Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

CVEs (7,541)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-3731 1Google 1Chrome Jun 17, 2026 Aug 1, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in Diagnostics in Google Chrome on ChromeOS prior to 115.0.5790.131 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Ext...Show more Use after free in Diagnostics in Google Chrome on ChromeOS prior to 115.0.5790.131 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)Show less
CVE-2023-3730 1Google 1Chrome Jun 17, 2026 Aug 1, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in Tab Groups in Google Chrome prior to 115.0.5790.98 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (C...Show more Use after free in Tab Groups in Google Chrome prior to 115.0.5790.98 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)Show less
CVE-2023-3729 1Google 1Chrome Jun 17, 2026 Aug 1, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in Splitscreen in Google Chrome on ChromeOS prior to 115.0.5790.131 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted U...Show more Use after free in Splitscreen in Google Chrome on ChromeOS prior to 115.0.5790.131 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions. (Chromium security severity: High)Show less
CVE-2023-3728 1Google 1Chrome Jun 17, 2026 Aug 1, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in WebRTC in Google Chrome prior to 115.0.5790.98 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-3727 1Google 1Chrome Jun 17, 2026 Aug 1, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in WebRTC in Google Chrome prior to 115.0.5790.98 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-4004 5Debian FedoraprojectLinux+2 more 8Debian Linux Enterprise LinuxFedora+5 more Jun 17, 2026 Jul 31, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the...Show more A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the system.Show less
CVE-2022-4924 1Google 1Chrome Jun 17, 2026 Jul 29, 2023 N/A· v4 9.6 CRITICAL· v3 N/A· v2 Use after free in WebRTC in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security sever...Show more Use after free in WebRTC in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)Show less
CVE-2022-4921 1Google 1Chrome Jun 17, 2026 Jul 29, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in Accessibility in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform arbitrary read/write via a crafted HTML page. (Chromium s...Show more Use after free in Accessibility in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Low)Show less
CVE-2022-4919 1Google 1Chrome Jun 17, 2026 Jul 29, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in Base Internals in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
CVE-2022-4918 1Google 1Chrome Jun 17, 2026 Jul 29, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in UI in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Medium)
CVE-2022-4916 1Google 1Chrome Jun 17, 2026 Jul 29, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in Media in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
CVE-2021-4322 1Google 1Chrome Jun 17, 2026 Jul 29, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in DevTools in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security sev...Show more Use after free in DevTools in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security severity: Medium)Show less
CVE-2021-4320 1Google 1Chrome Jun 17, 2026 Jul 29, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in Blink in Google Chrome prior to 92.0.4515.107 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Hig...Show more Use after free in Blink in Google Chrome prior to 92.0.4515.107 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)Show less
CVE-2021-4319 1Google 1Chrome Jun 17, 2026 Jul 29, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in Blink in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
CVE-2021-4317 1Google 1Chrome Jun 17, 2026 Jul 29, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
CVE-2023-38598 1Apple 5Ipados Iphone OsMacos+2 more Jun 17, 2026 Jul 28, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.6, macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Monterey 12.6.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, ma...Show more A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.6, macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Monterey 12.6.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges.Show less
CVE-2023-35993 1Apple 5Ipados Iphone OsMacos+2 more Jun 17, 2026 Jul 27, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 1...Show more A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges.Show less
CVE-2023-32433 1Apple 5Ipados Iphone OsMacos+2 more Jun 17, 2026 Jul 27, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 1...Show more A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges.Show less
CVE-2023-32381 1Apple 5Ipados Iphone OsMacos+2 more Jun 17, 2026 Jul 27, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.6.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may b...Show more A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.6.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges.Show less
CVE-2023-38669 1Paddlepaddle 1Paddlepaddle Jun 17, 2026 Jul 26, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Use after free in paddle.diagonal in PaddlePaddle before 2.5.0. This resulted in a potentially exploitable condition.

Previous 1...187188189...378 Next