Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

CVEs (7,456)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-27528 1Autodesk 1Navisworks Jun 17, 2026 Apr 11, 2022 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A maliciously crafted DWFX and SKP files in Autodesk Navisworks 2022 can be used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution.
CVE-2022-25789 1Autodesk 10Advance Steel AutocadAutocad Architecture+7 more Jun 17, 2026 Apr 11, 2022 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A maliciously crafted DWF, 3DS and DWFX files in Autodesk AutoCAD 2022, 2021, 2020, 2019 can be used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution.
CVE-2022-20062 1Google 1Android Jun 17, 2026 Apr 11, 2022 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 In mdp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: A...Show more In mdp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS05836418; Issue ID: ALPS05836418.Show less
CVE-2022-20052 1Google 1Android Jun 17, 2026 Apr 11, 2022 N/A· v4 6.5 MEDIUM· v3 6.9 MEDIUM· v2 In mdp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS...Show more In mdp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS05836642; Issue ID: ALPS05836642.Show less
CVE-2022-28893 3Debian LinuxNetapp 13Debian Linux H300e FirmwareH300s Firmware+10 more Jun 17, 2026 Apr 11, 2022 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state.
CVE-2022-1284 1Radare 1Radare2 Jun 17, 2026 Apr 8, 2022 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 heap-use-after-free in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of inducing denial of service.
CVE-2022-27147 1Gpac 1Gpac Jun 17, 2026 Apr 8, 2022 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 GPAC mp4box 1.1.0-DEV-rev1727-g8be34973d-master has a use-after-free vulnerability in function gf_node_get_attribute_by_tag.
CVE-2022-27046 2Libsixel Project Saitoha 2Libsixel Libsixel Jun 17, 2026 Apr 8, 2022 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 libsixel 1.8.6 suffers from a Heap Use After Free vulnerability in in libsixel/src/dither.c:388.
CVE-2021-41715 2Libsixel Libsixel Project 2Libsixel Libsixel Jun 17, 2026 Apr 8, 2022 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 libsixel 1.10.0 is vulnerable to Use after free in libsixel/src/dither.c:379.
CVE-2022-1212 1Mruby 1Mruby Jun 17, 2026 Apr 5, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Use-After-Free in str_escape in mruby/mruby in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited.
CVE-2022-0808 1Google 1Chrome Jun 17, 2026 Apr 5, 2022 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in a series of user interaction to potentially exploit heap corruption via us...Show more Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in a series of user interaction to potentially exploit heap corruption via user interactions.Show less
CVE-2022-0805 1Google 1Chrome Jun 17, 2026 Apr 5, 2022 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in Browser Switcher in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction.
CVE-2022-0798 1Google 1Chrome Jun 17, 2026 Apr 5, 2022 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in MediaStream in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.
CVE-2022-0796 1Google 1Chrome Jun 17, 2026 Apr 5, 2022 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in Media in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-0794 1Google 1Chrome Jun 17, 2026 Apr 5, 2022 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in WebShare in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-0793 1Google 1Chrome Jun 17, 2026 Apr 5, 2022 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in Cast in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinced a user to install a malicious extension and engage in specific user interaction to potentially exploit heap corruption via a...Show more Use after free in Cast in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinced a user to install a malicious extension and engage in specific user interaction to potentially exploit heap corruption via a crafted Chrome Extension.Show less
CVE-2022-0791 1Google 1Chrome Jun 17, 2026 Apr 5, 2022 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in Omnibox in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via user interactions.
CVE-2022-0790 1Google 1Chrome Jun 17, 2026 Apr 5, 2022 N/A· v4 9.6 CRITICAL· v3 6.8 MEDIUM· v2 Use after free in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially perform a sandbox escape via a crafted HTML page.
CVE-2022-0469 1Google 1Chrome Jun 17, 2026 Apr 5, 2022 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in Cast in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who convinced a user to engage in specific interactions to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-0468 1Google 1Chrome Jun 17, 2026 Apr 5, 2022 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in Payments in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Previous 1...227228229...373 Next