← Back
CWE-416

7,425 CVEs • Abstraction: Variant • Likelihood of Exploit: High

Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

JSON object

Loading...

CVEs (7,425)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-1173
1Foxitsoftware
2Foxit Reader
Phantompdf
Nov 21, 2024
May 17, 2018
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a mal...Show more
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the XFA borderColor attribute. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5436.Show less
CVE-2018-11230
1Jbig2enc Project
1Jbig2enc
Nov 21, 2024
May 17, 2018
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
jbig2_add_page in jbig2enc.cc in libjbig2enc.a in jbig2enc 0.29 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted file.
CVE-2018-8843
1Rockwellautomation
1Arena
Nov 21, 2024
May 14, 2018
N/A· v4
5.5 MEDIUM· v3
4.3 MEDIUM· v2
Rockwell Automation Arena versions 15.10.00 and prior contains a use after free vulnerability caused by processing specially crafted Arena Simulation Software files that may cause the software application to crash, poten...Show more
Rockwell Automation Arena versions 15.10.00 and prior contains a use after free vulnerability caused by processing specially crafted Arena Simulation Software files that may cause the software application to crash, potentially losing any unsaved data..Show less
CVE-2018-0946
1Microsoft
2Chakracore
Edge
Nov 21, 2024
May 9, 2018
N/A· v4
7.5 HIGH· v3
7.6 HIGH· v2
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCo...Show more
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139.Show less
CVE-2018-10685
1Long Range Zip Project
1Long Range Zip
Nov 21, 2024
May 2, 2018
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the lzma_decompress_buf function of stream.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified...Show more
In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the lzma_decompress_buf function of stream.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.Show less
CVE-2018-10675
3Canonical
LinuxRedhat
9Enterprise Linux Desktop
Enterprise Linux ServerEnterprise Linux Server Aus+6 more
Nov 21, 2024
May 2, 2018
N/A· v4
7.8 HIGH· v3
7.2 HIGH· v2
The do_get_mempolicy function in mm/mempolicy.c in the Linux kernel before 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls.
CVE-2018-3844
1Hyland
1Perceptive Document Filters
Nov 21, 2024
Apr 26, 2018
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, a crafted DOCX document can lead to a use-after-free resulting in direct code execution.
CVE-2018-10303
1Foxitsoftware
2Foxit Reader
Phantompdf
Nov 21, 2024
Apr 23, 2018
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
A use-after-free in Foxit Reader before 9.1 and PhantomPDF before 9.1 allows remote attackers to execute arbitrary code, aka iDefense ID V-y0nqfutlf3.
CVE-2018-10302
1Foxitsoftware
2Foxit Reader
Phantompdf
Nov 21, 2024
Apr 23, 2018
N/A· v4
7.8 HIGH· v3
6.8 MEDIUM· v2
A use-after-free in Foxit Reader before 9.1 and PhantomPDF before 9.1 allows remote attackers to execute arbitrary code, aka iDefense ID V-jyb51g3mv9.
CVE-2018-3850
1Foxit
1Pdf Reader
Nov 21, 2024
Apr 23, 2018
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
An exploitable use-after-free vulnerability exists in the JavaScript engine Foxit Software Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can trigger a previously freed object in memory to be reuse...Show more
An exploitable use-after-free vulnerability exists in the JavaScript engine Foxit Software Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If a browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.Show less
CVE-2017-14458
1Foxit
1Pdf Reader
Nov 21, 2024
Apr 23, 2018
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 8.3.2.25013. A specially crafted PDF document can trigger a previously freed object in memory to be...Show more
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 8.3.2.25013. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.Show less
CVE-2018-10199
1Mruby
1Mruby
Nov 21, 2024
Apr 18, 2018
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
In versions of mruby up to and including 1.4.0, a use-after-free vulnerability exists in src/io.c::File#initilialize_copy(). An attacker that can cause Ruby code to be run can possibly use this to execute arbitrary code.
CVE-2014-10046
1Qualcomm
15Mdm9615 Firmware
Mdm9625 FirmwareMdm9635m Firmware+12 more
Nov 21, 2024
Apr 18, 2018
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 808, and SD 810, use after free...Show more
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 808, and SD 810, use after free vulnerability when the PDN throttle info block is freed without clearing the corresponding active timer.Show less
CVE-2018-10119
4Canonical
DebianLibreoffice+1 more
6Debian Linux
Enterprise Linux DesktopEnterprise Linux Server+3 more
Nov 21, 2024
Apr 16, 2018
N/A· v4
7.8 HIGH· v3
6.8 MEDIUM· v2
sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service (use-after-fre...Show more
sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service (use-after-free with write access) or possibly have unspecified other impact via a crafted document that uses the structured storage ole2 wrapper file format.Show less
CVE-2018-3590
1Qualcomm
14Msm8909w Firmware
Sd 205 FirmwareSd 210 Firmware+11 more
Nov 21, 2024
Apr 11, 2018
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, a Use After Free co...Show more
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, a Use After Free condition can occur in RIL while handling requests from Android.Show less
CVE-2017-18145
1Qualcomm
14Msm8909w Firmware
Sd 205 FirmwareSd 210 Firmware+11 more
Nov 21, 2024
Apr 11, 2018
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, while the DPM nativ...Show more
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, while the DPM native process is processing framework events, the iterator pointer is deleted after processing an event. When processing subsequent events, a Use After Condition will occur.Show less
CVE-2017-18144
1Qualcomm
14Msm8909w Firmware
Sd 205 FirmwareSd 210 Firmware+11 more
Nov 21, 2024
Apr 11, 2018
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, while processing th...Show more
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, while processing the retransmission of WPA supplicant command send failures, there is a make after break of the connection to WPA supplicant where the local pointer is not properly updated. If the WPA supplicant command transmission fails, a Use After Free condition will occur.Show less
CVE-2017-18140
1Qualcomm
24Mdm9206 Firmware
Mdm9607 FirmwareMdm9650 Firmware+21 more
Nov 21, 2024
Apr 11, 2018
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 425, SD 430, SD 450, SD 61...Show more
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, when processing a call disconnection, there is an attempt to print the RIL token-id to the debug log. If eMBMS service is enabled while processing the call disconnect, a Use After Free condition may potentially occur.Show less
CVE-2017-18136
1Qualcomm
26Mdm9206 Firmware
Mdm9607 FirmwareMdm9615 Firmware+23 more
Nov 21, 2024
Apr 11, 2018
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, S...Show more
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 820, SD 820A, SD 835, SD 845, in the omx aac component, a Use After Free condition may potentially occur.Show less
CVE-2017-11011
1Qualcomm
11Mdm9206 Firmware
Mdm9607 FirmwareSd 205 Firmware+8 more
Nov 21, 2024
Apr 11, 2018
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 820, SD 835, a Use After Free condition can o...Show more
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 820, SD 835, a Use After Free condition can occur in a communication API.Show less