Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

CVEs (7,455)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-26972 1Mozilla 1Firefox Nov 21, 2024 Jan 7, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The lifecycle of IPC Actors allows managed actors to outlive their manager actors; and the former must ensure that they are not attempting to use a dead actor they have a reference to. Such a check was omitted in WebGL,...Show more The lifecycle of IPC Actors allows managed actors to outlive their manager actors; and the former must ensure that they are not attempting to use a dead actor they have a reference to. Such a check was omitted in WebGL, resulting in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox < 84.Show less
CVE-2020-8265 5Debian FedoraprojectNodejs+2 more 5Debian Linux FedoraGraalvm+2 more Nov 21, 2024 Jan 6, 2021 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 are vulnerable to a use-after-free bug in its TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with...Show more Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 are vulnerable to a use-after-free bug in its TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as first argument. If the DoWrite method does not return an error, this object is passed back to the caller as part of a StreamWriteResult structure. This may be exploited to corrupt memory leading to a Denial of Service or potentially other exploits.Show less
CVE-2020-35876 1Rio Project 1Rio Nov 21, 2024 Dec 31, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in the rio crate through 2020-05-11 for Rust. A struct can be leaked, allowing attackers to obtain sensitive information, cause a use-after-free, or cause a data race.
CVE-2020-35874 1Internment Project 1Internment Nov 21, 2024 Dec 31, 2020 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 An issue was discovered in the internment crate through 2020-05-28 for Rust. ArcIntern::drop has a race condition and resultant use-after-free.
CVE-2020-35873 1Rusqlite Project 1Rusqlite Nov 21, 2024 Dec 31, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in the rusqlite crate before 0.23.0 for Rust. Memory safety can be violated because sessions.rs has a use-after-free.
CVE-2020-35870 1Rusqlite Project 1Rusqlite Nov 21, 2024 Dec 31, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in the rusqlite crate before 0.23.0 for Rust. Memory safety can be violated via an Auxdata API use-after-free.
CVE-2020-35862 1Bitvec Project 1Bitvec Nov 21, 2024 Dec 31, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in the bitvec crate before 0.17.4 for Rust. BitVec to BitBox conversion leads to a use-after-free or double free.
CVE-2018-25001 1Libpulse Binding Project 1Libpulse Binding Nov 21, 2024 Dec 31, 2020 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 An issue was discovered in the libpulse-binding crate before 2.5.0 for Rust. proplist::Iterator can cause a use-after-free.
CVE-2020-35923 1Ordered Float Project 1Ordered Float Nov 21, 2024 Dec 31, 2020 N/A· v4 5.5 MEDIUM· v3 4.9 MEDIUM· v2 An issue was discovered in the ordered-float crate before 1.1.1 and 2.x before 2.0.1 for Rust. A NotNan value can contain a NaN.
CVE-2020-35917 1Pyo3 Project 1Pyo3 Nov 21, 2024 Dec 31, 2020 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 An issue was discovered in the pyo3 crate before 0.12.4 for Rust. There is a reference-counting error and use-after-free in From<Py<T>>.
CVE-2020-35906 1Rust Lang 1Futures Task Oct 30, 2025 Dec 31, 2020 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 An issue was discovered in the futures-task crate before 0.3.6 for Rust. futures_task::waker may cause a use-after-free in a non-static type situation.
CVE-2020-35902 1Actix 1Actix Codec Nov 21, 2024 Dec 31, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in the actix-codec crate before 0.3.0-beta.1 for Rust. There is a use-after-free in Framed.
CVE-2020-35901 1Actix 1Actix Http Nov 21, 2024 Dec 31, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue was discovered in the actix-http crate before 2.0.0-alpha.1 for Rust. There is a use-after-free in BodyStream.
CVE-2020-35900 1Array Queue Project 1Array Queue Nov 21, 2024 Dec 31, 2020 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 An issue was discovered in the array-queue crate through 2020-09-26 for Rust. A pop_back() call may lead to a use-after-free.
CVE-2020-35899 1Actix 1Actix Service Nov 21, 2024 Dec 31, 2020 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 An issue was discovered in the actix-service crate before 1.0.6 for Rust. The Cell implementation allows obtaining more than one mutable reference to the same data.
CVE-2020-35898 1Actix 1Actix Utils Nov 21, 2024 Dec 31, 2020 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 An issue was discovered in the actix-utils crate before 2.0.0 for Rust. The Cell implementation allows obtaining more than one mutable reference to the same data.
CVE-2020-9093 1Huawei 1Taurus Al00a Firmware Nov 21, 2024 Dec 29, 2020 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 There is a use after free vulnerability in Taurus-AL00A versions 10.0.0.1(C00E1R1P1). A module does not deal with specific message properly, which makes a function refer to memory after it has been freed. Attackers can e...Show more There is a use after free vulnerability in Taurus-AL00A versions 10.0.0.1(C00E1R1P1). A module does not deal with specific message properly, which makes a function refer to memory after it has been freed. Attackers can exploit this vulnerability by running a crafted application with common privilege. This would compromise normal service.Show less
CVE-2020-13570 1Foxitsoftware 1Foxit Reader Nov 21, 2024 Dec 22, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger the reuse of previously free memory which can lead to arbi...Show more A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger the reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.Show less
CVE-2020-13560 1Foxitsoftware 1Foxit Reader Nov 21, 2024 Dec 22, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 A use after free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger reuse of previously free memory which can lead to ar...Show more A use after free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.Show less
CVE-2020-13557 1Foxitsoftware 1Foxit Reader Nov 21, 2024 Dec 22, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 A use after free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger reuse of previously free memory which can lead to ar...Show more A use after free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.Show less

Previous 1...266267268...373 Next