Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

CVEs (7,453)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-14037 1Qualcomm 31Apq8009 Firmware Apq8053 FirmwareApq8096au Firmware+28 more Nov 21, 2024 Jul 30, 2020 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Close and bind operations done on a socket can lead to a Use-After-Free condition. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, S...Show more Close and bind operations done on a socket can lead to a Use-After-Free condition. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8996, MSM8996AU, QCN7605, QCN7606, QCS605, SC8180X, SDA660, SDA845, SDM439, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM8150, SXR1130Show less
CVE-2019-10580 1Qualcomm 13Mdm9607 Firmware Msm8909w FirmwareNicobar Firmware+10 more Nov 21, 2024 Jul 30, 2020 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 When kernel thread unregistered listener, Use after free issue happened as the listener client`s private data has been already freed in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial...Show more When kernel thread unregistered listener, Use after free issue happened as the listener client`s private data has been already freed in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9607, MSM8909W, Nicobar, QCM2150, QCS405, QCS605, Saipan, SC8180X, SDM429W, SDX55, SM8150, SM8250, SXR2130Show less
CVE-2020-15706 7Canonical DebianGnu+4 more 14Debian Linux Enterprise LinuxEnterprise Linux Atomic Host+11 more Nov 21, 2024 Jul 29, 2020 N/A· v4 6.4 MEDIUM· v3 4.4 MEDIUM· v2 GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitra...Show more GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 version 2.04 and prior versions.Show less
CVE-2020-6518 4Debian FedoraprojectGoogle+1 more 5Backports Sle ChromeDebian Linux+2 more Nov 21, 2024 Jul 22, 2020 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 Use after free in developer tools in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had convinced the user to use developer tools to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6515 4Debian FedoraprojectGoogle+1 more 5Backports Sle ChromeDebian Linux+2 more Nov 21, 2024 Jul 22, 2020 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 Use after free in tab strip in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6509 1Google 1Chrome Nov 21, 2024 Jul 22, 2020 N/A· v4 9.6 CRITICAL· v3 6.8 MEDIUM· v2 Use after free in extensions in Google Chrome prior to 83.0.4103.116 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
CVE-2020-6505 1Google 1Chrome Nov 21, 2024 Jul 22, 2020 N/A· v4 9.6 CRITICAL· v3 6.8 MEDIUM· v2 Use after free in speech in Google Chrome prior to 83.0.4103.106 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-15888 1Lua 1Lua Nov 21, 2024 Jul 21, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection, leading to a heap-based buffer overflow, heap-based buffer over-read, or use-after-free.
CVE-2020-15859 2Debian Qemu 2Debian Linux Qemu Nov 21, 2024 Jul 21, 2020 N/A· v4 3.3 LOW· v3 2.1 LOW· v2 QEMU 4.2.0 has a use-after-free in hw/net/e1000e_core.c because a guest OS user can trigger an e1000e packet with the data's address set to the e1000e's MMIO address.
CVE-2020-0305 2Google Opensuse 2Android Leap Nov 21, 2024 Jul 17, 2020 N/A· v4 6.4 MEDIUM· v3 4.4 MEDIUM· v2 In cdev_get of char_dev.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploita...Show more In cdev_get of char_dev.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-153467744Show less
CVE-2020-1382 1Microsoft 2Windows 10 Windows Server 2016 Nov 21, 2024 Jul 14, 2020 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from C...Show more An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1381.Show less
CVE-2020-1381 1Microsoft 2Windows 10 Windows Server 2016 Nov 21, 2024 Jul 14, 2020 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from C...Show more An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1382.Show less
CVE-2020-12420 3Canonical MozillaOpensuse 5Firefox Firefox EsrLeap+2 more Nov 21, 2024 Jul 9, 2020 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 When trying to connect to a STUN server, a race condition could have caused a use-after-free of a pointer, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.10,...Show more When trying to connect to a STUN server, a race condition could have caused a use-after-free of a pointer, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0.Show less
CVE-2020-12419 3Canonical MozillaOpensuse 5Firefox Firefox EsrLeap+2 more Nov 21, 2024 Jul 9, 2020 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 When processing callbacks that occurred during window flushing in the parent process, the associated window may die; causing a use-after-free condition. This could have led to memory corruption and a potentially exploita...Show more When processing callbacks that occurred during window flushing in the parent process, the associated window may die; causing a use-after-free condition. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0.Show less
CVE-2020-12416 2Mozilla Opensuse 2Firefox Leap Nov 21, 2024 Jul 9, 2020 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 A VideoStreamEncoder may have been freed in a race condition with VideoBroadcaster::AddOrUpdateSink, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firef...Show more A VideoStreamEncoder may have been freed in a race condition with VideoBroadcaster::AddOrUpdateSink, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox < 78.Show less
CVE-2020-12405 2Canonical Mozilla 4Firefox Firefox EsrThunderbird+1 more Nov 21, 2024 Jul 9, 2020 N/A· v4 5.3 MEDIUM· v3 2.6 LOW· v2 When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.
CVE-2020-7457 1Freebsd 1Freebsd Nov 21, 2024 Jul 9, 2020 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 In FreeBSD 12.1-STABLE before r359565, 12.1-RELEASE before p7, 11.4-STABLE before r362975, 11.4-RELEASE before p1, and 11.3-RELEASE before p11, missing synchronization in the IPV6_2292PKTOPTIONS socket option set handler...Show more In FreeBSD 12.1-STABLE before r359565, 12.1-RELEASE before p7, 11.4-STABLE before r362975, 11.4-RELEASE before p1, and 11.3-RELEASE before p11, missing synchronization in the IPV6_2292PKTOPTIONS socket option set handler contained a race condition allowing a malicious application to modify memory after being freed, possibly resulting in code execution.Show less
CVE-2020-10730 5Debian FedoraprojectOpensuse+2 more 5Debian Linux FedoraLeap+2 more Nov 21, 2024 Jul 7, 2020 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 A NULL pointer dereference, or possible use-after-free flaw was found in Samba AD LDAP server in versions before 4.10.17, before 4.11.11 and before 4.12.4. Although some versions of Samba shipped with Red Hat Enterprise...Show more A NULL pointer dereference, or possible use-after-free flaw was found in Samba AD LDAP server in versions before 4.10.17, before 4.11.11 and before 4.12.4. Although some versions of Samba shipped with Red Hat Enterprise Linux do not support Samba in AD mode, the affected code is shipped with the libldb package. This flaw allows an authenticated user to possibly trigger a use-after-free or NULL pointer dereference. The highest threat from this vulnerability is to system availability.Show less
CVE-2020-9262 1Huawei 1Mate 30 Firmware Nov 21, 2024 Jul 6, 2020 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a use after free vulnerability. There is a condition exists that the system would reference memory after it has been freed, the attacker should trick...Show more HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a use after free vulnerability. There is a condition exists that the system would reference memory after it has been freed, the attacker should trick the user into running a crafted application with high privilege, successful exploit could cause code execution.Show less
CVE-2020-10760 4Canonical FedoraprojectOpensuse+1 more 4Fedora LeapSamba+1 more Nov 21, 2024 Jul 6, 2020 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 A use-after-free flaw was found in all samba LDAP server versions before 4.10.17, before 4.11.11, before 4.12.4 used in a AC DC configuration. A Samba LDAP user could use this flaw to crash samba.

Previous 1...275276277...373 Next