Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

CVEs (7,425)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-2111 1Google 1Android Nov 21, 2024 Jul 8, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In loop of DnsTlsSocket.cpp, there is a possible heap memory corruption due to a use after free. This could lead to remote code execution in the netd server with no additional execution privileges needed. User interactio...Show more In loop of DnsTlsSocket.cpp, there is a possible heap memory corruption due to a use after free. This could lead to remote code execution in the netd server with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-122856181.Show less
CVE-2019-13289 1Glyphandcog 1Xpdfreader Nov 21, 2024 Jul 4, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 In Xpdf 4.01.01, there is a use-after-free vulnerability in the function JBIG2Stream::close() located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool.
CVE-2019-13233 1Linux 1Linux Kernel Nov 21, 2024 Jul 4, 2019 N/A· v4 7.0 HIGH· v3 4.4 MEDIUM· v2 In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is a use-after-free for access to an LDT entry because of a race condition between modify_ldt() and a #BR exception for an MPX bounds violation.
CVE-2019-13045 1Irssi 1Irssi Nov 21, 2024 Jun 29, 2019 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 Irssi before 1.0.8, 1.1.x before 1.1.3, and 1.2.x before 1.2.1, when SASL is enabled, has a use after free when sending SASL login to the server.
CVE-2019-5828 4Debian FedoraprojectGoogle+1 more 5Backports ChromeDebian Linux+2 more Nov 21, 2024 Jun 27, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Object lifecycle issue in ServiceWorker in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
CVE-2019-5813 4Debian FedoraprojectGoogle+1 more 5Backports ChromeDebian Linux+2 more Nov 21, 2024 Jun 27, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-5809 4Debian FedoraprojectGoogle+1 more 5Backports ChromeDebian Linux+2 more Nov 21, 2024 Jun 27, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in file chooser in Google Chrome prior to 74.0.3729.108 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page.
CVE-2019-5808 4Debian FedoraprojectGoogle+1 more 5Backports ChromeDebian Linux+2 more Nov 21, 2024 Jun 27, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-5805 4Debian FedoraprojectGoogle+1 more 5Backports ChromeDebian Linux+2 more Nov 21, 2024 Jun 27, 2019 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Use-after-free in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
CVE-2019-5786 1Google 1Chrome Oct 24, 2025 Jun 27, 2019 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Object lifetime issue in Blink in Google Chrome prior to 72.0.3626.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
CVE-2018-6171 1Google 1Chrome Nov 21, 2024 Jun 27, 2019 N/A· v4 5.7 MEDIUM· v3 2.9 LOW· v2 Use after free in Bluetooth in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted C...Show more Use after free in Bluetooth in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension.Show less
CVE-2018-6155 1Google 1Chrome Nov 21, 2024 Jun 27, 2019 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Incorrect handling of frames in the VP8 parser in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file.
CVE-2018-6118 1Google 1Chrome Nov 21, 2024 Jun 27, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 A double-eviction in the Incognito mode cache that lead to a user-after-free in cache in Google Chrome prior to 66.0.3359.139 allowed a remote attacker who had compromised the renderer process to execute arbitrary code v...Show more A double-eviction in the Incognito mode cache that lead to a user-after-free in cache in Google Chrome prior to 66.0.3359.139 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.Show less
CVE-2018-17479 1Google 1Chrome Nov 21, 2024 Jun 27, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Incorrect object lifetime calculations in GPU code in Google Chrome prior to 70.0.3538.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-12871 1Phoenixcontact 1Automationworx Software Suite Nov 21, 2024 Jun 24, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. A manipulated PC Worx or Config+ project file could lead to a Use-After-Free and remote code execut...Show more An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. A manipulated PC Worx or Config+ project file could lead to a Use-After-Free and remote code execution. The attacker needs to get access to an original PC Worx or Config+ project file to be able to manipulate it. After manipulation, the attacker needs to exchange the original file with the manipulated one on the application programming workstation.Show less
CVE-2019-2025 1Google 1Android Nov 21, 2024 Jun 19, 2019 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 In binder_thread_read of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interacti...Show more In binder_thread_read of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-116855682References: Upstream kernelShow less
CVE-2019-2024 1Google 1Android Nov 21, 2024 Jun 19, 2019 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 In em28xx_unregister_dvb of em28xx-dvb.c, there is a possible use after free issue. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for expl...Show more In em28xx_unregister_dvb of em28xx-dvb.c, there is a possible use after free issue. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-111761954References: Upstream kernelShow less
CVE-2019-2006 1Google 1Android Nov 21, 2024 Jun 19, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 In serviceDied of HalDeathHandlerHidl.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege in the audio server with no additional execution privileges neede...Show more In serviceDied of HalDeathHandlerHidl.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege in the audio server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9Android ID: A-116665972Show less
CVE-2018-19878 1Teltonika 1Rut950 Firmware Nov 21, 2024 Jun 19, 2019 N/A· v4 6.5 MEDIUM· v3 6.8 MEDIUM· v2 An issue was discovered on Teltonika RTU950 R_31.04.89 devices. The application allows a user to login without limitation. For every successful login request, the application saves a session. A user can re-login without...Show more An issue was discovered on Teltonika RTU950 R_31.04.89 devices. The application allows a user to login without limitation. For every successful login request, the application saves a session. A user can re-login without logging out, causing the application to store the session in memory. Exploitation of this vulnerability will increase memory use and consume free space.Show less
CVE-2019-3896 2Linux Redhat 5Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Server Aus+2 more Nov 21, 2024 Jun 19, 2019 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 A double-free can happen in idr_remove_all() in lib/idr.c in the Linux kernel 2.6 branch. An unprivileged local attacker can use this flaw for a privilege escalation or for a system crash and a denial of service (DoS).

Previous 1...297298299...372 Next