Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

CVEs (7,457)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-3305 1Google 1Chrome Jun 17, 2026 Nov 1, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in survey in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2022-32922 1Apple 4Ipados Iphone OsMacos+1 more Jun 17, 2026 Nov 1, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13. Processing maliciously crafted web content may lead to arbitrary code ex...Show more A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13. Processing maliciously crafted web content may lead to arbitrary code execution.Show less
CVE-2022-32914 1Apple 4Iphone Os MacosTvos+1 more Jun 17, 2026 Nov 1, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. An app may be able to execute arbitrary...Show more A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. An app may be able to execute arbitrary code with kernel privileges.Show less
CVE-2022-32903 1Apple 3Iphone Os TvosWatchos Jun 17, 2026 Nov 1, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 16, iOS 16, watchOS 9. An app may be able to execute arbitrary code with kernel privileges.
CVE-2022-26717 1Apple 7Ipados Iphone OsItunes+4 more Jun 17, 2026 Nov 1, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5, iTunes 12.12.4 for Windows. Processing mali...Show more A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5, iTunes 12.12.4 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.Show less
CVE-2022-26710 1Apple 5Ipados Iphone OsMacos+2 more Jun 17, 2026 Nov 1, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, tvOS 15.5, watchOS 8.6. Processing maliciously crafted web content may lead to a...Show more A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, tvOS 15.5, watchOS 8.6. Processing maliciously crafted web content may lead to arbitrary code execution.Show less
CVE-2022-26709 1Apple 6Ipados Iphone OsMacos+3 more Jun 17, 2026 Nov 1, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content...Show more A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution.Show less
CVE-2022-3304 1Google 1Chrome Jun 17, 2026 Nov 1, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in CSS in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2022-3370 1Google 1Chrome Jun 17, 2026 Nov 1, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in Custom Elements in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2022-43286 1F5 1Njs Jun 17, 2026 Oct 28, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Nginx NJS v0.7.2 was discovered to contain a heap-use-after-free bug caused by illegal memory copy in the function njs_json_parse_iterator_call at njs_json.c.
CVE-2022-3705 4Debian FedoraprojectNetapp+1 more 4Active Iq Unified Manager Debian LinuxFedora+1 more Jun 17, 2026 Oct 26, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qf_update_buffer of the file quickfix.c of the component autocmd Handler. The manipulation leads to use after free. T...Show more A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qf_update_buffer of the file quickfix.c of the component autocmd Handler. The manipulation leads to use after free. The attack may be launched remotely. Upgrading to version 9.0.0805 is able to address this issue. The name of the patch is d0fab10ed2a86698937e3c3fed2f10bd9bb5e731. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-212324.Show less
CVE-2022-3666 1Axiosys 1Bento4 Jun 17, 2026 Oct 26, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 A vulnerability, which was classified as critical, has been found in Axiomatic Bento4. Affected by this issue is the function AP4_LinearReader::Advance of the file Ap4LinearReader.cpp of the component mp42ts. The manipul...Show more A vulnerability, which was classified as critical, has been found in Axiomatic Bento4. Affected by this issue is the function AP4_LinearReader::Advance of the file Ap4LinearReader.cpp of the component mp42ts. The manipulation leads to use after free. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-212006 is the identifier assigned to this vulnerability.Show less
CVE-2022-3662 1Axiosys 1Bento4 Jun 17, 2026 Oct 26, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 A vulnerability was found in Axiomatic Bento4. It has been declared as critical. This vulnerability affects the function GetOffset of the file Ap4Sample.h of the component mp42hls. The manipulation leads to use after fre...Show more A vulnerability was found in Axiomatic Bento4. It has been declared as critical. This vulnerability affects the function GetOffset of the file Ap4Sample.h of the component mp42hls. The manipulation leads to use after free. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-212002 is the identifier assigned to this vulnerability.Show less
CVE-2022-38181 1Arm 3Bifrost Gpu Kernel Driver Midgard Gpu Kernel DriverValhall Gpu Kernel Driver Jun 17, 2026 Oct 25, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 The Arm Mali GPU kernel driver allows unprivileged users to access freed memory because GPU memory operations are mishandled. This affects Bifrost r0p0 through r38p1, and r39p0; Valhall r19p0 through r38p1, and r39p0; an...Show more The Arm Mali GPU kernel driver allows unprivileged users to access freed memory because GPU memory operations are mishandled. This affects Bifrost r0p0 through r38p1, and r39p0; Valhall r19p0 through r38p1, and r39p0; and Midgard r4p0 through r32p0.Show less
CVE-2022-43680 4Debian FedoraprojectLibexpat Project+1 more 12Active Iq Unified Manager Debian LinuxFedora+9 more Jun 17, 2026 Oct 24, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.
CVE-2022-3649 3Debian LinuxNetapp 7Active Iq Unified Manager Debian LinuxH300s Firmware+4 more Jun 17, 2026 Oct 21, 2022 N/A· v4 7.0 HIGH· v3 N/A· v2 A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It...Show more A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211992.Show less
CVE-2022-3640 3Debian FedoraprojectLinux 3Debian Linux FedoraLinux Kernel Jun 17, 2026 Oct 21, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function l2cap_conn_del of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after...Show more A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function l2cap_conn_del of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211944.Show less
CVE-2022-3636 2Debian Linux 2Debian Linux Linux Kernel Jun 17, 2026 Oct 21, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 A vulnerability, which was classified as critical, was found in Linux Kernel. This affects the function __mtk_ppe_check_skb of the file drivers/net/ethernet/mediatek/mtk_ppe.c of the component Ethernet Handler. The manip...Show more A vulnerability, which was classified as critical, was found in Linux Kernel. This affects the function __mtk_ppe_check_skb of the file drivers/net/ethernet/mediatek/mtk_ppe.c of the component Ethernet Handler. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211935.Show less
CVE-2022-3625 2Debian Linux 2Debian Linux Linux Kernel Jun 17, 2026 Oct 21, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The manipulation leads t...Show more A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211929 was assigned to this vulnerability.Show less
CVE-2022-39823 1Softing 2Opc Opc Ua C++ Software Development Kit Jun 17, 2026 Oct 20, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 An issue was discovered in Softing OPC UA C++ SDK 5.66 through 6.x before 6.10. An OPC/UA browse request exceeding the server limit on continuation points may cause a use-after-free error

Previous 1...207208209...373 Next