Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

CVEs (7,456)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-34263 1Adobe 1Illustrator Jun 17, 2026 Aug 11, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Adobe Illustrator versions 26.3.1 (and earlier) and 25.4.6 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of th...Show more Adobe Illustrator versions 26.3.1 (and earlier) and 25.4.6 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2022-20379 1Google 1Android Jun 17, 2026 Aug 11, 2022 N/A· v4 6.7 MEDIUM· v3 N/A· v2 In lwis_buffer_alloc of lwis_buffer.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is n...Show more In lwis_buffer_alloc of lwis_buffer.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-209436980References: N/AShow less
CVE-2022-20372 1Google 1Android Jun 17, 2026 Aug 11, 2022 N/A· v4 6.7 MEDIUM· v3 N/A· v2 In exynos5_i2c_irq of (TBD), there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for e...Show more In exynos5_i2c_irq of (TBD), there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-195480799References: N/AShow less
CVE-2022-20158 1Google 1Android Jun 17, 2026 Aug 11, 2022 N/A· v4 6.7 MEDIUM· v3 N/A· v2 In bdi_put and bdi_unregister of backing-dev.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is...Show more In bdi_put and bdi_unregister of backing-dev.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-182815710References: Upstream kernelShow less
CVE-2022-34707 1Microsoft 10Windows 10 Windows 11Windows 7+7 more Jun 17, 2026 Aug 9, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-34705 1Microsoft 5Windows 10 Windows 11Windows Server 2016+2 more Jun 17, 2026 Aug 9, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Windows Defender Credential Guard Elevation of Privilege Vulnerability
CVE-2022-1973 3Fedoraproject LinuxNetapp 7Fedora H300s FirmwareH410c Firmware+4 more Jun 17, 2026 Aug 5, 2022 N/A· v4 7.1 HIGH· v3 N/A· v2 A use-after-free flaw was found in the Linux kernel in log_replay in fs/ntfs3/fslog.c in the NTFS journal. This flaw allows a local attacker to crash the system and leads to a kernel information leak problem.
CVE-2022-1158 3Fedoraproject LinuxRedhat 3Enterprise Linux FedoraLinux Kernel Jun 17, 2026 Aug 5, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 A flaw was found in KVM. When updating a guest's page table entry, vm_pgoff was improperly used as the offset to get the page's pfn. As vaddr and vm_pgoff are controllable by user-mode processes, this flaw allows unprivi...Show more A flaw was found in KVM. When updating a guest's page table entry, vm_pgoff was improperly used as the offset to get the page's pfn. As vaddr and vm_pgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and potentially corrupt the kernel, resulting in a denial of service condition.Show less
CVE-2022-32293 2Debian Intel 2Connman Debian Linux Jun 17, 2026 Aug 3, 2022 N/A· v4 8.1 HIGH· v3 N/A· v2 In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a use-after-free in WISPR handling, leading to crashes or code execution.
CVE-2022-34568 1Libsdl 1Simple Directmedia Layer Jun 17, 2026 Jul 28, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 SDL v1.2 was discovered to contain a use-after-free via the XFree function at /src/video/x11/SDL_x11yuv.c.
CVE-2022-2399 1Google 1Chrome Jun 17, 2026 Jul 28, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in WebGPU in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2481 1Google 1Chrome Jun 17, 2026 Jul 28, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in Views in Google Chrome prior to 103.0.5060.134 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via UI interaction.
CVE-2022-2480 1Google 1Chrome Jun 17, 2026 Jul 28, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in Service Worker API in Google Chrome prior to 103.0.5060.134 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2478 1Google 1Chrome Jun 17, 2026 Jul 28, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in PDF in Google Chrome prior to 103.0.5060.134 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2477 1Google 1Chrome Jun 17, 2026 Jul 28, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in Guest View in Google Chrome prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2296 2Fedoraproject Google 3Chrome Extra Packages For Enterprise LinuxFedora Jun 17, 2026 Jul 28, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 103.0.5060.114 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via di...Show more Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 103.0.5060.114 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via direct UI interactions.Show less
CVE-2022-2163 2Fedoraproject Google 3Chrome Extra Packages For Enterprise LinuxFedora Jun 17, 2026 Jul 28, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in Cast UI and Toolbar in Google Chrome prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via UI interaction.
CVE-2022-2161 2Fedoraproject Google 2Chrome Fedora Jun 17, 2026 Jul 28, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in WebApp Provider in Google Chrome prior to 103.0.5060.53 allowed a remote attacker who convinced the user to engage in specific user interactions to potentially exploit heap corruption via specific UI in...Show more Use after free in WebApp Provider in Google Chrome prior to 103.0.5060.53 allowed a remote attacker who convinced the user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions.Show less
CVE-2022-2158 2Fedoraproject Google 3Chrome Extra Packages For Enterprise LinuxFedora Jun 17, 2026 Jul 28, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Type confusion in V8 in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2157 2Fedoraproject Google 2Chrome Fedora Jun 17, 2026 Jul 28, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in Interest groups in Google Chrome prior to 103.0.5060.53 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

Previous 1...215216217...373 Next