Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

CVEs (7,455)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-15991 4Debian FedoraprojectGoogle+1 more 4Backports Sle ChromeDebian Linux+1 more Nov 21, 2024 Nov 3, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in password manager in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-15990 4Debian FedoraprojectGoogle+1 more 4Backports Sle ChromeDebian Linux+1 more Nov 21, 2024 Nov 3, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in autofill in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-15987 4Debian FedoraprojectGoogle+1 more 4Backports Sle ChromeDebian Linux+1 more Nov 21, 2024 Nov 3, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted WebRTC stream.
CVE-2020-15986 4Debian FedoraprojectGoogle+1 more 4Backports Sle ChromeDebian Linux+1 more Nov 21, 2024 Nov 3, 2020 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Integer overflow in media in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-15976 4Debian FedoraprojectGoogle+1 more 4Backports Sle ChromeDebian Linux+1 more Nov 21, 2024 Nov 3, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in WebXR in Google Chrome on Android prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-15972 4Debian FedoraprojectGoogle+1 more 4Backports Sle ChromeDebian Linux+1 more Nov 21, 2024 Nov 3, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in audio in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-15971 4Debian FedoraprojectGoogle+1 more 4Backports Sle ChromeDebian Linux+1 more Nov 21, 2024 Nov 3, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in printing in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-15970 4Debian FedoraprojectGoogle+1 more 4Backports Sle ChromeDebian Linux+1 more Nov 21, 2024 Nov 3, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in NFC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-15969 5Apple DebianFedoraproject+2 more 10Backports Sle ChromeDebian Linux+7 more Nov 21, 2024 Nov 3, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-15968 4Debian FedoraprojectGoogle+1 more 4Backports Sle ChromeDebian Linux+1 more Nov 21, 2024 Nov 3, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-15967 4Debian FedoraprojectGoogle+1 more 4Backports Sle ChromeDebian Linux+1 more Nov 21, 2024 Nov 3, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in payments in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-3696 1Qualcomm 23Apq8009 Firmware Apq8017 FirmwareApq8053 Firmware+20 more Nov 21, 2024 Nov 2, 2020 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 u'Use after free while installing new security rule in ipcrtr as old one is deleted and this rule could still be in use for checking security permission for particular process' in Snapdragon Auto, Snapdragon Consumer IOT...Show more u'Use after free while installing new security rule in ipcrtr as old one is deleted and this rule could still be in use for checking security permission for particular process' in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909W, MSM8996AU, QCA4531, QCA6574AU, QCA9531, QCM2150, QCS605, SDM429W, SDX20, SDX24Show less
CVE-2020-11173 1Qualcomm 33Agatti Firmware Apq8053 FirmwareBitra Firmware+30 more Nov 21, 2024 Nov 2, 2020 N/A· v4 7.0 HIGH· v3 4.4 MEDIUM· v2 u'Two threads running simultaneously from user space can lead to race condition in fastRPC driver' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snap...Show more u'Two threads running simultaneously from user space can lead to race condition in fastRPC driver' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in Agatti, APQ8053, Bitra, IPQ4019, IPQ5018, IPQ6018, IPQ8064, IPQ8074, Kamorta, MDM9607, MSM8953, Nicobar, QCA6390, QCS404, QCS405, QCS610, Rennell, SA515M, SA6155P, SA8155P, Saipan, SC8180X, SDA845, SDM429, SDM429W, SDM632, SDM660, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130Show less
CVE-2020-3851 1Apple 1Mac Os X Nov 21, 2024 Oct 27, 2020 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A use after free issue was addressed with improved memory management. This issue is fixed in macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra, macOS Catalina 10.15.3, Security...Show more A use after free issue was addressed with improved memory management. This issue is fixed in macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra, macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. An application may be able to gain elevated privileges.Show less
CVE-2019-8846 2Apple Redhat 9Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Workstation+6 more Nov 21, 2024 Oct 27, 2020 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.1...Show more A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.Show less
CVE-2019-8578 1Apple 1Airport Base Station Firmware Nov 21, 2024 Oct 27, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A use after free issue was addressed with improved memory management. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A remote attacker may be able to cause...Show more A use after free issue was addressed with improved memory management. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A remote attacker may be able to cause arbitrary code execution.Show less
CVE-2019-8528 1Apple 3Iphone Os Mac Os XWatchos Nov 21, 2024 Oct 27, 2020 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. An applicat...Show more A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. An application may be able to execute arbitrary code with kernel privileges.Show less
CVE-2020-27675 3Debian FedoraprojectLinux 3Debian Linux FedoraLinux Kernel Nov 21, 2024 Oct 22, 2020 N/A· v4 4.7 MEDIUM· v3 4.7 MEDIUM· v2 An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. drivers/xen/events/events_base.c allows event-channel removal during the event-handling loop (a race condition). This can cause...Show more An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. drivers/xen/events/events_base.c allows event-channel removal during the event-handling loop (a race condition). This can cause a use-after-free or NULL pointer dereference, as demonstrated by a dom0 crash via events for an in-reconfiguration paravirtualized device, aka CID-073d0552ead5.Show less
CVE-2020-27672 4Debian FedoraprojectOpensuse+1 more 4Debian Linux FedoraLeap+1 more Nov 21, 2024 Oct 22, 2020 N/A· v4 7.0 HIGH· v3 6.9 MEDIUM· v2 An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a host OS denial of service, achieve data corruption, or possibly gain privileges by exploiting a race condition that leads to a use-afte...Show more An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a host OS denial of service, achieve data corruption, or possibly gain privileges by exploiting a race condition that leads to a use-after-free involving 2MiB and 1GiB superpages.Show less
CVE-2020-15684 1Mozilla 1Firefox Nov 21, 2024 Oct 22, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Mozilla developers reported memory safety bugs present in Firefox 81. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrar...Show more Mozilla developers reported memory safety bugs present in Firefox 81. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 82.Show less

Previous 1...270271272...373 Next