Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

CVEs (7,456)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-0934 2Redhat Thekelleys 2Dnsmasq Enterprise Linux Jun 17, 2026 Aug 29, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet processed by dnsmasq, potentially causing a denial of service.
CVE-2021-41785 1Foxit 3Pdf Editor Pdf ReaderPhantompdf Jun 17, 2026 Aug 29, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.
CVE-2021-41784 1Foxit 3Pdf Editor Pdf ReaderPhantompdf Jun 17, 2026 Aug 29, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.
CVE-2021-41783 1Foxit 3Pdf Editor Pdf ReaderPhantompdf Jun 17, 2026 Aug 29, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.
CVE-2021-41782 1Foxit 3Pdf Editor Pdf ReaderPhantompdf Jun 17, 2026 Aug 29, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.
CVE-2021-41781 1Foxit 3Pdf Editor Pdf ReaderPhantompdf Jun 17, 2026 Aug 29, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.
CVE-2021-41780 1Foxit 3Pdf Editor Pdf ReaderPhantompdf Jun 17, 2026 Aug 29, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.
CVE-2022-3016 2Fedoraproject Vim 2Fedora Vim Jun 17, 2026 Aug 28, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Use After Free in GitHub repository vim/vim prior to 9.0.0286.
CVE-2022-0216 2Fedoraproject Qemu 2Fedora Qemu Jun 17, 2026 Aug 26, 2022 N/A· v4 4.4 MEDIUM· v3 N/A· v2 A use-after-free vulnerability was found in the LSI53C895A SCSI Host Bus Adapter emulation of QEMU. The flaw occurs while processing repeated messages to cancel the current SCSI request via the lsi_do_msgout function. Th...Show more A use-after-free vulnerability was found in the LSI53C895A SCSI Host Bus Adapter emulation of QEMU. The flaw occurs while processing repeated messages to cancel the current SCSI request via the lsi_do_msgout function. This flaw allows a malicious privileged user within the guest to crash the QEMU process on the host, resulting in a denial of service.Show less
CVE-2022-2982 2Fedoraproject Vim 2Fedora Vim Jun 17, 2026 Aug 25, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Use After Free in GitHub repository vim/vim prior to 9.0.0260.
CVE-2021-3929 2Fedoraproject Qemu 2Fedora Qemu Jun 17, 2026 Aug 25, 2022 N/A· v4 8.2 HIGH· v3 N/A· v2 A DMA reentrancy issue was found in the NVM Express Controller (NVME) emulation in QEMU. This CVE is similar to CVE-2021-3750 and, just like it, when the reentrancy write triggers the reset function nvme_ctrl_reset(), da...Show more A DMA reentrancy issue was found in the NVM Express Controller (NVME) emulation in QEMU. This CVE is similar to CVE-2021-3750 and, just like it, when the reentrancy write triggers the reset function nvme_ctrl_reset(), data structs will be freed leading to a use-after-free issue. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition or, potentially, executing arbitrary code within the context of the QEMU process on the host.Show less
CVE-2022-32746 1Samba 1Samba Jun 17, 2026 Aug 25, 2022 N/A· v4 5.4 MEDIUM· v3 N/A· v2 A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module, resulting in a use-after-free issue. This issue is only possible...Show more A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module, resulting in a use-after-free issue. This issue is only possible when modifying certain privileged attributes, such as userAccountControl.Show less
CVE-2021-4022 1Rizin 1Rizin Jun 17, 2026 Aug 25, 2022 N/A· v4 5.5 MEDIUM· v3 N/A· v2 A vulnerability was found in rizin. The bug involves an ELF64 binary for the HPPA architecture. When a specially crafted binarygets analysed by rizin, it causes rizin to crash by freeing an uninitialized (and potentially...Show more A vulnerability was found in rizin. The bug involves an ELF64 binary for the HPPA architecture. When a specially crafted binarygets analysed by rizin, it causes rizin to crash by freeing an uninitialized (and potentially user controlled, depending on the build) memory address.Show less
CVE-2022-2978 2Debian Linux 2Debian Linux Linux Kernel Jun 17, 2026 Aug 24, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to...Show more A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.Show less
CVE-2021-4028 2Linux Suse 2Linux Enterprise Linux Kernel Jun 17, 2026 Aug 24, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element to be used after free....Show more A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element to be used after free. Given the ability to execute code, a local attacker could leverage this use-after-free to crash the system or possibly escalate privileges on the system.Show less
CVE-2022-20122 1Google 1Android Jun 17, 2026 Aug 24, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 The PowerVR GPU driver allows unprivileged apps to allocated pinned memory, unpin it (which makes it available to be freed), and continue using the page in GPU calls. No privileges required and this results in kernel mem...Show more The PowerVR GPU driver allows unprivileged apps to allocated pinned memory, unpin it (which makes it available to be freed), and continue using the page in GPU calls. No privileges required and this results in kernel memory corruption.Product: AndroidVersions: Android SoCAndroid ID: A-232441339Show less
CVE-2021-39815 1Google 1Android Jun 17, 2026 Aug 24, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 The PowerVR GPU driver allows unprivileged apps to allocated pinned memory, unpin it (which makes it available to be freed), and continue using the page in GPU calls. No privileges required and this results in kernel mem...Show more The PowerVR GPU driver allows unprivileged apps to allocated pinned memory, unpin it (which makes it available to be freed), and continue using the page in GPU calls. No privileges required and this results in kernel memory corruption.Product: AndroidVersions: Android SoCAndroid ID: A-232440670Show less
CVE-2022-2938 4Fedoraproject LinuxNetapp+1 more 8Enterprise Linux FedoraH300s Firmware+5 more Jun 17, 2026 Aug 23, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 A flaw was found in the Linux kernel's implementation of Pressure Stall Information. While the feature is disabled by default, it could allow an attacker to crash the system or have other memory-corruption side effects.
CVE-2021-3975 5Canonical DebianFedoraproject+2 more 14Codeready Linux Builder Debian LinuxEnterprise Linux+11 more Jun 17, 2026 Aug 23, 2022 N/A· v4 6.5 MEDIUM· v3 N/A· v2 A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be tr...Show more A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting down. An unprivileged client with a read-only connection could use this flaw to perform a denial of service attack by causing the libvirt daemon to crash.Show less
CVE-2022-2946 3Debian FedoraprojectVim 3Debian Linux FedoraVim Jun 17, 2026 Aug 23, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Use After Free in GitHub repository vim/vim prior to 9.0.0246.

Previous 1...213214215...373 Next