CWE-416
7,275 CVEs • Abstraction: Variant • Likelihood of Exploit: High
Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
CVEs (7,275)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
The regulator_ena_gpio_free function in drivers/regulator/core.c in the Linux kernel before 3.19 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted application. |
3Debian GoogleRedhat5Chrome Debian LinuxEnterprise Linux Desktop+2 moreMay 13, 2026 Apr 24, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac had a use after free bug in GuestView, which allowed a remote attacker to perform an out of bounds memory read via a crafted Chrome extension...Show more |
3Debian GoogleRedhat5Chrome Debian LinuxEnterprise Linux Desktop+2 moreMay 13, 2026 Apr 24, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. |
3Debian GoogleRedhat5Chrome Debian LinuxEnterprise Linux Desktop+2 moreMay 13, 2026 Apr 24, 2017 N/A· v4 6.3 MEDIUM· v3 6.8 MEDIUM· v2 Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac had a use after free bug in GuestView, which allowed a remote attacker to perform an out of bounds memory read via a crafted Chrome extension...Show more |
3Debian GoogleRedhat5Chrome Debian LinuxEnterprise Linux Desktop+2 moreMay 13, 2026 Apr 24, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to have an unspecified impact via a crafted PDF file. |
A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Linux and Windows allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file. |
A use after free in ANGLE in Google Chrome prior to 57.0.2987.98 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. |
The get_relocs_64 function in libr/bin/format/mach0/mach0.c in radare2 1.3.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted Mach0 file. |
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the ActionScript2 NetStream class. Successful exploitation could lead to arbitrary code execution. |
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in ActionScript2 when creating a getter/setter property. Successful exploitation could lead to arbitrary code execution. |
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the internal script object. Successful exploitation could lead to arbitrary code execution. |
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the sound class. Successful exploitation could lead to arbitrary code execution. |
1Adobe 4Acrobat Acrobat DcAcrobat Reader Dc+1 moreMay 13, 2026 Apr 12, 2017 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the JavaScript API related to the collaboration functionality. Suc...Show more |
1Adobe 4Acrobat Acrobat DcAcrobat Reader Dc+1 moreMay 13, 2026 Apr 12, 2017 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the JavaScript engine's annotation-related API. Successful exploit...Show more |
1Adobe 4Acrobat Acrobat DcAcrobat Reader Dc+1 moreMay 13, 2026 Apr 12, 2017 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the XML Forms Architecture (XFA) engine. Successful exploitation c...Show more |
1Adobe 4Acrobat Acrobat DcAcrobat Reader Dc+1 moreMay 13, 2026 Apr 12, 2017 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the XFA module, related to the choiceList element. Successful expl...Show more |
1Adobe 4Acrobat Acrobat DcAcrobat Reader Dc+1 moreMay 13, 2026 Apr 12, 2017 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability when manipulating an internal data structure. Successful exploitation...Show more |
1Adobe 4Acrobat Acrobat DcAcrobat Reader Dc+1 moreMay 13, 2026 Apr 12, 2017 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in XML Forms Architecture (XFA) related to reset form functionality....Show more |
A use-after-free in AnimationController::endAnimationUpdate in Google Chrome. |
1Cesanta 2Mongoose Embedded Web Server Library Mongoose OsMay 13, 2026 Apr 10, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Use-after-free vulnerability in the mg_http_multipart_wait_for_boundary function in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.7 and earlier and Mongoose OS 1.2 and earlier allows remote attackers to ca...Show more |