Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

CVEs (7,429)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-13685 1Google 1Chrome Nov 21, 2024 Nov 25, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in sharing view in Google Chrome prior to 77.0.3865.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-2336 1Qualcomm 7Mdm9205 Firmware Qcs404 FirmwareSdx55 Firmware+4 more Nov 21, 2024 Nov 21, 2019 N/A· v4 5.5 MEDIUM· v3 4.9 MEDIUM· v2 Subsequent use of the CBO listener may result in further memory corruption due to use after free issue. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,...Show more Subsequent use of the CBO listener may result in further memory corruption due to use after free issue. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in MDM9205, QCS404, SDX55, SM6150, SM7150, SM8150, SXR2130Show less
CVE-2019-2329 1Qualcomm 13Mdm9205 Firmware Qcs404 FirmwareQcs605 Firmware+10 more Nov 21, 2024 Nov 21, 2019 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Use after free issue in cleanup routine due to missing pointer sanitization for a failed start of a trusted application. in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapd...Show more Use after free issue in cleanup routine due to missing pointer sanitization for a failed start of a trusted application. in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9205, QCS404, QCS605, SDA845, SDM670, SDM710, SDM845, SDX55, SM6150, SM7150, SM8150, SXR1130, SXR2130Show less
CVE-2019-10490 1Qualcomm 38Apq8009 Firmware Apq8017 FirmwareApq8053 Firmware+35 more Nov 21, 2024 Nov 21, 2019 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 Use after free issue in Xtra daemon shutdown due to static object instance getting freed from a multiple places in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industr...Show more Use after free issue in Xtra daemon shutdown due to static object instance getting freed from a multiple places in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCS605, SDA660, SDA845, SDM450, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150, SM8250, SXR2130Show less
CVE-2015-1606 2Debian Gnupg 2Debian Linux Gnupg Nov 21, 2024 Nov 20, 2019 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The keyring DB in GnuPG before 2.1.2 does not properly handle invalid packets, which allows remote attackers to cause a denial of service (invalid read and use-after-free) via a crafted keyring file.
CVE-2016-1000006 1Facebook 1Hhvm Nov 21, 2024 Nov 19, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 hhvm before 3.12.11 has a use-after-free in the serialize_memoize_param() and ResourceBundle::__construct() functions.
CVE-2019-2213 1Google 1Android Nov 21, 2024 Nov 13, 2019 N/A· v4 7.4 HIGH· v3 6.9 MEDIUM· v2 In binder_free_transaction of binder.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not...Show more In binder_free_transaction of binder.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-133758011References: Upstream kernelShow less
CVE-2019-2205 1Google 1Android Nov 21, 2024 Nov 13, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 In ProxyResolverV8::SetPacScript of proxy_resolver_v8.cc, there is a possible memory corruption due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User inter...Show more In ProxyResolverV8::SetPacScript of proxy_resolver_v8.cc, there is a possible memory corruption due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-139806216Show less
CVE-2011-2334 1Google 1Blink Nov 21, 2024 Nov 12, 2019 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Use after free vulnerability exists in WebKit in Google Chrome before Blink M12 in RenderLayerwhen removing elements with reflections.
CVE-2019-1429 1Microsoft 1Internet Explorer Jan 14, 2026 Nov 12, 2019 N/A· v4 7.5 HIGH· v3 7.6 HIGH· v2 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-201...Show more A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1426, CVE-2019-1427, CVE-2019-1428.Show less
CVE-2011-2353 1Google 1Blink Nov 21, 2024 Nov 7, 2019 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Use after free vulnerability in documentloader in WebKit in Google Chrome before Blink M13 in DocumentWriter::replaceDocument function.
CVE-2019-18814 1Linux 1Linux Kernel Nov 21, 2024 Nov 7, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in the Linux kernel through 5.3.9. There is a use-after-free when aa_label_parse() fails in aa_audit_rule_init() in security/apparmor/audit.c.
CVE-2019-10529 1Qualcomm 41Mdm9150 Firmware Mdm9206 FirmwareMdm9607 Firmware+38 more Nov 21, 2024 Nov 6, 2019 N/A· v4 8.1 HIGH· v3 9.3 HIGH· v2 Possible use after free issue due to race condition while attempting to mark the entry pages as dirty using function set_page_dirty() in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial...Show more Possible use after free issue due to race condition while attempting to mark the entry pages as dirty using function set_page_dirty() in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24Show less
CVE-2019-10528 1Qualcomm 28Mdm9206 Firmware Mdm9607 FirmwareMdm9640 Firmware+25 more Nov 21, 2024 Nov 6, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Use after free issue in kernel while accessing freed mdlog session info and its attributes after closing the session in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdr...Show more Use after free issue in kernel while accessing freed mdlog session info and its attributes after closing the session in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 675, SD 730, SD 820, SD 820A, SD 835, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24Show less
CVE-2019-10524 1Qualcomm 41Mdm9150 Firmware Mdm9206 FirmwareMdm9607 Firmware+38 more Nov 21, 2024 Nov 6, 2019 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Lack of check for a negative value returned for get_clk is wrongly interpreted as valid pointer and lead to use after free in clk driver in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon...Show more Lack of check for a negative value returned for get_clk is wrongly interpreted as valid pointer and lead to use after free in clk driver in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24Show less
CVE-2019-10515 1Qualcomm 39Mdm9150 Firmware Mdm9206 FirmwareMdm9607 Firmware+36 more Nov 21, 2024 Nov 6, 2019 N/A· v4 5.5 MEDIUM· v3 4.9 MEDIUM· v2 DCI client which might be preemptively freed up might be accessed for transferring packets leading to kernel error in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voi...Show more DCI client which might be preemptively freed up might be accessed for transferring packets leading to kernel error in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24Show less
CVE-2019-18178 1Amazon 1Freertos+fat Nov 21, 2024 Nov 4, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Real Time Engineers FreeRTOS+FAT 160919a has a use after free. The function FF_Close() is defined in ff_file.c. The file handler pxFile is freed by ffconfigFREE, which (by default) is a macro definition of vPortFree(), b...Show more Real Time Engineers FreeRTOS+FAT 160919a has a use after free. The function FF_Close() is defined in ff_file.c. The file handler pxFile is freed by ffconfigFREE, which (by default) is a macro definition of vPortFree(), but it is reused to flush modified file content from the cache to disk by the function FF_FlushCache().Show less
CVE-2019-18683 6Broadcom CanonicalDebian+3 more 188300 Firmware 8700 FirmwareA400 Firmware+15 more Nov 21, 2024 Nov 4, 2019 N/A· v4 7.0 HIGH· v3 6.9 MEDIUM· v2 An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the...Show more An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race conditions during streaming stopping in this driver (part of the V4L2 subsystem). These issues are caused by wrong mutex locking in vivid_stop_generating_vid_cap(), vivid_stop_generating_vid_out(), sdr_cap_stop_streaming(), and the corresponding kthreads. At least one of these race conditions leads to a use-after-free.Show less
CVE-2019-17143 1Foxitsoftware 1Phantompdf Nov 21, 2024 Oct 25, 2019 N/A· v4 4.3 MEDIUM· v3 4.3 MEDIUM· v2 This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must v...Show more This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWG files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-9273.Show less
CVE-2019-17142 1Foxitsoftware 1Phantompdf Nov 21, 2024 Oct 25, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a m...Show more This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of script within a Keystroke action of a listbox field. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9081.Show less

Previous 1...288289290...372 Next