Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

CVEs (7,425)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-5721 1Wireshark 1Wireshark Nov 21, 2024 Jan 8, 2019 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 In Wireshark 2.4.0 to 2.4.11, the ENIP dissector could crash. This was addressed in epan/dissectors/packet-enip.c by changing the memory-management approach so that a use-after-free is avoided.
CVE-2019-0570 1Microsoft 6Windows 10 Windows 8.1Windows Rt 8.1+3 more Nov 21, 2024 Jan 8, 2019 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka "Windows Runtime Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8....Show more An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka "Windows Runtime Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows Server 2019, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers.Show less
CVE-2018-16882 2Canonical Linux 2Linux Kernel Ubuntu Linux Nov 21, 2024 Jan 3, 2019 N/A· v4 8.8 HIGH· v3 7.2 HIGH· v2 A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested(=1) virtualization is enabled. In nested_get_vmcs12_pages(), in case of an error while processing post...Show more A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested(=1) virtualization is enabled. In nested_get_vmcs12_pages(), in case of an error while processing posted interrupt address, it unmaps the 'pi_desc_page' without resetting 'pi_desc' descriptor address, which is later used in pi_test_and_clear_on(). A guest user/process could use this flaw to crash the host kernel resulting in DoS or potentially gain privileged access to a system. Kernel versions before 4.14.91 and before 4.19.13 are vulnerable.Show less
CVE-2017-18328 1Qualcomm 24Mdm9206 Firmware Mdm9607 FirmwareMdm9635m Firmware+21 more Nov 21, 2024 Jan 3, 2019 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Use after free in QSH client rule processing in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD...Show more Use after free in QSH client rule processing in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 820, SD 835, SDA660, SDM630, SDM660, Snapdragon_High_Med_2016.Show less
CVE-2018-20623 1Gnu 1Binutils May 6, 2025 Dec 31, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 In GNU Binutils 2.31.1, there is a use-after-free in the error function in elfcomm.c when called from the process_archive function in readelf.c via a crafted ELF file.
CVE-2018-20592 2Fedoraproject Msweet 2Fedora Mini Xml Nov 21, 2024 Dec 30, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 In Mini-XML (aka mxml) v2.12, there is a use-after-free in the mxmlAdd function of the mxml-node.c file. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted xml file, as demonstr...Show more In Mini-XML (aka mxml) v2.12, there is a use-after-free in the mxmlAdd function of the mxml-node.c file. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted xml file, as demonstrated by mxmldoc.Show less
CVE-2018-20538 1Nasm 1Netwide Assembler Nov 21, 2024 Dec 28, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 There is a use-after-free at asm/preproc.c (function pp_getline) in Netwide Assembler (NASM) 2.14rc16 that will cause a denial of service during certain finishes tests.
CVE-2018-20535 1Nasm 1Netwide Assembler Nov 21, 2024 Dec 28, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 There is a use-after-free at asm/preproc.c (function pp_getline) in Netwide Assembler (NASM) 2.14rc16 that will cause a denial of service during a line-number increment attempt.
CVE-2018-1000878 6Canonical DebianFedoraproject+3 more 8Debian Linux Enterprise Linux DesktopEnterprise Linux Server+5 more Nov 21, 2024 Dec 20, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-416: Use After Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c that can...Show more libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-416: Use After Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c that can result in Crash/DoS - it is unknown if RCE is possible. This attack appear to be exploitable via the victim must open a specially crafted RAR archive.Show less
CVE-2018-11988 1Google 1Android Nov 21, 2024 Dec 20, 2018 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Un-trusted pointer de-reference issue by accessing a variable which is already freed.
CVE-2018-11984 1Google 1Android Nov 21, 2024 Dec 20, 2018 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, A use after free condition and an out-of-bounds access can occur in the DIAG driver.
CVE-2018-11983 1Google 1Android Nov 21, 2024 Dec 20, 2018 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Error in kernel observed while accessing freed mask pointers after reallocating memory for mask table.
CVE-2018-11960 1Google 1Android Nov 21, 2024 Dec 20, 2018 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, A use after free condition can occur in the SPS driver which can lead to error in kernel.
CVE-2017-9704 1Google 1Android Nov 21, 2024 Dec 20, 2018 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, There is no synchronization between msm_vb2 buffer operations which can lead to use after free.
CVE-2018-6307 3Canonical DebianLibvnc Project 3Debian Linux LibvncserverUbuntu Linux Nov 21, 2024 Dec 19, 2018 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 LibVNC before commit ca2a5ac02fbbadd0a21fabba779c1ea69173d10b contains heap use-after-free vulnerability in server code of file transfer extension that can result remote code execution.
CVE-2018-15126 3Canonical DebianLibvnc Project 3Debian Linux LibvncserverUbuntu Linux Nov 21, 2024 Dec 19, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 LibVNC before commit 73cb96fec028a576a5a24417b57723b55854ad7b contains heap use-after-free vulnerability in server code of file transfer extension that can result remote code execution
CVE-2018-16884 4Canonical DebianLinux+1 more 5Debian Linux Enterprise LinuxEnterprise Mrg+2 more Nov 21, 2024 Dec 18, 2018 N/A· v4 8.0 HIGH· v3 6.7 MEDIUM· v2 A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerabilit...Show more A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.Show less
CVE-2018-19364 5Canonical DebianFedoraproject+2 more 5Debian Linux FedoraLeap+2 more Nov 21, 2024 Dec 13, 2018 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome.
CVE-2018-8625 1Microsoft 1Internet Explorer Nov 21, 2024 Dec 12, 2018 N/A· v4 7.5 HIGH· v3 7.6 HIGH· v2 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution Vulnerability." This affects Internet Explorer 9, Internet Ex...Show more A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10.Show less
CVE-2018-6703 1Mcafee 1Agent Nov 21, 2024 Dec 11, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Use After Free in Remote logging (which is disabled by default) in McAfee McAfee Agent (MA) 5.x prior to 5.6.0 allows remote unauthenticated attackers to cause a Denial of Service and potentially a remote code execution...Show more Use After Free in Remote logging (which is disabled by default) in McAfee McAfee Agent (MA) 5.x prior to 5.6.0 allows remote unauthenticated attackers to cause a Denial of Service and potentially a remote code execution via a specially crafted HTTP header sent to the logging service.Show less

Previous 1...312313314...372 Next