Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

CVEs (7,539)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-28469 1Arm 2Avalon Gpu Kernel Driver Valhall Gpu Kernel Driver Jun 17, 2026 Jun 2, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Valhall r29p0 through r42p0 before r43p0,...Show more An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Valhall r29p0 through r42p0 before r43p0, and Arm's GPU Architecture Gen5 r41p0 through r42p0 before r43p0.Show less
CVE-2023-2985 1Linux 1Linux Kernel Jun 17, 2026 Jun 1, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 A use after free flaw was found in hfsplus_put_super in fs/hfsplus/super.c in the Linux Kernel. This flaw could allow a local user to cause a denial of service problem.
CVE-2023-2598 2Linux Netapp 2Hci Baseboard Management Controller Linux Kernel Jun 17, 2026 Jun 1, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 A flaw was found in the fixed buffer registration code for io_uring (io_sqe_buffer_register in io_uring/rsrc.c) in the Linux kernel that allows out-of-bounds access to physical memory beyond the end of the buffer. This f...Show more A flaw was found in the fixed buffer registration code for io_uring (io_sqe_buffer_register in io_uring/rsrc.c) in the Linux kernel that allows out-of-bounds access to physical memory beyond the end of the buffer. This flaw enables full local privilege escalation.Show less
CVE-2023-2933 1Google 1Chrome Jun 17, 2026 May 30, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in PDF in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)
CVE-2023-2932 1Google 1Chrome Jun 17, 2026 May 30, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in PDF in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)
CVE-2023-2931 1Google 1Chrome Jun 17, 2026 May 30, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in PDF in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)
CVE-2023-2930 1Google 1Chrome Jun 17, 2026 May 30, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in Extensions in Google Chrome prior to 114.0.5735.90 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium sec...Show more Use after free in Extensions in Google Chrome prior to 114.0.5735.90 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)Show less
CVE-2023-28319 3Apple HaxxNetapp 8Clustered Data Ontap CurlH300s Firmware+5 more Jun 17, 2026 May 26, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 A use after free vulnerability exists in curl <v8.1.0 in the way libcurl offers a feature to verify an SSH server's public key using a SHA 256 hash. When this check fails, libcurl would free the memory for the fingerprin...Show more A use after free vulnerability exists in curl <v8.1.0 in the way libcurl offers a feature to verify an SSH server's public key using a SHA 256 hash. When this check fails, libcurl would free the memory for the fingerprint before it returns an error message containing the (now freed) hash. This flaw risks inserting sensitive heap-based data into the error message that might be shown to users or otherwise get leaked and revealed.Show less
CVE-2023-31518 1Teeworlds 1Teeworlds Jun 17, 2026 May 23, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 A heap use-after-free in the component CDataFileReader::GetItem of teeworlds v0.7.5 allows attackers to cause a Denial of Service (DoS) via a crafted map file.
CVE-2023-33288 1Linux 1Linux Kernel Jun 17, 2026 May 22, 2023 N/A· v4 4.7 MEDIUM· v3 N/A· v2 An issue was discovered in the Linux kernel before 6.2.9. A use-after-free was found in bq24190_remove in drivers/power/supply/bq24190_charger.c. It could allow a local attacker to crash the system due to a race conditio...Show more An issue was discovered in the Linux kernel before 6.2.9. A use-after-free was found in bq24190_remove in drivers/power/supply/bq24190_charger.c. It could allow a local attacker to crash the system due to a race condition.Show less
CVE-2020-36694 1Linux 1Linux Kernel Jun 17, 2026 May 21, 2023 N/A· v4 6.7 MEDIUM· v3 N/A· v2 An issue was discovered in netfilter in the Linux kernel before 5.10. There can be a use-after-free in the packet processing context, because the per-CPU sequence count is mishandled during concurrent iptables rules repl...Show more An issue was discovered in netfilter in the Linux kernel before 5.10. There can be a use-after-free in the packet processing context, because the per-CPU sequence count is mishandled during concurrent iptables rules replacement. This could be exploited with the CAP_NET_ADMIN capability in an unprivileged namespace. NOTE: cc00bca was reverted in 5.12.Show less
CVE-2023-33250 2Linux Netapp 5H300s Firmware H410s FirmwareH500s Firmware+2 more Jun 17, 2026 May 21, 2023 N/A· v4 4.4 MEDIUM· v3 N/A· v2 The Linux kernel 6.3 has a use-after-free in iopt_unmap_iova_range in drivers/iommu/iommufd/io_pagetable.c.
CVE-2023-30470 1Facebook 1Hermes Jun 17, 2026 May 18, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A use-after-free related to unsound inference in the bytecode generation when optimizations are enabled for Hermes prior to commit da8990f737ebb9d9810633502f65ed462b819c09 could have been used by an attacker to achieve r...Show more A use-after-free related to unsound inference in the bytecode generation when optimizations are enabled for Hermes prior to commit da8990f737ebb9d9810633502f65ed462b819c09 could have been used by an attacker to achieve remote code execution. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected.Show less
CVE-2023-28081 1Facebook 1Hermes Jun 17, 2026 May 18, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A bytecode optimization bug in Hermes prior to commit e6ed9c1a4b02dc219de1648f44cd808a56171b81 could be used to cause an use-after-free and obtain arbitrary code execution via a carefully crafted payload. Note that this...Show more A bytecode optimization bug in Hermes prior to commit e6ed9c1a4b02dc219de1648f44cd808a56171b81 could be used to cause an use-after-free and obtain arbitrary code execution via a carefully crafted payload. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected.Show less
CVE-2023-24833 1Facebook 1Hermes Jun 17, 2026 May 18, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 A use-after-free in BigIntPrimitive addition in Hermes prior to commit a6dcafe6ded8e61658b40f5699878cd19a481f80 could have been used by an attacker to leak raw data from Hermes VM’s heap. Note that this is only exploitab...Show more A use-after-free in BigIntPrimitive addition in Hermes prior to commit a6dcafe6ded8e61658b40f5699878cd19a481f80 could have been used by an attacker to leak raw data from Hermes VM’s heap. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected.Show less
CVE-2023-1195 1Linux 1Linux Kernel Jun 17, 2026 May 18, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 A use-after-free flaw was found in reconn_set_ipaddr_from_hostname in fs/cifs/connect.c in the Linux kernel. The issue occurs when it forgets to set the free pointer server->hostname to NULL, leading to an invalid pointe...Show more A use-after-free flaw was found in reconn_set_ipaddr_from_hostname in fs/cifs/connect.c in the Linux kernel. The issue occurs when it forgets to set the free pointer server->hostname to NULL, leading to an invalid pointer request.Show less
CVE-2023-1859 1Linux 1Linux Kernel Jun 17, 2026 May 17, 2023 N/A· v4 4.7 MEDIUM· v3 N/A· v2 A use-after-free flaw was found in xen_9pfs_front_removet in net/9p/trans_xen.c in Xen transport for 9pfs in the Linux Kernel. This flaw could allow a local attacker to crash the system due to a race problem, possibly le...Show more A use-after-free flaw was found in xen_9pfs_front_removet in net/9p/trans_xen.c in Xen transport for 9pfs in the Linux Kernel. This flaw could allow a local attacker to crash the system due to a race problem, possibly leading to a kernel information leak.Show less
CVE-2023-2203 2Redhat Webkitgtk 5Enterprise Linux Enterprise Linux EusEnterprise Linux Server Aus+2 more Jun 17, 2026 May 17, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 A flaw was found in the WebKitGTK package. An improper input validation issue may lead to a use-after-free vulnerability. This flaw allows attackers with network access to pass specially crafted web content files, causin...Show more A flaw was found in the WebKitGTK package. An improper input validation issue may lead to a use-after-free vulnerability. This flaw allows attackers with network access to pass specially crafted web content files, causing a denial of service or arbitrary code execution. This CVE exists because of a CVE-2023-28205 security regression for the WebKitGTK package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2.Show less
CVE-2023-31725 1Yasm Project 1Yasm Jun 17, 2026 May 17, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 yasm 1.3.0.55.g101bc was discovered to contain a heap-use-after-free via the function expand_mmac_params at yasm/modules/preprocs/nasm/nasm-pp.c.
CVE-2023-2725 3Debian FedoraprojectGoogle 3Chrome Debian LinuxFedora Jun 17, 2026 May 16, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in Guest View in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium se...Show more Use after free in Guest View in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)Show less

Previous 1...193194195...377 Next