Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

CVEs (7,457)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-3449 1Google 1Chrome Jun 17, 2026 Nov 9, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in Safe Browsing in Google Chrome prior to 106.0.5249.119 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (C...Show more Use after free in Safe Browsing in Google Chrome prior to 106.0.5249.119 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)Show less
CVE-2022-3448 1Google 1Chrome Jun 17, 2026 Nov 9, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in Permissions API in Google Chrome prior to 106.0.5249.119 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page....Show more Use after free in Permissions API in Google Chrome prior to 106.0.5249.119 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)Show less
CVE-2022-3445 1Google 1Chrome Jun 17, 2026 Nov 9, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in Skia in Google Chrome prior to 106.0.5249.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2022-3888 2Debian Google 2Chrome Debian Linux Jun 17, 2026 Nov 9, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in WebCodecs in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2022-3887 2Debian Google 2Chrome Debian Linux Jun 17, 2026 Nov 9, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in Web Workers in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2022-3886 2Debian Google 2Chrome Debian Linux Jun 17, 2026 Nov 9, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in Speech Recognition in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2022-3885 2Debian Google 2Chrome Debian Linux Jun 17, 2026 Nov 9, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in V8 in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2022-20447 1Google 1Android Jun 17, 2026 Nov 8, 2022 N/A· v4 6.5 MEDIUM· v3 N/A· v2 In PAN_WriteBuf of pan_api.cc, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interact...Show more In PAN_WriteBuf of pan_api.cc, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-233604485Show less
CVE-2022-32607 1Google 1Android Jun 17, 2026 Nov 8, 2022 N/A· v4 6.7 MEDIUM· v3 N/A· v2 In aee, there is a possible use after free due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch I...Show more In aee, there is a possible use after free due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07202891; Issue ID: ALPS07202891.Show less
CVE-2022-41663 1Siemens 2Jt2go Teamcenter Visualization Jun 17, 2026 Nov 8, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 A vulnerability has been identified in JT2Go (All versions < V14.1.0.4), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.7), Teamcenter Visualization V1...Show more A vulnerability has been identified in JT2Go (All versions < V14.1.0.4), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.7), Teamcenter Visualization V14.0 (All versions < V14.0.0.3), Teamcenter Visualization V14.1 (All versions < V14.1.0.4). The affected applications contain a use-after-free vulnerability that could be triggered while parsing specially crafted CGM files. An attacker could leverage this vulnerability to execute code in the context of the current process.Show less
CVE-2021-39432 1Diplib 1Diplib Jun 17, 2026 Nov 4, 2022 N/A· v4 6.5 MEDIUM· v3 N/A· v2 diplib v3.0.0 is vulnerable to Double Free.
CVE-2022-3659 1Google 1Chrome Jun 17, 2026 Nov 1, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in Accessibility in Google Chrome on Chrome OS prior to 107.0.5304.62 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specifi...Show more Use after free in Accessibility in Google Chrome on Chrome OS prior to 107.0.5304.62 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific UI interactions. (Chromium security severity: Medium)Show less
CVE-2022-3658 1Google 1Chrome Jun 17, 2026 Nov 1, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in Feedback service on Chrome OS in Google Chrome on Chrome OS prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via sp...Show more Use after free in Feedback service on Chrome OS in Google Chrome on Chrome OS prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: Medium)Show less
CVE-2022-3657 1Google 1Chrome Jun 17, 2026 Nov 1, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in Extensions in Google Chrome prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chrom...Show more Use after free in Extensions in Google Chrome prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Medium)Show less
CVE-2022-3654 1Google 1Chrome Jun 17, 2026 Nov 1, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in Layout in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2022-42829 1Apple 3Ipados Iphone OsMacos Jun 17, 2026 Nov 1, 2022 N/A· v4 6.7 MEDIUM· v3 N/A· v2 A use after free issue was addressed with improved memory management. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app with root privileges may be able to execute arbitrary code with kernel privile...Show more A use after free issue was addressed with improved memory management. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app with root privileges may be able to execute arbitrary code with kernel privileges.Show less
CVE-2022-3314 1Google 1Chrome Jun 17, 2026 Nov 1, 2022 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Use after free in logging in Google Chrome prior to 106.0.5249.62 allowed a remote attacker who had compromised a WebUI process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity...Show more Use after free in logging in Google Chrome prior to 106.0.5249.62 allowed a remote attacker who had compromised a WebUI process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)Show less
CVE-2022-3311 1Google 1Chrome Jun 17, 2026 Nov 1, 2022 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Use after free in import in Google Chrome prior to 106.0.5249.62 allowed a remote attacker who had compromised a WebUI process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity:...Show more Use after free in import in Google Chrome prior to 106.0.5249.62 allowed a remote attacker who had compromised a WebUI process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)Show less
CVE-2022-3309 1Google 1Chrome Jun 17, 2026 Nov 1, 2022 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Use after free in assistant in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via specific UI ges...Show more Use after free in assistant in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via specific UI gestures. (Chromium security severity: Medium)Show less
CVE-2022-3306 1Google 1Chrome Jun 17, 2026 Nov 1, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in survey in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Previous 1...206207208...373 Next