Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

CVEs (7,457)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-3058 2Fedoraproject Google 2Chrome Fedora Jun 17, 2026 Sep 26, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in Sign-In Flow in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactio...Show more Use after free in Sign-In Flow in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interaction.Show less
CVE-2022-3055 2Fedoraproject Google 2Chrome Fedora Jun 17, 2026 Sep 26, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in Passwords in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-3046 2Fedoraproject Google 2Chrome Fedora Jun 17, 2026 Sep 26, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in Browser Tag in Google Chrome prior to 105.0.5195.52 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-3041 2Fedoraproject Google 2Chrome Fedora Jun 17, 2026 Sep 26, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in WebSQL in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-3039 2Fedoraproject Google 2Chrome Fedora Jun 17, 2026 Sep 26, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in WebSQL in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-3038 2Fedoraproject Google 2Chrome Fedora Jun 17, 2026 Sep 26, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in Network Service in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2998 1Google 1Chrome Jun 17, 2026 Sep 26, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in Browser Creation in Google Chrome prior to 104.0.5112.101 allowed a remote attacker who had convinced a user to engage in a specific UI interaction to potentially exploit heap corruption via a crafted H...Show more Use after free in Browser Creation in Google Chrome prior to 104.0.5112.101 allowed a remote attacker who had convinced a user to engage in a specific UI interaction to potentially exploit heap corruption via a crafted HTML page.Show less
CVE-2022-2859 2Fedoraproject Google 2Chrome Fedora Jun 17, 2026 Sep 26, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in Chrome OS Shell in Google Chrome prior to 104.0.5112.101 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific UI inter...Show more Use after free in Chrome OS Shell in Google Chrome prior to 104.0.5112.101 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific UI interactions.Show less
CVE-2022-2858 2Fedoraproject Google 2Chrome Fedora Jun 17, 2026 Sep 26, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in Sign-In Flow in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via specific UI interaction.
CVE-2022-2855 2Fedoraproject Google 2Chrome Fedora Jun 17, 2026 Sep 26, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in ANGLE in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2852 2Fedoraproject Google 2Chrome Fedora Jun 17, 2026 Sep 26, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in FedCM in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-3297 2Fedoraproject Vim 2Fedora Vim Jun 17, 2026 Sep 25, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Use After Free in GitHub repository vim/vim prior to 9.0.0579.
CVE-2022-22628 1Apple 6Ipad Os Iphone OsMacos+3 more Jun 17, 2026 Sep 23, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iOS 15.4 and iPadOS 15.4, tvOS 15.4. Processing maliciously crafted web content...Show more A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iOS 15.4 and iPadOS 15.4, tvOS 15.4. Processing maliciously crafted web content may lead to arbitrary code execution.Show less
CVE-2022-22624 1Apple 4Ipad Os Iphone OsMacos+1 more Jun 17, 2026 Sep 23, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, iOS 15.4 and iPadOS 15.4, tvOS 15.4, Safari 15.4. Processing maliciously crafted web content may lead to a...Show more A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, iOS 15.4 and iPadOS 15.4, tvOS 15.4, Safari 15.4. Processing maliciously crafted web content may lead to arbitrary code execution.Show less
CVE-2022-3256 3Debian FedoraprojectVim 3Debian Linux FedoraVim Jun 17, 2026 Sep 22, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Use After Free in GitHub repository vim/vim prior to 9.0.0530.
CVE-2022-41222 4Canonical DebianLinux+1 more 4Debian Linux Hci Baseboard Management ControllerLinux Kernel+1 more Jun 17, 2026 Sep 21, 2022 N/A· v4 7.0 HIGH· v3 N/A· v2 mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move.
CVE-2022-41218 2Debian Linux 2Debian Linux Linux Kernel Jun 17, 2026 Sep 21, 2022 N/A· v4 5.5 MEDIUM· v3 N/A· v2 In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release.
CVE-2022-40009 1Swftools 1Swftools Jun 17, 2026 Sep 20, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 SWFTools commit 772e55a was discovered to contain a heap-use-after-free via the function grow_unicode at /lib/ttf.c.
CVE-2022-3239 1Linux 1Linux Kernel Jun 17, 2026 Sep 19, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 A flaw use after free in the Linux kernel video4linux driver was found in the way user triggers em28xx_usb_probe() for the Empia 28xx based TV cards. A local user could use this flaw to crash the system or potentially es...Show more A flaw use after free in the Linux kernel video4linux driver was found in the way user triggers em28xx_usb_probe() for the Empia 28xx based TV cards. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.Show less
CVE-2022-38425 1Adobe 1Bridge Jun 17, 2026 Sep 19, 2022 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass...Show more Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less

Previous 1...210211212...373 Next