Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

CVEs (7,280)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-16648 1Linux 1Linux Kernel May 13, 2026 Nov 7, 2017 N/A· v4 6.6 MEDIUM· v3 7.2 HIGH· v2 The dvb_frontend_free function in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified o...Show more The dvb_frontend_free function in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device. NOTE: the function was later renamed __dvb_frontend_free.Show less
CVE-2017-2922 1Cesanta 1Mongoose May 13, 2026 Nov 7, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. A specially crafted websocket packet can cause a buffer to be allocated while leaving stale pointers...Show more An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. A specially crafted websocket packet can cause a buffer to be allocated while leaving stale pointers which leads to a use-after-free vulnerability which can be exploited to achieve remote code execution. An attacker needs to send a specially crafted websocket packet over the network to trigger this vulnerability.Show less
CVE-2017-2891 1Cesanta 1Mongoose May 13, 2026 Nov 7, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An exploitable use-after-free vulnerability exists in the HTTP server implementation of Cesanta Mongoose 6.8. An ordinary HTTP POST request with a CGI target can cause a reuse of previously freed pointer potentially resu...Show more An exploitable use-after-free vulnerability exists in the HTTP server implementation of Cesanta Mongoose 6.8. An ordinary HTTP POST request with a CGI target can cause a reuse of previously freed pointer potentially resulting in remote code execution. An attacker needs to send this HTTP request over the network to trigger this vulnerability.Show less
CVE-2017-16528 2Canonical Linux 2Linux Kernel Ubuntu Linux May 13, 2026 Nov 4, 2017 N/A· v4 6.6 MEDIUM· v3 7.2 HIGH· v2 sound/core/seq_device.c in the Linux kernel before 4.13.4 allows local users to cause a denial of service (snd_rawmidi_dev_seq_free use-after-free and system crash) or possibly have unspecified other impact via a crafted...Show more sound/core/seq_device.c in the Linux kernel before 4.13.4 allows local users to cause a denial of service (snd_rawmidi_dev_seq_free use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device.Show less
CVE-2017-16527 3Canonical DebianLinux 3Debian Linux Linux KernelUbuntu Linux May 13, 2026 Nov 4, 2017 N/A· v4 6.6 MEDIUM· v3 7.2 HIGH· v2 sound/usb/mixer.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (snd_usb_mixer_interrupt use-after-free and system crash) or possibly have unspecified other impact via a crafted USB de...Show more sound/usb/mixer.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (snd_usb_mixer_interrupt use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device.Show less
CVE-2017-16525 3Canonical DebianLinux 3Debian Linux Linux KernelUbuntu Linux May 13, 2026 Nov 4, 2017 N/A· v4 6.6 MEDIUM· v3 7.2 HIGH· v2 The usb_serial_console_disconnect function in drivers/usb/serial/console.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified...Show more The usb_serial_console_disconnect function in drivers/usb/serial/console.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device, related to disconnection and failed setup.Show less
CVE-2017-10948 1Foxitsoftware 1Foxit Reader May 13, 2026 Oct 31, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.2.1.6871. User interaction is required to exploit this vulnerability in that the target must visit a mali...Show more This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.2.1.6871. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the app.execMenuItem function. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-4723.Show less
CVE-2017-10947 1Foxitsoftware 1Foxit Reader May 13, 2026 Oct 31, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.2.1.6871. User interaction is required to exploit this vulnerability in that the target must visit a mali...Show more This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.2.1.6871. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the print function. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-4722.Show less
CVE-2017-10946 1Foxitsoftware 1Foxit Reader May 13, 2026 Oct 31, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.2.1.6871. User interaction is required to exploit this vulnerability in that the target must visit a mali...Show more This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.2.1.6871. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the setItem function. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-4721.Show less
CVE-2017-10945 1Foxitsoftware 1Foxit Reader May 13, 2026 Oct 31, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.0.14878. User interaction is required to exploit this vulnerability in that the target must visit a mal...Show more This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.0.14878. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the app.alert function. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-4855.Show less
CVE-2017-10941 1Foxitsoftware 1Foxit Reader May 13, 2026 Oct 31, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.0.14878. User interaction is required to exploit this vulnerability in that the target must visit a mal...Show more This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.0.14878. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the AFParseDateEx function. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-4816.Show less
CVE-2017-5111 3Debian GoogleRedhat 5Chrome Debian LinuxEnterprise Linux Desktop+2 more May 13, 2026 Oct 27, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 A use after free in PDFium in Google Chrome prior to 61.0.3163.79 for Linux, Windows, and Mac allowed a remote attacker to potentially exploit memory corruption via a crafted PDF file.
CVE-2017-5100 3Debian GoogleRedhat 5Chrome Debian LinuxEnterprise Linux Desktop+2 more May 13, 2026 Oct 27, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 A use after free in Apps in Google Chrome prior to 60.0.3112.78 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVE-2017-5098 3Debian GoogleRedhat 5Chrome Debian LinuxEnterprise Linux Desktop+2 more May 13, 2026 Oct 27, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 A use after free in V8 in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVE-2017-5091 3Debian GoogleRedhat 5Chrome Debian LinuxEnterprise Linux Desktop+2 more May 13, 2026 Oct 27, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 A use after free in IndexedDB in Google Chrome prior to 60.0.3112.78 for Linux, Android, Windows, and Mac allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVE-2017-5087 2Google Redhat 4Chrome Enterprise Linux DesktopEnterprise Linux Server+1 more May 13, 2026 Oct 27, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 A use after free in Blink in Google Chrome prior to 59.0.3071.104 for Mac, Windows, and Linux, and 59.0.3071.117 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page, aka...Show more A use after free in Blink in Google Chrome prior to 59.0.3071.104 for Mac, Windows, and Linux, and 59.0.3071.117 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page, aka an IndexedDB sandbox escape.Show less
CVE-2017-5080 1Google 1Chrome May 13, 2026 Oct 27, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 A use after free in credit card autofill in Google Chrome prior to 59.0.3071.86 for Linux and Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVE-2017-5074 1Google 1Chrome May 13, 2026 Oct 27, 2017 N/A· v4 8.0 HIGH· v3 5.4 MEDIUM· v2 A use after free in Chrome Apps in Google Chrome prior to 59.0.3071.86 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page, related to Bluetooth.
CVE-2017-5073 2Google Redhat 4Chrome Enterprise Linux DesktopEnterprise Linux Server+1 more May 13, 2026 Oct 27, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in print preview in Blink in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted H...Show more Use after free in print preview in Blink in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.Show less
CVE-2017-5062 2Google Redhat 4Chrome Enterprise Linux DesktopEnterprise Linux Server+1 more May 13, 2026 Oct 27, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 A use after free in Chrome Apps in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to potentially perform out of bounds memory access via a crafted...Show more A use after free in Chrome Apps in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to potentially perform out of bounds memory access via a crafted Chrome extension.Show less

Previous 1...330331332...364 Next