Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

CVEs (7,456)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-35077 1Qualcomm 71Ar8035 Firmware Qca6174a FirmwareQca6390 Firmware+68 more Jun 17, 2026 Feb 11, 2022 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Possible use after free scenario in compute offloads to DSP while multiple calls spawn a dynamic process in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CVE-2022-22533 1Sap 1Netweaver Application Server Java Jun 17, 2026 Feb 9, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Due to improper error handling in SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, an attacker could submit multiple HTTP serve...Show more Due to improper error handling in SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, an attacker could submit multiple HTTP server requests resulting in errors, such that it consumes the memory buffer. This could result in system shutdown rendering the system unavailable.Show less
CVE-2022-20045 1Google 1Android Jun 17, 2026 Feb 9, 2022 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 In Bluetooth, there is a possible service crash due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. P...Show more In Bluetooth, there is a possible service crash due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126820; Issue ID: ALPS06126820.Show less
CVE-2022-20044 1Google 1Android Jun 17, 2026 Feb 9, 2022 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 In Bluetooth, there is a possible service crash due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. P...Show more In Bluetooth, there is a possible service crash due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126814; Issue ID: ALPS06126814.Show less
CVE-2022-20035 1Google 1Android Jun 17, 2026 Feb 9, 2022 N/A· v4 4.4 MEDIUM· v3 2.1 LOW· v2 In vcu driver, there is a possible information disclosure due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...Show more In vcu driver, there is a possible information disclosure due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06171675; Issue ID: ALPS06171675.Show less
CVE-2022-20031 1Google 1Android Jun 17, 2026 Feb 9, 2022 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 In fb driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitatio...Show more In fb driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05850708; Issue ID: ALPS05850708.Show less
CVE-2022-0523 2Fedoraproject Radare 2Fedora Radare2 Jun 17, 2026 Feb 8, 2022 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2.
CVE-2022-0520 2Fedoraproject Radare 2Fedora Radare2 Jun 17, 2026 Feb 8, 2022 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Use After Free in NPM radare2.js prior to 5.6.2.
CVE-2022-0139 1Radare 1Radare2 Jun 17, 2026 Feb 8, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Use After Free in GitHub repository radareorg/radare2 prior to 5.6.0.
CVE-2022-23584 1Google 1Tensorflow Jun 17, 2026 Feb 4, 2022 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a use after free behavior when decoding PNG images. After `png::CommonFreeDecode(&decode)` gets called, the values of `decode.width` and...Show more Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a use after free behavior when decoding PNG images. After `png::CommonFreeDecode(&decode)` gets called, the values of `decode.width` and `decode.height` are in an unspecified state. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.Show less
CVE-2022-0487 3Debian LinuxRedhat 3Debian Linux Enterprise LinuxLinux Kernel Jun 17, 2026 Feb 4, 2022 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidenti...Show more A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1.Show less
CVE-2021-4154 3Linux NetappRedhat 4Enterprise Linux Hci Baseboard Management ControllerLinux Kernel+1 more Jun 17, 2026 Feb 4, 2022 N/A· v4 8.8 HIGH· v3 7.2 HIGH· v2 A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsco...Show more A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and a denial of service on the system.Show less
CVE-2021-40420 1Foxit 1Pdf Reader Jun 17, 2026 Feb 4, 2022 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 11.1.0.52543. A specially-crafted PDF document can trigger the reuse of previously freed memory, which can lead to ar...Show more A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 11.1.0.52543. A specially-crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially-crafted, malicious site if the browser plugin extension is enabled.Show less
CVE-2022-0443 3Debian FedoraprojectVim 3Debian Linux FedoraVim Jun 17, 2026 Feb 2, 2022 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Use After Free in GitHub repository vim/vim prior to 8.2.
CVE-2022-23597 1Element 1Desktop Jun 17, 2026 Feb 1, 2022 N/A· v4 8.8 HIGH· v3 5.1 MEDIUM· v2 Element Desktop is a Matrix client for desktop platforms with Element Web at its core. Element Desktop before 1.9.7 is vulnerable to a remote program execution bug with user interaction. The exploit is non-trivial and re...Show more Element Desktop is a Matrix client for desktop platforms with Element Web at its core. Element Desktop before 1.9.7 is vulnerable to a remote program execution bug with user interaction. The exploit is non-trivial and requires clicking on a malicious link, followed by another button click. To the best of our knowledge, the vulnerability has never been exploited in the wild. If you are using Element Desktop < 1.9.7, we recommend upgrading at your earliest convenience. If successfully exploited, the vulnerability allows an attacker to specify a file path of a binary on the victim's computer which then gets executed. Notably, the attacker does not have the ability to specify program arguments. However, in certain unspecified configurations, the attacker may be able to specify an URI instead of a file path which then gets handled using standard platform mechanisms. These may allow exploiting further vulnerabilities in those mechanisms, potentially leading to arbitrary code execution.Show less
CVE-2021-46669 3Debian FedoraprojectMariadb 3Debian Linux FedoraMariadb Jun 17, 2026 Feb 1, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the BIGINT data type is used.
CVE-2022-0413 3Debian FedoraprojectVim 3Debian Linux FedoraVim Jun 17, 2026 Jan 30, 2022 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Use After Free in GitHub repository vim/vim prior to 8.2.
CVE-2022-24122 3Fedoraproject LinuxNetapp 10Fedora H300e FirmwareH300s Firmware+7 more Jun 17, 2026 Jan 29, 2022 N/A· v4 7.8 HIGH· v3 6.9 MEDIUM· v2 kernel/ucount.c in the Linux kernel 5.14 through 5.16.4, when unprivileged user namespaces are enabled, allows a use-after-free and privilege escalation because a ucounts object can outlive its namespace.
CVE-2021-22808 1Schneider Electric 1Guicon Jun 17, 2026 Jan 28, 2022 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A CWE-416: Use After Free vulnerability exists that could cause arbitrary code execution when a malicious .gd1 configuration file is loaded into the GUIcon tool. Affected Product: Eurotherm by Schneider Electric GUIcon...Show more A CWE-416: Use After Free vulnerability exists that could cause arbitrary code execution when a malicious .gd1 configuration file is loaded into the GUIcon tool. Affected Product: Eurotherm by Schneider Electric GUIcon Version 2.0 (Build 683.003) and priorShow less
CVE-2021-46525 1Cesanta 1Mjs Jun 17, 2026 Jan 27, 2022 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Cesanta MJS v2.20.0 was discovered to contain a heap-use-after-free via mjs_apply at src/mjs_exec.c.

Previous 1...234235236...373 Next