Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

CVEs (7,456)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-37998 3Debian FedoraprojectGoogle 3Chrome Debian LinuxFedora Nov 21, 2024 Nov 23, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in Garbage Collection in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-37997 3Debian FedoraprojectGoogle 3Chrome Debian LinuxFedora Nov 21, 2024 Nov 23, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in Sign-In in Google Chrome prior to 95.0.4638.69 allowed a remote attacker who convinced a user to sign into Chrome to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-43582 1Opendesign 1Drawings Sdk Nov 21, 2024 Nov 22, 2021 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A Use-After-Free Remote Vulnerability exists when reading a DWG file using Open Design Alliance Drawings SDK before 2022.11. The specific issue exists within the parsing of DWG files. The issue results from the lack of v...Show more A Use-After-Free Remote Vulnerability exists when reading a DWG file using Open Design Alliance Drawings SDK before 2022.11. The specific issue exists within the parsing of DWG files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process.Show less
CVE-2021-21900 3Debian FedoraprojectLibrecad 3Debian Linux FedoraLibdxfrw Nov 21, 2024 Nov 19, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 A code execution vulnerability exists in the dxfRW::processLType() functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dxf file can lead to a use-after-free vulnerability. An attacker can prov...Show more A code execution vulnerability exists in the dxfRW::processLType() functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dxf file can lead to a use-after-free vulnerability. An attacker can provide a malicious file to trigger this vulnerability.Show less
CVE-2021-3962 1Imagemagick 1Imagemagick Nov 21, 2024 Nov 19, 2021 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A flaw was found in ImageMagick where it did not properly sanitize certain input before using it to invoke convert processes. This flaw allows an attacker to create a specially crafted image that leads to a use-after-fre...Show more A flaw was found in ImageMagick where it did not properly sanitize certain input before using it to invoke convert processes. This flaw allows an attacker to create a specially crafted image that leads to a use-after-free vulnerability when processed by ImageMagick. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.Show less
CVE-2021-3974 3Debian FedoraprojectVim 3Debian Linux FedoraVim Nov 21, 2024 Nov 19, 2021 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 vim is vulnerable to Use After Free
CVE-2021-37322 1Gnu 2Binutils Gcc Nov 21, 2024 Nov 18, 2021 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 GCC c++filt v2.26 was discovered to contain a use-after-free vulnerability via the component cplus-dem.c.
CVE-2021-42269 1Adobe 1Animate Nov 21, 2024 Nov 18, 2021 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 Adobe Animate version 21.0.9 (and earlier) are affected by a use-after-free vulnerability in the processing of a malformed FLA file that could result in arbitrary code execution in the context of the current user. Exploi...Show more Adobe Animate version 21.0.9 (and earlier) are affected by a use-after-free vulnerability in the processing of a malformed FLA file that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2021-0670 1Google 1Android Nov 21, 2024 Nov 18, 2021 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 In apusys, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch I...Show more In apusys, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05654663; Issue ID: ALPS05654663.Show less
CVE-2021-0669 1Google 1Android Nov 21, 2024 Nov 18, 2021 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 In apusys, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch I...Show more In apusys, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05681550; Issue ID: ALPS05681550.Show less
CVE-2021-0667 1Google 1Android Nov 21, 2024 Nov 18, 2021 N/A· v4 6.7 MEDIUM· v3 4.6 MEDIUM· v2 In apusys, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch I...Show more In apusys, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05670581; Issue ID: ALPS05670581.Show less
CVE-2021-0664 1Google 1Android Nov 21, 2024 Nov 18, 2021 N/A· v4 6.7 MEDIUM· v3 4.6 MEDIUM· v2 In ccu, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID:...Show more In ccu, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05827158; Issue ID: ALPS05827158.Show less
CVE-2021-0656 1Google 1Android Nov 21, 2024 Nov 18, 2021 N/A· v4 6.7 MEDIUM· v3 4.6 MEDIUM· v2 In edma driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Pa...Show more In edma driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05709376; Issue ID: ALPS05709376.Show less
CVE-2021-0629 1Google 1Android Nov 21, 2024 Nov 18, 2021 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 In mdlactl driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation....Show more In mdlactl driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05776625; Issue ID: ALPS05776625.Show less
CVE-2021-33480 1Optical Character Recognition Project 1Optical Character Recognition Nov 21, 2024 Nov 17, 2021 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 An use-after-free vulnerability was discovered in gocr through 0.53-20200802 in context_correction() in pgm2asc.c.
CVE-2021-42721 1Adobe 1Media Encoder Nov 21, 2024 Nov 16, 2021 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 Acrobat Bridge versions 11.1.1 and earlier are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploi...Show more Acrobat Bridge versions 11.1.1 and earlier are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2021-42386 2Busybox Fedoraproject 2Busybox Fedora Nov 3, 2025 Nov 15, 2021 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc function
CVE-2021-42385 2Busybox Fedoraproject 2Busybox Fedora Nov 3, 2025 Nov 15, 2021 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function
CVE-2021-42384 2Busybox Fedoraproject 2Busybox Fedora Nov 3, 2025 Nov 15, 2021 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special function
CVE-2021-42383 2Busybox Fedoraproject 2Busybox Fedora Apr 23, 2025 Nov 15, 2021 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function

Previous 1...241242243...373 Next