CWE-416
7,425 CVEs • Abstraction: Variant • Likelihood of Exploit: High
Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
CVEs (7,425)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Adobe 2Acrobat Dc Acrobat Reader DcNov 21, 2024 Aug 20, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use aft...Show more |
In AudioInputDescriptor::setClientActive of AudioInputDescriptor.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges...Show more |
2Debian Linux2Debian Linux Linux KernelNov 21, 2024 Aug 20, 2019 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 In the Linux kernel, a certain net/ipv4/tcp_output.c change, which was properly incorporated into 4.16.12, was incorrectly backported to the earlier longterm kernels, introducing a new vulnerability that was potentially...Show more |
Live555 before 2019.08.16 has a Use-After-Free because GenericMediaServer::createNewClientSessionWithId can generate the same client session ID in succession, which is mishandled by the MPEG1or2 and Matroska file demulti...Show more |
5Canonical DebianLinux+2 more9Active Iq Unified Manager Data Availability ServicesDebian Linux+6 moreNov 21, 2024 Aug 19, 2019 N/A· v4 4.6 MEDIUM· v3 4.9 MEDIUM· v2 An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver. |
5Canonical DebianLinux+2 more9Active Iq Unified Manager Data Availability ServicesDebian Linux+6 moreNov 21, 2024 Aug 19, 2019 N/A· v4 4.6 MEDIUM· v3 4.9 MEDIUM· v2 An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/cpia2/cpia2_usb.c driver. |
3Canonical LinuxOpensuse3Leap Linux KernelUbuntu LinuxNov 21, 2024 Aug 19, 2019 N/A· v4 6.4 MEDIUM· v3 6.9 MEDIUM· v2 An issue was discovered in the Linux kernel before 5.0.10. There is a use-after-free in the sound subsystem because card disconnection causes certain data structures to be deleted too early. This is related to sound/core...Show more |
3Linux NetappOpensuse7Active Iq Unified Manager Data Availability ServicesH410c Firmware+4 moreMay 28, 2026 Aug 19, 2019 N/A· v4 4.6 MEDIUM· v3 4.9 MEDIUM· v2 An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver. |
5Canonical DebianLinux+2 more9Active Iq Unified Manager Data Availability ServicesDebian Linux+6 moreNov 21, 2024 Aug 19, 2019 N/A· v4 4.6 MEDIUM· v3 4.9 MEDIUM· v2 An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/v4l2-core/v4l2-dev.c driver because drivers/media/radio/radio-raremono.c does not...Show more |
An issue was discovered in fs/xfs/xfs_super.c in the Linux kernel before 4.18. A use after free exists, related to xfs_fs_fill_super failure. |
An issue was discovered in drivers/net/ethernet/arc/emac_main.c in the Linux kernel before 4.5. A use-after-free is caused by a race condition between the functions arc_emac_tx and arc_emac_tx_clean. |
An issue was discovered in fs/gfs2/rgrp.c in the Linux kernel before 4.8. A use-after-free is caused by the functions gfs2_clear_rgrpd and read_rindex_entry. |
coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is misha...Show more |
1Deltaww 1Delta Industrial Automation Dopsoft Nov 21, 2024 Aug 15, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 In Delta Industrial Automation DOPSoft, Version 4.00.06.15 and prior, processing a specially crafted project file may trigger a use-after-free vulnerability, which may allow information disclosure, remote code execution,...Show more |
Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier contain an INFORMATION EXPOSURE CWE-200. A maliciously crafted Arena file opened by an unsuspecting user may result in the limited exposure of i...Show more |
Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier contain a USE AFTER FREE CWE-416. A maliciously crafted Arena file opened by an unsuspecting user may result in the application crashing or the...Show more |
2Imagemagick Opensuse2Imagemagick LeapNov 21, 2024 Aug 12, 2019 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 In ImageMagick 7.x before 7.0.8-42 and 6.x before 6.9.10-42, there is a use after free vulnerability in the UnmapBlob function that allows an attacker to cause a denial of service by sending a crafted file. |
An issue was discovered in Xpdf 4.01.01. There is a use-after-free in the function JPXStream::fillReadBuf at JPXStream.cc, due to an out of bounds read. |
An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an __blk_drain_queue() use-after-free because a certain error case is mishandled. |
In FreeBSD 12.0-STABLE before r349805, 12.0-RELEASE before 12.0-RELEASE-p8, 11.3-STABLE before r349806, 11.3-RELEASE before 11.3-RELEASE-p1, and 11.2-RELEASE before 11.2-RELEASE-p12, code which handles close of a descrip...Show more |