← Back
CWE-416

7,427 CVEs • Abstraction: Variant • Likelihood of Exploit: High

Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

JSON object

Loading...

CVEs (7,427)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-8187
1Adobe
2Acrobat Dc
Acrobat Reader Dc
Nov 21, 2024
Oct 17, 2019
N/A· v4
4.3 MEDIUM· v3
4.3 MEDIUM· v2
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Suc...Show more
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .Show less
CVE-2019-8181
1Adobe
2Acrobat Dc
Acrobat Reader Dc
Nov 21, 2024
Oct 17, 2019
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Suc...Show more
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .Show less
CVE-2019-8180
1Adobe
2Acrobat Dc
Acrobat Reader Dc
Nov 21, 2024
Oct 17, 2019
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Suc...Show more
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .Show less
CVE-2019-8179
1Adobe
2Acrobat Dc
Acrobat Reader Dc
Nov 21, 2024
Oct 17, 2019
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Suc...Show more
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .Show less
CVE-2019-8178
1Adobe
2Acrobat Dc
Acrobat Reader Dc
Nov 21, 2024
Oct 17, 2019
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Suc...Show more
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .Show less
CVE-2019-8177
1Adobe
2Acrobat Dc
Acrobat Reader Dc
Nov 21, 2024
Oct 17, 2019
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Suc...Show more
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .Show less
CVE-2019-8176
1Adobe
2Acrobat Dc
Acrobat Reader Dc
Nov 21, 2024
Oct 17, 2019
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Suc...Show more
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .Show less
CVE-2019-8175
1Adobe
2Acrobat Dc
Acrobat Reader Dc
Nov 21, 2024
Oct 17, 2019
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Suc...Show more
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .Show less
CVE-2019-17547
1Imagemagick
1Imagemagick
Nov 21, 2024
Oct 14, 2019
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
In ImageMagick before 7.0.8-62, TraceBezier in MagickCore/draw.c has a use-after-free.
CVE-2019-17541
1Imagemagick
1Imagemagick
Nov 21, 2024
Oct 14, 2019
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c.
CVE-2019-17534
1Libvips
1Libvips
Nov 21, 2024
Oct 13, 2019
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
vips_foreign_load_gif_scan_image in foreign/gifload.c in libvips before 8.8.2 tries to access a color map before a DGifGetImageDesc call, leading to a use-after-free.
CVE-2019-2215
5Canonical
DebianGoogle+2 more
77A220 Firmware
A320 FirmwareA800 Firmware+74 more
Oct 24, 2025
Oct 11, 2019
N/A· v4
7.8 HIGH· v3
4.6 MEDIUM· v2
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installat...Show more
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095Show less
CVE-2019-5527
1Vmware
5Esxi
FusionHorizon+2 more
Nov 21, 2024
Oct 10, 2019
N/A· v4
8.8 HIGH· v3
7.2 HIGH· v2
ESXi, Workstation, Fusion, VMRC and Horizon Client contain a use-after-free vulnerability in the virtual sound device. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum...Show more
ESXi, Workstation, Fusion, VMRC and Horizon Client contain a use-after-free vulnerability in the virtual sound device. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.5.Show less
CVE-2019-5053
1Gonitro
1Nitropdf
Nov 21, 2024
Oct 9, 2019
N/A· v4
7.8 HIGH· v3
6.8 MEDIUM· v2
An exploitable use-after-free vulnerability exists in the Length parsing function of NitroPDF. A specially crafted PDF can cause a type confusion, resulting in a use-after-free condition. An attacker can craft a maliciou...Show more
An exploitable use-after-free vulnerability exists in the Length parsing function of NitroPDF. A specially crafted PDF can cause a type confusion, resulting in a use-after-free condition. An attacker can craft a malicious PDF to trigger this vulnerability.Show less
CVE-2019-5047
1Gonitro
1Nitropdf
Nov 21, 2024
Oct 9, 2019
N/A· v4
7.8 HIGH· v3
6.8 MEDIUM· v2
An exploitable Use After Free vulnerability exists in the CharProcs parsing functionality of NitroPDF. A specially crafted PDF can cause a type confusion, resulting in a Use After Free. An attacker can craft a malicious...Show more
An exploitable Use After Free vulnerability exists in the CharProcs parsing functionality of NitroPDF. A specially crafted PDF can cause a type confusion, resulting in a Use After Free. An attacker can craft a malicious PDF to trigger this vulnerability.Show less
CVE-2019-6776
1Foxitsoftware
2Phantompdf
Reader
Nov 21, 2024
Oct 4, 2019
N/A· v4
7.8 HIGH· v3
6.8 MEDIUM· v2
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a m...Show more
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the removeField method when processing watermarks within AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-8801.Show less
CVE-2019-6775
1Foxitsoftware
2Phantompdf
Reader
Nov 21, 2024
Oct 4, 2019
N/A· v4
7.8 HIGH· v3
6.8 MEDIUM· v2
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malic...Show more
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the exportValues method within a AcroForm. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8491.Show less
CVE-2019-6774
1Foxitsoftware
2Phantompdf
Reader
Nov 21, 2024
Oct 4, 2019
N/A· v4
7.8 HIGH· v3
6.8 MEDIUM· v2
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.4.1.16828. User interaction is required to exploit this vulnerability in that the target must visit a malic...Show more
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.4.1.16828. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the deleteItemAt method when processing AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8295.Show less
CVE-2019-13320
1Foxitsoftware
2Phantompdf
Reader
Nov 21, 2024
Oct 4, 2019
N/A· v4
7.8 HIGH· v3
6.8 MEDIUM· v2
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malic...Show more
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8814.Show less
CVE-2019-13319
1Foxitsoftware
2Phantompdf
Reader
Nov 21, 2024
Oct 4, 2019
N/A· v4
7.8 HIGH· v3
6.8 MEDIUM· v2
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malic...Show more
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of XFA forms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8669.Show less