CWE-416
7,425 CVEs • Abstraction: Variant • Likelihood of Exploit: High
Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
CVEs (7,425)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
5Canonical DebianGoogle+2 more10Chrome Debian LinuxEnterprise Linux Desktop+7 moreNov 21, 2024 Dec 11, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 An integer overflow in path handling lead to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
3Debian GoogleRedhat5Chrome Debian LinuxLinux Desktop+2 moreNov 21, 2024 Dec 11, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Incorrect handing of paths leading to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
3Debian GoogleRedhat5Chrome Debian LinuxLinux Desktop+2 moreNov 21, 2024 Dec 11, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Incorrect object lifecycle in MediaRecorder in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
3Debian GoogleRedhat5Chrome Debian LinuxLinux Desktop+2 moreNov 21, 2024 Dec 11, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Incorrect object lifecycle in WebAudio in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
3Debian GoogleRedhat5Chrome Debian LinuxLinux Desktop+2 moreNov 21, 2024 Dec 11, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Incorrect handling of stylesheets leading to a use after free in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
3Debian GoogleRedhat5Chrome Debian LinuxLinux Desktop+2 moreNov 21, 2024 Dec 11, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Incorrect object lifecycle in PDFium in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. |
3Debian GoogleRedhat5Chrome Debian LinuxLinux Desktop+2 moreNov 21, 2024 Dec 11, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Incorrect object lifecycle handling in PDFium in Google Chrome prior to 71.0.3578.98 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. |
2Fedoraproject Msweet2Fedora Mini XmlNov 21, 2024 Dec 10, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue has been found in Mini-XML (aka mxml) 2.12. It is a use-after-free in mxmlWalkNext in mxml-search.c, as demonstrated by mxmldoc. |
In pppol2tp_connect, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation....Show more |
cairo 1.16.0, in cairo_ft_apply_variations() in cairo-ft-font.c, would free memory using a free function incompatible with WebKit's fastMalloc, leading to an application crash with a "free(): invalid pointer" error. |
1Omron 3Cx One Cx ProgrammerCx ServerNov 21, 2024 Dec 4, 2018 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 In CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior), when processing project files, the application fails to check if it is referencing freed memory. An attac...Show more |
3Debian GoogleRedhat5Chrome Debian LinuxLinux Desktop+2 moreNov 21, 2024 Dec 4, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 A use-after-free in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. |
3Debian GoogleRedhat5Chrome Debian LinuxLinux Desktop+2 moreNov 21, 2024 Dec 4, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 A double-eviction in the Incognito mode cache that lead to a user-after-free in Networking Disk Cache in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page. |
3Debian GoogleRedhat5Chrome Debian LinuxLinux Desktop+2 moreNov 21, 2024 Dec 4, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Re-entry of a destructor in Networking Disk Cache in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page. |
In LibSass 3.5.5, a use-after-free vulnerability exists in the SharedPtr class in SharedPtr.cpp (or SharedPtr.hpp) that may cause a denial of service (application crash) or possibly have unspecified other impact. |
3Canonical DebianLinux3Debian Linux Linux KernelUbuntu LinuxNov 21, 2024 Dec 3, 2018 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card....Show more |
3Canonical DebianSamba3Debian Linux SambaUbuntu LinuxNov 21, 2024 Nov 28, 2018 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Samba from version 4.3.0 and before versions 4.7.12, 4.8.7 and 4.9.3 are vulnerable to a denial of service. When configured to accept smart-card authentication, Samba's KDC will call talloc_free() twice on the same memor...Show more |
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a use after free issue in WLAN host driver can lead to device reboot. |
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while list traversal in LPM status driver for clean up, use after free vulnerability may occur. |
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, due to a race condition, a Use After Free condition can occur in Audio. |