Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

CVEs (7,454)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-14373 2Artifex Redhat 2Enterprise Linux Ghostscript Nov 21, 2024 Sep 3, 2020 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 A use after free was found in igc_reloc_struct_ptr() of psi/igc.c of ghostscript-9.25. A local attacker could supply a specially crafted PDF file to cause a denial of service.
CVE-2020-10720 1Linux 1Linux Kernel Nov 21, 2024 Sep 3, 2020 N/A· v4 5.5 MEDIUM· v3 4.9 MEDIUM· v2 A flaw was found in the Linux kernel's implementation of GRO in versions before 5.2. This flaw allows an attacker with local access to crash the system.
CVE-2020-5378 1Dell 1G7 17 7790 Bios Nov 21, 2024 Sep 2, 2020 N/A· v4 6.8 MEDIUM· v3 7.2 HIGH· v2 Dell G7 17 7790 BIOS versions prior to 1.13.2 contain a UEFI BIOS Boot Services overwrite vulnerability. A local attacker with access to system memory may exploit this vulnerability by overwriting the EFI_BOOT_SERVICES s...Show more Dell G7 17 7790 BIOS versions prior to 1.13.2 contain a UEFI BIOS Boot Services overwrite vulnerability. A local attacker with access to system memory may exploit this vulnerability by overwriting the EFI_BOOT_SERVICES structure to execute arbitrary code in System Management Mode (SMM).Show less
CVE-2020-5376 1Dell 1Inspiron 7347 Bios Nov 21, 2024 Sep 2, 2020 N/A· v4 6.8 MEDIUM· v3 7.2 HIGH· v2 Dell Inspiron 7347 BIOS versions prior to A13 contain a UEFI BIOS Boot Services overwrite vulnerability. A local attacker with access to system memory may exploit this vulnerability by overwriting the EFI_BOOT_SERVICES s...Show more Dell Inspiron 7347 BIOS versions prior to A13 contain a UEFI BIOS Boot Services overwrite vulnerability. A local attacker with access to system memory may exploit this vulnerability by overwriting the EFI_BOOT_SERVICES structure to execute arbitrary code in System Management Mode (SMM).Show less
CVE-2020-24241 1Nasm 1Netwide Assembler Nov 21, 2024 Aug 25, 2020 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 In Netwide Assembler (NASM) 2.15rc10, there is heap use-after-free in saa_wbytes in nasmlib/saa.c.
CVE-2020-24240 1Gnu 1Bison Nov 21, 2024 Aug 25, 2020 N/A· v4 5.5 MEDIUM· v3 7.1 HIGH· v2 GNU Bison before 3.7.1 has a use-after-free in _obstack_free in lib/obstack.c (called from gram_lex) when a '\0' byte is encountered. NOTE: there is a risk only if Bison is used with untrusted input, and the observed bug...Show more GNU Bison before 3.7.1 has a use-after-free in _obstack_free in lib/obstack.c (called from gram_lex) when a '\0' byte is encountered. NOTE: there is a risk only if Bison is used with untrusted input, and the observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug report was intended to show that a crash may occur in Bison itself, not that a crash may occur in code that is generated by Bison.Show less
CVE-2020-15637 1Foxitsoftware 2Phantompdf Reader Nov 21, 2024 Aug 20, 2020 N/A· v4 3.3 LOW· v3 4.3 MEDIUM· v2 This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must v...Show more This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the SetLocalDescription method. By performing actions in JavaScript, an attacker can cause a pointer to be reused after it has been freed. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-10972.Show less
CVE-2020-9722 1Adobe 2Acrobat Dc Acrobat Reader Dc Nov 21, 2024 Aug 19, 2020 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an use-after-free vulnerability. Successful exploitation could lead to arbitra...Show more Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution .Show less
CVE-2020-9715 1Adobe 2Acrobat Dc Acrobat Reader Dc Apr 14, 2026 Aug 19, 2020 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an use-after-free vulnerability. Successful exploitation could lead to arbitra...Show more Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution .Show less
CVE-2020-9237 1Huawei 1Taurus Al00b Firmware Nov 21, 2024 Aug 17, 2020 N/A· v4 6.7 MEDIUM· v3 4.6 MEDIUM· v2 Huawei smartphone Taurus-AL00B with versions earlier than 10.1.0.126(C00E125R5P3) have a user after free vulnerability. A module is lack of lock protection. Attackers can exploit this vulnerability by launching specific...Show more Huawei smartphone Taurus-AL00B with versions earlier than 10.1.0.126(C00E125R5P3) have a user after free vulnerability. A module is lack of lock protection. Attackers can exploit this vulnerability by launching specific request. This could compromise normal service of the affected device.Show less
CVE-2020-24349 1F5 1Njs Nov 21, 2024 Aug 13, 2020 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 njs through 0.4.3, used in NGINX, allows control-flow hijack in njs_value_property in njs_value.c. NOTE: the vendor considers the issue to be "fluff" in the NGINX use case because there is no remote attack surface.
CVE-2020-24346 1F5 1Njs Nov 21, 2024 Aug 13, 2020 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 njs through 0.4.3, used in NGINX, has a use-after-free in njs_json_parse_iterator_call in njs_json.c.
CVE-2020-24343 1Artifex 1Mujs Nov 21, 2024 Aug 13, 2020 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Artifex MuJS through 1.0.7 has a use-after-free in jsrun.c because of unconditional marking in jsgc.c.
CVE-2020-16303 3Artifex CanonicalDebian 3Debian Linux GhostscriptUbuntu Linux Nov 21, 2024 Aug 13, 2020 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A use-after-free vulnerability in xps_finish_image_path() in devices/vector/gdevxps.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. This is fixed in v9.51.
CVE-2020-0253 1Google 1Android Nov 21, 2024 Aug 11, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 There is a possible memory corruption due to a use after free.Product: AndroidVersions: Android SoCAndroid ID: A-152647365
CVE-2020-0252 1Google 1Android Nov 21, 2024 Aug 11, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 There is a possible memory corruption due to a use after free.Product: AndroidVersions: Android SoCAndroid ID: A-152236803
CVE-2020-0243 1Google 1Android Nov 21, 2024 Aug 11, 2020 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 In clearPropValue of MediaAnalyticsItem.cpp, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the media server with no additional execution privileges needed...Show more In clearPropValue of MediaAnalyticsItem.cpp, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the media server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-8.0 Android-8.1Android ID: A-151644303Show less
CVE-2020-0242 1Google 1Android Nov 21, 2024 Aug 11, 2020 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 In reset of NuPlayerDriver.cpp, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the media server with no additional execution privileges needed. User intera...Show more In reset of NuPlayerDriver.cpp, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the media server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-151643722Show less
CVE-2020-7827 1Hmtalk 1Daviewindy Nov 21, 2024 Jul 30, 2020 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 DaviewIndy 8.98.7 and earlier version contain Use-After-Free vulnerability, triggered when the user opens a malformed specific file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execut...Show more DaviewIndy 8.98.7 and earlier version contain Use-After-Free vulnerability, triggered when the user opens a malformed specific file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution.Show less
CVE-2020-3701 1Qualcomm 3Saipan Firmware Sm8250 FirmwareSxr2130 Firmware Nov 21, 2024 Jul 30, 2020 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Use after free issue while processing error notification from camx driver due to not properly releasing the sequence data in Snapdragon Mobile in Saipan, SM8250, SXR2130

Previous 1...274275276...373 Next