Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

CVEs (7,457)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-3620 2Exim Fedoraproject 2Exim Fedora Jun 17, 2026 Oct 20, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A vulnerability was found in Exim and classified as problematic. This issue affects the function dmarc_dns_lookup of the file dmarc.c of the component DMARC Handler. The manipulation leads to use after free. The attack m...Show more A vulnerability was found in Exim and classified as problematic. This issue affects the function dmarc_dns_lookup of the file dmarc.c of the component DMARC Handler. The manipulation leads to use after free. The attack may be initiated remotely. The name of the patch is 12fb3842f81bcbd4a4519d5728f2d7e0e3ca1445. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211919.Show less
CVE-2022-3586 2Debian Linux 2Debian Linux Linux Kernel Jun 17, 2026 Oct 19, 2022 N/A· v4 5.5 MEDIUM· v3 N/A· v2 A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a chi...Show more A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service.Show less
CVE-2022-43033 1Axiosys 1Bento4 Jun 17, 2026 Oct 19, 2022 N/A· v4 6.5 MEDIUM· v3 N/A· v2 An issue was discovered in Bento4 1.6.0-639. There is a bad free in the component AP4_HdlrAtom::~AP4_HdlrAtom() which allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2022-25723 1Qualcomm 8Sd 8 Gen1 5g Firmware Wcd9380 FirmwareWcn6855 Firmware+5 more Jun 17, 2026 Oct 19, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption in multimedia due to use after free during callback registration failure in Snapdragon Mobile
CVE-2022-25666 1Qualcomm 148Apq8096au Firmware Aqt1000 FirmwareAr9380 Firmware+145 more Jun 17, 2026 Oct 19, 2022 N/A· v4 6.7 MEDIUM· v3 N/A· v2 Memory corruption due to use after free in service while trying to access maps by different threads in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdrago...Show more Memory corruption due to use after free in service while trying to access maps by different threads in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and NetworkingShow less
CVE-2022-22077 1Qualcomm 8Sd 8 Gen1 5g Firmware Wcd9380 FirmwareWcn6855 Firmware+5 more Jun 17, 2026 Oct 19, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption in graphics due to use-after-free in graphics dispatcher logic in Snapdragon Mobile
CVE-2022-22208 1Juniper 2Junos Junos Os Evolved Jun 17, 2026 Oct 18, 2022 N/A· v4 5.9 MEDIUM· v3 N/A· v2 A Use After Free vulnerability in the Routing Protocol Daemon (rdp) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker to cause Denial of Service (DoS). When a BGP session...Show more A Use After Free vulnerability in the Routing Protocol Daemon (rdp) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker to cause Denial of Service (DoS). When a BGP session flap happens, a Use After Free of a memory location that was assigned to another object can occur, which will lead to an rpd crash. This is a race condition that is outside of the attacker's control and cannot be deterministically exploited. Continued flapping of BGP sessions can create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS: All versions prior to 18.4R2-S9, 18.4R3-S11; 19.1 versions prior to 19.1R3-S8; 19.2 version 19.2R1 and later versions; 19.3 versions prior to 19.3R3-S5; 19.4 versions prior to 19.4R2-S6, 19.4R3-S6; 20.1 version 20.1R1 and later versions; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S2; 20.4 versions prior to 20.4R3-S1; 21.1 versions prior to 21.1R3-S3; 21.2 versions prior to 21.2R2-S1, 21.2R3. Juniper Networks Junos OS Evolved All versions prior to 20.4R3-S4-EVO; 21.1-EVO versions prior to 21.1R3-S2-EVO; 21.2-EVO versions prior to 21.2R3-EVO; 21.3-EVO versions prior to 21.3R2-EVO.Show less
CVE-2022-3559 2Exim Fedoraproject 2Exim Fedora Jun 17, 2026 Oct 17, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 A vulnerability was found in Exim and classified as problematic. This issue affects some unknown processing of the component Regex Handler. The manipulation leads to use after free. The name of the patch is 4e9ed49f8f12e...Show more A vulnerability was found in Exim and classified as problematic. This issue affects some unknown processing of the component Regex Handler. The manipulation leads to use after free. The name of the patch is 4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2. It is recommended to apply a patch to fix this issue. The identifier VDB-211073 was assigned to this vulnerability.Show less
CVE-2022-0699 1Osgeo 1Shapelib Jun 17, 2026 Oct 17, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0 and older releases. This issue may allow an attacker to cause a denial of service or have other unspecified impact via control over malloc.
CVE-2022-3534 1Linux 1Linux Kernel Jun 17, 2026 Oct 17, 2022 N/A· v4 8.0 HIGH· v3 N/A· v2 A vulnerability classified as critical has been found in Linux Kernel. Affected is the function btf_dump_name_dups of the file tools/lib/bpf/btf_dump.c of the component libbpf. The manipulation leads to use after free. I...Show more A vulnerability classified as critical has been found in Linux Kernel. Affected is the function btf_dump_name_dups of the file tools/lib/bpf/btf_dump.c of the component libbpf. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211032.Show less
CVE-2022-3523 1Linux 1Linux Kernel Jun 17, 2026 Oct 16, 2022 N/A· v4 5.3 MEDIUM· v3 N/A· v2 A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is an unknown function of the file mm/memory.c of the component Driver Handler. The manipulation leads to use after free. It is p...Show more A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is an unknown function of the file mm/memory.c of the component Driver Handler. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211020.Show less
CVE-2022-38448 1Adobe 1Dimension Jun 17, 2026 Oct 14, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Adobe Dimension versions 3.4.5 is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that...Show more Adobe Dimension versions 3.4.5 is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2022-38447 1Adobe 1Dimension Jun 17, 2026 Oct 14, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Adobe Dimension versions 3.4.5 is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that...Show more Adobe Dimension versions 3.4.5 is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2022-38446 1Adobe 1Dimension Jun 17, 2026 Oct 14, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Adobe Dimension versions 3.4.5 is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that...Show more Adobe Dimension versions 3.4.5 is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2022-38445 1Adobe 1Dimension Jun 17, 2026 Oct 14, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Adobe Dimension versions 3.4.5 is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that...Show more Adobe Dimension versions 3.4.5 is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2022-38444 1Adobe 1Dimension Jun 17, 2026 Oct 14, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Adobe Dimension versions 3.4.5 is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that...Show more Adobe Dimension versions 3.4.5 is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2022-38442 1Adobe 1Dimension Jun 17, 2026 Oct 14, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Adobe Dimension versions 3.4.5 is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that...Show more Adobe Dimension versions 3.4.5 is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2022-38437 1Adobe 4Acrobat Acrobat DcAcrobat Reader+1 more Jun 17, 2026 Oct 14, 2022 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Adobe Acrobat Reader versions 22.002.20212 (and earlier) and 20.005.30381 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vu...Show more Adobe Acrobat Reader versions 22.002.20212 (and earlier) and 20.005.30381 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2022-41303 1Autodesk 1Fbx Software Development Kit Jun 17, 2026 Oct 14, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 A user may be tricked into opening a malicious FBX file which may exploit a use-after-free vulnerability in Autodesk FBX SDK 2020 version causing the application to reference a memory location controlled by an unauthoriz...Show more A user may be tricked into opening a malicious FBX file which may exploit a use-after-free vulnerability in Autodesk FBX SDK 2020 version causing the application to reference a memory location controlled by an unauthorized third party, thereby running arbitrary code on the system.Show less
CVE-2022-38983 1Huawei 2Emui Harmonyos Jun 17, 2026 Oct 14, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 The BT Hfp Client module has a Use-After-Free (UAF) vulnerability.Successful exploitation of this vulnerability may result in arbitrary code execution.

Previous 1...208209210...373 Next