CWE-416
7,436 CVEs • Abstraction: Variant • Likelihood of Exploit: High
Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
CVEs (7,436)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
Use-after-free in accessibility in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
Use-after-free in content delivery manager in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
3Fedoraproject FontforgeOpensuse3Fedora FontforgeLeapNov 21, 2024 Jan 3, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 FontForge 20190801 has a use-after-free in SFD_GetFontMetaData in sfd.c. |
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a use-after-free in the function trak_Read() in isomedia/box_code_base.c. |
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a use-after-free in the function gf_isom_box_dump_ex() in isomedia/box_funcs.c. |
An issue was discovered in Bento4 1.5.1.0. There is a use-after-free in AP4_Sample::GetOffset in Core/Ap4Sample.h when called from Ap4LinearReader.cpp. |
2Canonical Vim2Ubuntu Linux VimNov 21, 2024 Dec 30, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 The autocmd feature in window.c in Vim before 8.1.2136 accesses freed memory. |
2Gnu Opensuse3Backports Sle LeapLibredwgNov 21, 2024 Dec 27, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 An issue was discovered in GNU LibreDWG 0.92. There is a use-after-free in resolve_objectref_vector in decode.c. |
An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_char_content puts a pointer to the internal address of a larger block as xml->txt. This is later deallocated (using free), leading to a segmentatio...Show more |
4Debian LinuxNetapp+1 more13Active Iq Unified Manager Aff Baseboard Management ControllerCloud Backup+10 moreNov 21, 2024 Dec 25, 2019 N/A· v4 4.6 MEDIUM· v3 2.1 LOW· v2 In the Linux kernel before 5.1.6, there is a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service, aka CID-dea37a972655. |
In ImageMagick 7.0.9-7 Q16, there is a use-after-free in the function MngInfoDiscardObject of coders/png.c, related to ReadOneMNGImage. |
3Debian GraphicsmagickOpensuse4Backports Debian LinuxGraphicsmagick+1 moreNov 21, 2024 Dec 24, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free in ThrowException and ThrowLoggedException of magick/error.c. |
1Adobe 2Acrobat Dc Acrobat Reader DcNov 21, 2024 Dec 19, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an use after free vulnerabil...Show more |
1Adobe 2Acrobat Dc Acrobat Reader DcNov 21, 2024 Dec 19, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an use after free vulnerabil...Show more |
1Adobe 2Acrobat Dc Acrobat Reader DcNov 21, 2024 Dec 19, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an use after free vulnerabil...Show more |
1Adobe 2Acrobat Dc Acrobat Reader DcNov 21, 2024 Dec 19, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an use after free vulnerabil...Show more |
1Adobe 2Acrobat Dc Acrobat Reader DcNov 21, 2024 Dec 19, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an use after free vulnerabil...Show more |
5Apache DebianFedoraproject+2 more10Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+7 moreNov 4, 2025 Dec 18, 2019 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library and has no current m...Show more |
1Apple 6Icloud Iphone OsItunes+3 moreNov 21, 2024 Dec 18, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud...Show more |
1Apple 6Icloud Iphone OsItunes+3 moreNov 21, 2024 Dec 18, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud...Show more |