Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

CVEs (7,267)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2016-10150 1Linux 1Linux Kernel May 13, 2026 Feb 6, 2017 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Use-after-free vulnerability in the kvm_ioctl_create_device function in virt/kvm/kvm_main.c in the Linux kernel before 4.8.13 allows host OS users to cause a denial of service (host OS crash) or possibly gain privileges...Show more Use-after-free vulnerability in the kvm_ioctl_create_device function in virt/kvm/kvm_main.c in the Linux kernel before 4.8.13 allows host OS users to cause a denial of service (host OS crash) or possibly gain privileges via crafted ioctl calls on the /dev/kvm device.Show less
CVE-2016-6082 1Ibm 1Bigfix Platform May 13, 2026 Feb 1, 2017 N/A· v4 10.0 CRITICAL· v3 10.0 HIGH· v2 IBM BigFix Platform could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free race condition. An attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2016-5824 3Canonical Libical ProjectRedhat 8Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Server Aus+5 more May 13, 2026 Jan 27, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 libical 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file.
CVE-2016-5823 1Libical Project 1Libical May 13, 2026 Jan 27, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The icalproperty_new_clone function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file.
CVE-2016-9401 3Debian GnuRedhat 8Bash Debian LinuxEnterprise Linux Desktop+5 more May 13, 2026 Jan 23, 2017 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address.
CVE-2016-3177 1Giflib Project 1Giflib May 13, 2026 Jan 23, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Multiple use-after-free and double-free vulnerabilities in gifcolor.c in GIFLIB 5.1.2 have unspecified impact and attack vectors.
CVE-2016-5219 1Google 1Chrome May 13, 2026 Jan 19, 2017 N/A· v4 6.3 MEDIUM· v3 6.8 MEDIUM· v2 A heap use after free in V8 in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2016-5216 1Google 1Chrome May 13, 2026 Jan 19, 2017 N/A· v4 6.3 MEDIUM· v3 6.8 MEDIUM· v2 A use after free in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file.
CVE-2016-5215 1Google 1Chrome May 13, 2026 Jan 19, 2017 N/A· v4 6.3 MEDIUM· v3 6.8 MEDIUM· v2 A use after free in webaudio in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVE-2016-5213 1Google 1Chrome May 13, 2026 Jan 19, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 A use after free in V8 in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2016-5211 1Google 1Chrome May 13, 2026 Jan 19, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 A use after free in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
CVE-2016-5203 1Google 1Chrome May 13, 2026 Jan 19, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 A use after free in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
CVE-2016-9678 1Citrix 1Provisioning Services May 13, 2026 Jan 18, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Use-after-free vulnerability in Citrix Provisioning Services before 7.12 allows attackers to execute arbitrary code via unspecified vectors.
CVE-2016-9584 1Libical Project 1Libical May 13, 2026 Jan 18, 2017 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 libical allows remote attackers to cause a denial of service (use-after-free) and possibly read heap memory via a crafted ics file.
CVE-2016-9279 1Samsung 1Exynos Fimg2d Driver May 13, 2026 Jan 18, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Use-after-free vulnerability in the Samsung Exynos fimg2d driver for Android with Exynos 5433, 54xx, or 7420 chipsets allows attackers to obtain sensitive information via unspecified vectors. The Samsung ID is SVE-2016-6...Show more Use-after-free vulnerability in the Samsung Exynos fimg2d driver for Android with Exynos 5433, 54xx, or 7420 chipsets allows attackers to obtain sensitive information via unspecified vectors. The Samsung ID is SVE-2016-6853.Show less
CVE-2016-7906 2Debian Imagemagick 2Debian Linux Imagemagick May 13, 2026 Jan 18, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 magick/attribute.c in ImageMagick 7.0.3-2 allows remote attackers to cause a denial of service (use-after-free) via a crafted file.
CVE-2017-2584 1Linux 1Linux Kernel May 13, 2026 Jan 15, 2017 N/A· v4 7.1 HIGH· v3 3.6 LOW· v2 arch/x86/kvm/emulate.c in the Linux kernel through 4.9.3 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) via a crafted application that leverages instru...Show more arch/x86/kvm/emulate.c in the Linux kernel through 4.9.3 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) via a crafted application that leverages instruction emulation for fxrstor, fxsave, sgdt, and sidt.Show less
CVE-2016-6885 1Matrixssl 1Matrixssl May 13, 2026 Jan 13, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The pstm_exptmod function in MatrixSSL before 3.8.4 allows remote attackers to cause a denial of service (invalid free and crash) via a base zero value for the modular exponentiation.
CVE-2016-7479 1Php 1Php May 6, 2026 Jan 12, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In all versions of PHP 7, during the unserialization process, resizing the 'properties' hash table of a serialized object may lead to use-after-free. A remote attacker may exploit this bug to gain arbitrary code executio...Show more In all versions of PHP 7, during the unserialization process, resizing the 'properties' hash table of a serialized object may lead to use-after-free. A remote attacker may exploit this bug to gain arbitrary code execution.Show less
CVE-2017-2961 1Adobe 4Acrobat Acrobat DcAcrobat Reader Dc+1 more May 6, 2026 Jan 11, 2017 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the XFA engine, related to validation functionality. Successful ex...Show more Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the XFA engine, related to validation functionality. Successful exploitation could lead to arbitrary code execution.Show less

Previous 1...339340341...364 Next