CWE-416
7,541 CVEs • Abstraction: Variant • Likelihood of Exploit: High
Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
CVEs (7,541)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
.NET and Visual Studio Remote Code Execution Vulnerability |
Windows Hello Remote Code Execution Vulnerability |
1Microsoft 12Windows 10 1507 Windows 10 1607Windows 10 1809+9 moreJun 17, 2026 Jun 14, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Windows Media Remote Code Execution Vulnerability |
1Microsoft 5Windows 10 21h2 Windows 10 22h2Windows 11 21h2+2 moreJun 17, 2026 Jun 14, 2023 N/A· v4 7.0 HIGH· v3 N/A· v2 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
1Microsoft 12Windows 10 1507 Windows 10 1607Windows 10 1809+9 moreJun 17, 2026 Jun 14, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Windows GDI Elevation of Privilege Vulnerability |
3Debian FedoraprojectGoogle3Chrome Debian LinuxFedoraJun 17, 2026 Jun 13, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in WebXR in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
3Debian FedoraprojectGoogle3Chrome Debian LinuxFedoraJun 17, 2026 Jun 13, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in WebRTC in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
3Debian FedoraprojectGoogle3Chrome Debian LinuxFedoraJun 17, 2026 Jun 13, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) |
A use after free issue was discovered in driver/firewire in outbound_phy_packet_callback in the Linux Kernel. In this flaw a local attacker with special privilege may cause a use after free problem when queue_event() fai...Show more |
NanoMQ 0.16.5 is vulnerable to heap-use-after-free in the nano_ctx_send function of nmq_mqtt.c. |
3Debian LinuxNetapp3Debian Linux Hci Baseboard Management ControllerLinux KernelJun 17, 2026 Jun 9, 2023 N/A· v4 7.1 HIGH· v3 N/A· v2 A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel...Show more |
A use-after-free vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function nni_mqtt_msg_get_publish_property() in the file mqtt_msg.c. This vulnerability is caused by improper data...Show more |
CPython v3.12.0 alpha 7 was discovered to contain a heap use-after-free via the function ascii_decode at /Objects/unicodeobject.c. |
Apache Guacamole 0.9.10 through 1.5.1 may continue to reference a freed RDP audio input buffer. Depending on timing, this may allow an attacker to execute arbitrary code with the privileges of the guacd process.
|
1Hornerautomation 2Cscape Cscape EnvisionrvJun 17, 2026 Jun 6, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to a use-after-free vulnerability. An attacker could leverage this vulnerabi...Show more |
2Google Linuxfoundation3Android Iot YoctoYoctoJun 17, 2026 Jun 6, 2023 N/A· v4 6.7 MEDIUM· v3 N/A· v2 In vcu, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07...Show more |
1Qualcomm 49Aqt1000 Firmware Qam8255p FirmwareQca6420 Firmware+46 moreJun 17, 2026 Jun 6, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption due to use after free in Core when multiple DCI clients register and deregister. |
3Debian LinuxNetapp7Debian Linux H300s FirmwareH410c Firmware+4 moreJun 17, 2026 Jun 5, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw can be triggered by calling btrfs_ioctl_balance() before calling btrfs_ioctl_defra...Show more |
An attacker could have caused memory corruption and a potentially exploitable use-after-free of a pointer in a global object's debugger vector. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Foc...Show more |
1Mozilla 4Firefox Firefox EsrFocus+1 moreJun 17, 2026 Jun 2, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash. This vulnerability aff...Show more |