CWE-416
7,455 CVEs • Abstraction: Variant • Likelihood of Exploit: High
Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
CVEs (7,455)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
An incorrect implementation handling file descriptor in dpu driver prior to SMR Mar-2021 Release 1 results in memory corruption leading to kernel panic. |
A use-after-free vulnerability when parsing a specially crafted file in Esri ArcGIS Server 10.8.1 (and earlier) allows an authenticated attacker with specialized permissions to achieve arbitrary code execution in the con...Show more |
1Esri 4Arcgis Engine Arcgis ProArcmap+1 moreNov 21, 2024 Mar 25, 2021 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A use-after-free vulnerability when parsing a specially crafted file in Esri ArcReader, ArcGIS Desktop, ArcGIS Engine 10.8.1 (and earlier) and ArcGIS Pro 2.7 (and earlier) allows an unauthenticated attacker to achieve ar...Show more |
3Debian FedoraprojectQemu3Debian Linux FedoraQemuNov 21, 2024 Mar 23, 2021 N/A· v4 3.2 LOW· v3 2.1 LOW· v2 A use-after-free flaw was found in the MegaRAID emulator of QEMU. This issue occurs while processing SCSI I/O requests in the case of an error mptsas_free_request() that does not dequeue the request object 'req' from a p...Show more |
2Oracle Sqlite7Communications Network Charging And Control Enterprise Manager For Oracle DatabaseJd Edwards Enterpriseone Tools+4 moreNov 21, 2024 Mar 23, 2021 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 A flaw was found in SQLite's SELECT query functionality (src/select.c). This flaw allows an attacker who is capable of running SQL queries locally on the SQLite database to cause a denial of service or possible code exec...Show more |
1Huawei 14Nip6300 Firmware Nip6600 FirmwareNip6800 Firmware+11 moreNov 21, 2024 Mar 22, 2021 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 There is a use-after-free vulnerability in a Huawei product. A module cannot deal with specific operations in special scenarios. Attackers can exploit this vulnerability by performing malicious operations. This can cause...Show more |
1Qualcomm 401Apq8009 Firmware Apq8009w FirmwareApq8017 Firmware+398 moreNov 21, 2024 Mar 17, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Use after free in GPU driver while mapping the user memory to GPU memory due to improper check of referenced memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Ind...Show more |
1Qualcomm 328Apq8009 Firmware Apq8009w FirmwareApq8017 Firmware+325 moreNov 21, 2024 Mar 17, 2021 N/A· v4 7.0 HIGH· v3 6.9 MEDIUM· v2 Use after free condition in msm ioctl events due to race between the ioctl register and deregister events in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IO...Show more |
3Debian FedoraprojectGoogle3Chrome Debian LinuxFedoraOct 24, 2025 Mar 16, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in Blink in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
3Debian FedoraprojectGoogle3Chrome Debian LinuxFedoraNov 21, 2024 Mar 16, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in WebRTC in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
3Fedoraproject GnuRedhat3Enterprise Linux FedoraGnutlsDec 3, 2025 Mar 12, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences. |
4Fedoraproject GnuNetapp+1 more5Active Iq Unified Manager E Series Performance AnalyzerEnterprise Linux+2 moreNov 21, 2024 Mar 12, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A flaw was found in gnutls. A use after free issue in client sending key_share extension may lead to memory corruption and other consequences. |
An issue was discovered in the diesel crate before 1.4.6 for Rust. There is a use-after-free in the SQLite backend because the semantics of sqlite3_column_name are not followed. |
1Synology 1Diskstation Manager Jan 14, 2025 Mar 12, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Use After Free vulnerability in iscsi_snapshot_comm_core in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attackers to execute arbitrary code via crafted web requests. |
1Microsoft 2Windows 10 Windows Server 2016Nov 21, 2024 Mar 11, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Windows Win32k Elevation of Privilege Vulnerability |
1Microsoft 2Edge Internet ExplorerOct 30, 2025 Mar 11, 2021 N/A· v4 8.8 HIGH· v3 5.1 MEDIUM· v2 Internet Explorer Memory Corruption Vulnerability |
When unserializing an object with dynamic properties HHVM needs to pre-reserve the full size of the dynamic property array before inserting anything into it. Otherwise the array might resize, invalidating previously stor...Show more |
33mf DebianFedoraproject3Debian Linux FedoraLib3mfNov 21, 2024 Mar 10, 2021 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 A use-after-free vulnerability exists in the NMR::COpcPackageReader::releaseZIP() functionality of 3MF Consortium lib3mf 2.0.0. A specially crafted 3MF file can lead to code execution. An attacker can provide a malicious...Show more |
In qtaguid_untag of xt_qtaguid.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not ne...Show more |
In StopServicesAndLogViolations of reboot.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interactio...Show more |