Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

CVEs (7,425)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-12160 1Gohttp Project 1Gohttp Nov 21, 2024 May 17, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 GoHTTP through 2017-07-25 has a sendHeader use-after-free.
CVE-2019-0708 3Huawei MicrosoftSiemens 67Agile Controller Campus Firmware Aptio FirmwareAtellica Solution Firmware+64 more Oct 29, 2025 May 16, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, a...Show more A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.Show less
CVE-2019-12106 1Miniupnp Project 1Miniupnpd Nov 21, 2024 May 15, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The updateDevice function in minissdpd.c in MiniUPnP MiniSSDPd 1.4 and 1.5 allows a remote attacker to crash the process due to a Use After Free vulnerability.
CVE-2019-5018 2Canonical Sqlite 2Sqlite Ubuntu Linux Nov 21, 2024 May 10, 2019 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code ex...Show more An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send a malicious SQL command to trigger this vulnerability.Show less
CVE-2019-2050 1Google 1Android Nov 21, 2024 May 8, 2019 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 In tearDownClientInterface of WificondControl.java, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User intera...Show more In tearDownClientInterface of WificondControl.java, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0 Android-8.1 Android-9 Android ID: A-121327323Show less
CVE-2019-2049 1Google 1Android Nov 21, 2024 May 8, 2019 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 In SendMediaUpdate and SendFolderUpdate of avrcp_service.cc, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege in the Bluetooth service with no additional exe...Show more In SendMediaUpdate and SendFolderUpdate of avrcp_service.cc, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9 Android ID: A-120445479Show less
CVE-2019-11815 5Canonical DebianLinux+2 more 14Active Iq Unified Manager Cn1610 FirmwareDebian Linux+11 more Nov 21, 2024 May 8, 2019 N/A· v4 8.1 HIGH· v3 9.3 HIGH· v2 An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free, related to net namespace cleanup.
CVE-2019-11811 3Linux OpensuseRedhat 9Enterprise Linux Enterprise Linux AusEnterprise Linux Desktop+6 more Nov 21, 2024 May 7, 2019 N/A· v4 7.0 HIGH· v3 6.9 MEDIUM· v2 An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module is removed, related to drivers/char/ipmi/ipmi_si_intf.c, drivers/ch...Show more An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module is removed, related to drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c, and drivers/char/ipmi/ipmi_si_port_io.c.Show less
CVE-2019-11810 3Canonical DebianLinux 3Debian Linux Linux KernelUbuntu Linux Nov 21, 2024 May 7, 2019 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a De...Show more An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a use-after-free.Show less
CVE-2018-20836 6Canonical DebianF5+3 more 13Active Iq Unified Manager Debian LinuxHci Compute Node+10 more Nov 21, 2024 May 7, 2019 N/A· v4 8.1 HIGH· v3 9.3 HIGH· v2 An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free.
CVE-2017-18157 1Qualcomm 21Mdm9206 Firmware Mdm9607 FirmwareMdm9650 Firmware+18 more Nov 21, 2024 May 6, 2019 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 A Use After Free Condition can occur in Thermal Engine in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 450, SD 615/16/SD 41...Show more A Use After Free Condition can occur in Thermal Engine in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDX20.Show less
CVE-2017-18156 1Qualcomm 12Mdm9206 Firmware Mdm9607 FirmwareMdm9650 Firmware+9 more Nov 21, 2024 May 6, 2019 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 While processing camera buffers in camera driver, a use after free condition can occur in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 625, S...Show more While processing camera buffers in camera driver, a use after free condition can occur in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 625, SD 820, SD 820A, SD 835, SDX20.Show less
CVE-2019-9796 1Mozilla 2Firefox Thunderbird Nov 25, 2025 Apr 26, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A use-after-free vulnerability can occur when the SMIL animation controller incorrectly registers with the refresh driver twice when only a single registration is expected. When a registration is later freed with the rem...Show more A use-after-free vulnerability can occur when the SMIL animation controller incorrectly registers with the refresh driver twice when only a single registration is expected. When a registration is later freed with the removal of the animation controller element, the refresh driver incorrectly leaves a dangling pointer to the driver's observer array. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.Show less
CVE-2019-9790 1Mozilla 2Firefox Thunderbird Nov 25, 2025 Apr 26, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A use-after-free vulnerability can occur when a raw pointer to a DOM element on a page is obtained using JavaScript and the element is then removed while still in use. This results in a potentially exploitable crash. Thi...Show more A use-after-free vulnerability can occur when a raw pointer to a DOM element on a page is obtained using JavaScript and the element is then removed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.Show less
CVE-2018-18512 1Mozilla 1Thunderbird Nov 21, 2024 Apr 26, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A use-after-free vulnerability can occur while playing a sound notification in Thunderbird. The memory storing the sound data is immediately freed, although the sound is still being played asynchronously, leading to a po...Show more A use-after-free vulnerability can occur while playing a sound notification in Thunderbird. The memory storing the sound data is immediately freed, although the sound is still being played asynchronously, leading to a potentially exploitable crash. This vulnerability affects Thunderbird < 60.5.Show less
CVE-2019-11487 3Canonical DebianLinux 3Debian Linux Linux KernelUbuntu Linux Nov 21, 2024 Apr 23, 2019 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/lin...Show more The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It can occur with FUSE requests.Show less
CVE-2019-2033 1Google 1Android Nov 21, 2024 Apr 19, 2019 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 In create_hdr of dnssd_clientstub.c, there is a possible use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. P...Show more In create_hdr of dnssd_clientstub.c, there is a possible use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-121327565.Show less
CVE-2019-2030 1Google 1Android Nov 21, 2024 Apr 19, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In removeInterfaceAddress of NetworkController.cpp, there is a possible use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploita...Show more In removeInterfaceAddress of NetworkController.cpp, there is a possible use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-119496789.Show less
CVE-2019-2029 1Google 1Android Nov 21, 2024 Apr 19, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 In btm_proc_smp_cback of tm_ble.cc, there is a possible memory corruption due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for e...Show more In btm_proc_smp_cback of tm_ble.cc, there is a possible memory corruption due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-120612744.Show less
CVE-2019-3885 3Canonical ClusterlabsFedoraproject 3Fedora PacemakerUbuntu Linux Nov 21, 2024 Apr 18, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A use-after-free flaw was found in pacemaker up to and including version 2.0.1 which could result in certain sensitive information to be leaked via the system logs.

Previous 1...303304305...372 Next