Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

CVEs (7,529)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-28980 1Juniper 2Junos Junos Os Evolved Jun 17, 2026 Apr 17, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 A Use After Free vulnerability in the routing protocol daemon of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause Denial of Service (DoS). In a rib shard...Show more A Use After Free vulnerability in the routing protocol daemon of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause Denial of Service (DoS). In a rib sharding scenario the rpd process will crash shortly after specific CLI command is issued. This issue is more likely to occur in a scenario with high route scale (>1M routes). This issue affects: Juniper Networks Junos OS * 20.2 version 20.2R3-S5 and later versions prior to 20.2R3-S6; * 20.3 version 20.3R3-S2 and later versions prior to 20.3R3-S5; * 20.4 version 20.4R3-S1 and later versions prior to 20.4R3-S4 * 21.1 version 21.1R3 and later versions prior to 21.1R3-S3; * 21.2 version 21.2R1-S2, 21.2R2-S1 and later versions prior to 21.2R3-S2; * 21.3 version 21.3R2 and later versions prior to 21.3R3; * 21.4 versions prior to 21.4R2-S1, 21.4R3; * 22.1 versions prior to 22.1R2. Juniper Networks Junos OS Evolved * 20.4-EVO version 20.4R3-S1-EVO and later versions prior to 20.4R3-S6-EVO; * 21.2-EVO version 21.2R1-S2-EVO and later versions prior to 21.2R3-S4-EVO; * 21.3-EVO version 21.3R2-EVO and later versions prior to 21.3R3-S1-EVO; * 21.4-EVO versions prior to 21.4R2-S1-EVO, 21.4R3-EVO; * 22.1-EVO versions prior to 22.1R2-EVO. Show less
CVE-2023-30772 1Linux 1Linux Kernel Jun 17, 2026 Apr 16, 2023 N/A· v4 6.4 MEDIUM· v3 N/A· v2 The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/power/supply/da9150-charger.c if a physically proximate attacker unplugs a device.
CVE-2023-29132 1Irssi 1Irssi Jun 17, 2026 Apr 14, 2023 N/A· v4 5.3 MEDIUM· v3 N/A· v2 Irssi 1.3.x and 1.4.x before 1.4.4 has a use-after-free because of use of a stale special collector reference. This occurs when printing of a non-formatted line is concurrent with printing of a formatted line.
CVE-2023-26414 1Adobe 1Substance 3d Designer Jun 17, 2026 Apr 13, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Adobe Substance 3D Designer version 12.4.0 (and earlier) is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires...Show more Adobe Substance 3D Designer version 12.4.0 (and earlier) is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2023-26410 1Adobe 1Substance 3d Designer Jun 17, 2026 Apr 13, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Adobe Substance 3D Designer version 12.4.0 (and earlier) is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires...Show more Adobe Substance 3D Designer version 12.4.0 (and earlier) is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2022-33298 1Qualcomm 77Aqt1000 Firmware Qca6310 FirmwareQca6320 Firmware+74 more Jun 17, 2026 Apr 13, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption due to use after free in Modem while modem initialization.
CVE-2023-26392 1Adobe 1Substance 3d Stager Jun 17, 2026 Apr 12, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires us...Show more Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2023-26384 1Adobe 1Substance 3d Stager Jun 17, 2026 Apr 12, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires us...Show more Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2023-22235 1Adobe 1Incopy Jun 17, 2026 Apr 12, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 InCopy versions 18.1 (and earlier), 17.4 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires...Show more InCopy versions 18.1 (and earlier), 17.4 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2023-26424 1Adobe 4Acrobat Acrobat DcAcrobat Reader+1 more Jun 17, 2026 Apr 12, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exp...Show more Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2023-26423 1Adobe 4Acrobat Acrobat DcAcrobat Reader+1 more Jun 17, 2026 Apr 12, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exp...Show more Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2023-26422 1Adobe 4Acrobat Acrobat DcAcrobat Reader+1 more Jun 17, 2026 Apr 12, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exp...Show more Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2023-26420 1Adobe 4Acrobat Acrobat DcAcrobat Reader+1 more Jun 17, 2026 Apr 12, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exp...Show more Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2023-26419 1Adobe 4Acrobat Acrobat DcAcrobat Reader+1 more Jun 17, 2026 Apr 12, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exp...Show more Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2023-26418 1Adobe 4Acrobat Acrobat DcAcrobat Reader+1 more Jun 17, 2026 Apr 12, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exp...Show more Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2023-26417 1Adobe 4Acrobat Acrobat DcAcrobat Reader+1 more Jun 17, 2026 Apr 12, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exp...Show more Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2023-1990 1Linux 1Linux Kernel Jun 17, 2026 Apr 12, 2023 N/A· v4 4.7 MEDIUM· v3 N/A· v2 A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.
CVE-2023-1872 2Debian Linux 2Debian Linux Linux Kernel Jun 17, 2026 Apr 12, 2023 N/A· v4 7.0 HIGH· v3 N/A· v2 A use-after-free vulnerability in the Linux Kernel io_uring system can be exploited to achieve local privilege escalation. The io_file_get_fixed function lacks the presence of ctx->uring_lock which can lead to a Use-Aft...Show more A use-after-free vulnerability in the Linux Kernel io_uring system can be exploited to achieve local privilege escalation. The io_file_get_fixed function lacks the presence of ctx->uring_lock which can lead to a Use-After-Free vulnerability due a race condition with fixed files getting unregistered. We recommend upgrading past commit da24142b1ef9fd5d36b76e36bab328a5b27523e8.Show less
CVE-2023-1829 1Linux 1Linux Kernel Jun 17, 2026 Apr 12, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The tcindex_delete function which does not properly deactivate filters in...Show more A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The tcindex_delete function which does not properly deactivate filters in case of a perfect hashes while deleting the underlying structure which can later lead to double freeing the structure. A local attacker user can use this vulnerability to elevate its privileges to root. We recommend upgrading past commit 8c710f75256bb3cf05ac7b1672c82b92c43f3d28.Show less
CVE-2023-28308 1Microsoft 5Windows Server 2008 Windows Server 2012Windows Server 2016+2 more Jun 17, 2026 Apr 11, 2023 N/A· v4 6.6 MEDIUM· v3 N/A· v2 Windows DNS Server Remote Code Execution Vulnerability

Previous 1...195196197...377 Next