Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

CVEs (7,456)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-45713 1Rusqlite Project 1Rusqlite Nov 21, 2024 Dec 26, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. create_scalar_function has a use-after-free.
CVE-2021-45483 1Webkitgtk 1Webkitgtk Nov 21, 2024 Dec 25, 2021 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::Frame::page, a different vulnerability than CVE-2021-30889.
CVE-2021-45482 1Webkitgtk 1Webkitgtk Nov 21, 2024 Dec 25, 2021 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::ContainerNode::firstChild, a different vulnerability than CVE-2021-30889.
CVE-2020-3886 1Apple 1Mac Os X Nov 21, 2024 Dec 23, 2021 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 A use after free issue was addressed with improved memory management. This issue is fixed in macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra. A malicious application may be a...Show more A use after free issue was addressed with improved memory management. This issue is fixed in macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra. A malicious application may be able to execute arbitrary code with kernel privileges.Show less
CVE-2021-4067 3Debian FedoraprojectGoogle 3Chrome Debian LinuxFedora Nov 21, 2024 Dec 23, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in window manager in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-4065 3Debian FedoraprojectGoogle 3Chrome Debian LinuxFedora Nov 21, 2024 Dec 23, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-4064 3Debian FedoraprojectGoogle 3Chrome Debian LinuxFedora Nov 21, 2024 Dec 23, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in screen capture in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-4063 3Debian FedoraprojectGoogle 3Chrome Debian LinuxFedora Nov 21, 2024 Dec 23, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in developer tools in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-4057 3Debian FedoraprojectGoogle 3Chrome Debian LinuxFedora Nov 21, 2024 Dec 23, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in file API in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-4053 3Debian FedoraprojectGoogle 3Chrome Debian LinuxFedora Nov 21, 2024 Dec 23, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in UI in Google Chrome on Linux prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-4052 3Debian FedoraprojectGoogle 3Chrome Debian LinuxFedora Nov 21, 2024 Dec 23, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in web apps in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.
CVE-2021-38011 3Debian FedoraprojectGoogle 3Chrome Debian LinuxFedora Nov 21, 2024 Dec 23, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-38008 3Debian FedoraprojectGoogle 3Chrome Debian LinuxFedora Nov 21, 2024 Dec 23, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in media in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-38006 3Debian FedoraprojectGoogle 3Chrome Debian LinuxFedora Nov 21, 2024 Dec 23, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-38005 3Debian FedoraprojectGoogle 3Chrome Debian LinuxFedora Nov 21, 2024 Dec 23, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in loader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-45263 1Gpac 1Gpac Nov 21, 2024 Dec 22, 2021 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 An invalid free vulnerability exists in gpac 1.1.0 via the gf_svg_delete_attribute_value function, which causes a segmentation fault and application crash.
CVE-2021-45262 1Gpac 1Gpac Nov 21, 2024 Dec 22, 2021 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 An invalid free vulnerability exists in gpac 1.1.0 via the gf_sg_command_del function, which causes a segmentation fault and application crash.
CVE-2021-45291 1Gpac 1Gpac Nov 21, 2024 Dec 21, 2021 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The gf_dump_setup function in GPAC 1.0.1 allows malicoius users to cause a denial of service (Invalid memory address dereference) via a crafted file in the MP4Box command.
CVE-2021-0899 1Google 1Android Nov 21, 2024 Dec 17, 2021 N/A· v4 6.7 MEDIUM· v3 4.6 MEDIUM· v2 In apusys, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch I...Show more In apusys, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05672059.Show less
CVE-2021-0898 1Google 1Android Nov 21, 2024 Dec 17, 2021 N/A· v4 6.7 MEDIUM· v3 4.6 MEDIUM· v2 In apusys, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch I...Show more In apusys, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05672071.Show less

Previous 1...239240241...373 Next