Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

CVEs (7,455)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-0475 1Google 1Android Nov 21, 2024 Jun 11, 2021 N/A· v4 8.8 HIGH· v3 8.3 HIGH· v2 In on_l2cap_data_ind of btif_sock_l2cap.cc, there is possible memory corruption due to a use after free. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User intera...Show more In on_l2cap_data_ind of btif_sock_l2cap.cc, there is possible memory corruption due to a use after free. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-10Android ID: A-175686168Show less
CVE-2021-22901 5Haxx NetappOracle+2 more 26Active Iq Unified Manager Cloud BackupCommunications Cloud Native Core Binding Support Function+23 more Nov 21, 2024 Jun 11, 2021 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. A malicious server can use this in rare unfortu...Show more curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. A malicious server can use this in rare unfortunate circumstances to potentially reach remote code execution in the client. When libcurl at run-time sets up support for TLS 1.3 session tickets on a connection using OpenSSL, it stores pointers to the transfer in-memory object for later retrieval when a session ticket arrives. If the connection is used by multiple transfers (like with a reused HTTP/1.1 connection or multiplexed HTTP/2 connection) that first transfer object might be freed before the new session is established on that connection and then the function will access a memory buffer that might be freed. When using that memory, libcurl might even call a function pointer in the object, making it possible for a remote code execution if the server could somehow manage to get crafted memory content into the correct place in memory.Show less
CVE-2021-22759 1Schneider Electric 1Interactive Graphical Scada System Nov 21, 2024 Jun 11, 2021 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A CWE-416: Use after free vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in loss of data or remote code execution due to use of unchecked input data, when a malicious CGF file...Show more A CWE-416: Use after free vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in loss of data or remote code execution due to use of unchecked input data, when a malicious CGF file is imported to IGSS Definition.Show less
CVE-2021-25394 1Samsung 1Android Oct 30, 2025 Jun 11, 2021 N/A· v4 6.4 MEDIUM· v3 4.4 MEDIUM· v2 A use after free vulnerability via race condition in MFC charger driver prior to SMR MAY-2021 Release 1 allows arbitrary write given a radio privilege is compromised.
CVE-2021-26199 1Jerryscript 1Jerryscript Nov 21, 2024 Jun 10, 2021 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in JerryScript 2.4.0. There is a heap-use-after-free in ecma_bytecode_ref in ecma-helpers.c file.
CVE-2021-26194 1Jerryscript 1Jerryscript Nov 21, 2024 Jun 10, 2021 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in JerryScript 2.4.0. There is a heap-use-after-free in ecma_is_lexical_environment in the ecma-helpers.c file.
CVE-2020-23302 1Jerryscript 1Jerryscript Nov 21, 2024 Jun 10, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 There is a heap-use-after-free at ecma-helpers-string.c:772 in ecma_ref_ecma_string in JerryScript 2.2.0
CVE-2021-27347 2Debian Long Range Zip Project 2Debian Linux Long Range Zip Nov 21, 2024 Jun 10, 2021 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 Use after free in lzma_decompress_buf function in stream.c in Irzip 0.631 allows attackers to cause Denial of Service (DoS) via a crafted compressed file.
CVE-2021-1900 1Qualcomm 90Apq8009 Firmware Apq8009w FirmwareApq8017 Firmware+87 more Nov 21, 2024 Jun 9, 2021 N/A· v4 7.0 HIGH· v3 4.4 MEDIUM· v2 Possible use after free in Display due to race condition while creating an external display in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon...Show more Possible use after free in Display due to race condition while creating an external display in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon WearablesShow less
CVE-2020-11262 1Qualcomm 389Apq8009 Firmware Apq8009w FirmwareApq8017 Firmware+386 more Nov 21, 2024 Jun 9, 2021 N/A· v4 7.0 HIGH· v3 4.4 MEDIUM· v2 A race between command submission and destroying the context can cause an invalid context being added to the list leads to use after free issue. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon...Show more A race between command submission and destroying the context can cause an invalid context being added to the list leads to use after free issue. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon WearablesShow less
CVE-2020-11250 1Qualcomm 360Apq8009w Firmware Apq8017 FirmwareApq8053 Firmware+357 more Nov 21, 2024 Jun 9, 2021 N/A· v4 7.0 HIGH· v3 6.9 MEDIUM· v2 Use after free due to race condition when reopening the device driver repeatedly in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Sna...Show more Use after free due to race condition when reopening the device driver repeatedly in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and NetworkingShow less
CVE-2020-11239 1Qualcomm 406Apq8009 Firmware Apq8009w FirmwareApq8017 Firmware+403 more Nov 21, 2024 Jun 9, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Use after free issue when importing a DMA buffer by using the CPU address of the buffer due to attachment is not cleaned up properly in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IO...Show more Use after free issue when importing a DMA buffer by using the CPU address of the buffer due to attachment is not cleaned up properly in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon WearablesShow less
CVE-2021-30543 2Fedoraproject Google 2Chrome Fedora Nov 21, 2024 Jun 7, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in Tab Strip in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30542 2Fedoraproject Google 2Chrome Fedora Nov 21, 2024 Jun 7, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in Tab Strip in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30529 2Fedoraproject Google 2Chrome Fedora Nov 21, 2024 Jun 7, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in Bookmarks in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30528 2Fedoraproject Google 2Chrome Fedora Nov 21, 2024 Jun 7, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in WebAuthentication in Google Chrome on Android prior to 91.0.4472.77 allowed a remote attacker who had compromised the renderer process of a user who had saved a credit card in their Google account to po...Show more Use after free in WebAuthentication in Google Chrome on Android prior to 91.0.4472.77 allowed a remote attacker who had compromised the renderer process of a user who had saved a credit card in their Google account to potentially exploit heap corruption via a crafted HTML page.Show less
CVE-2021-30527 2Fedoraproject Google 2Chrome Fedora Nov 21, 2024 Jun 7, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in WebUI in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30525 2Fedoraproject Google 2Chrome Fedora Nov 21, 2024 Jun 7, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in TabGroups in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30524 2Fedoraproject Google 2Chrome Fedora Nov 21, 2024 Jun 7, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in TabStrip in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30523 2Fedoraproject Google 2Chrome Fedora Nov 21, 2024 Jun 7, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in WebRTC in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to potentially exploit heap corruption via a crafted SCTP packet.

Previous 1...255256257...373 Next