likelihood of Exploit: High
Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
CVEs (7,549)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
A use-after-free vulnerability exists in the way Foxit Reader 12.1.2.15356 handles 3D annotations. A specially crafted Javascript code inside a malicious PDF document can trigger reuse of a previously freed object, which...Show more |
Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a `:s` command for the very first time and using a sub-replace-special atom inside the substitution part, it i...Show more |
2Debian Mozilla4Debian Linux FirefoxFirefox Esr+1 moreJun 17, 2026 Nov 21, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Ownership mismanagement led to a use-after-free in ReadableByteStreams This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5. |
2Debian Mozilla4Debian Linux FirefoxFirefox Esr+1 moreJun 17, 2026 Nov 21, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 It was possible to cause the use of a MessagePort after it had already been freed, which could potentially have led to an exploitable crash. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbir...Show more |
2Fedoraproject Imagemagick3Extra Packages For Enterprise Linux FedoraImagemagickJun 17, 2026 Nov 19, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 A heap use-after-free flaw was found in coders/bmp.c in ImageMagick. |
Liblisp through commit 4c65969 was discovered to contain a use-after-free vulnerability in void hash_destroy(hash_table_t *h) at hash.c |
Vim is an open source command line text editor. When closing a window, vim may try to access already freed window structure. Exploitation beyond crashing the application has not been shown to be viable. This issue has be...Show more |
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability |
Adobe Premiere Pro version 24.0 (and earlier) and 23.6 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this i...Show more |
Adobe Bridge versions 13.0.4 (and earlier) and 14.0.0 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypas...Show more |
1Adobe 4Acrobat Acrobat DcAcrobat Reader+1 moreJun 17, 2026 Nov 16, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exp...Show more |
1Adobe 4Acrobat Acrobat DcAcrobat Reader+1 moreJun 17, 2026 Nov 16, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exp...Show more |
1Adobe 4Acrobat Acrobat DcAcrobat Reader+1 moreJun 17, 2026 Nov 16, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exp...Show more |
1Adobe 4Acrobat Acrobat DcAcrobat Reader+1 moreJun 17, 2026 Nov 16, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vu...Show more |
1Adobe 4Acrobat Acrobat DcAcrobat Reader+1 moreJun 17, 2026 Nov 16, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exp...Show more |
1Adobe 4Acrobat Acrobat DcAcrobat Reader+1 moreJun 17, 2026 Nov 16, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exp...Show more |
GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a heap-use-after-free via the flush_ref_samples function at /gpac/src/isomedia/movie_fragments.c. |
3Debian FedoraprojectGoogle3Chrome Debian LinuxFedoraJun 17, 2026 Nov 15, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in Navigation in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
3Debian FedoraprojectGoogle3Chrome Debian LinuxFedoraJun 17, 2026 Nov 15, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in Garbage Collection in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
1Intel 1Aptio V Uefi Firmware Integrator Tools Jun 17, 2026 Nov 14, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Use after free in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allowed an authenticated user to potentially enable denial of service via local access. |