CWE-416

High likelihood

Use After Free

Parent: CWE-825 - Expired Pointer Dereference

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

7,660 vulnerabilities with CWE-416
CVE-2021-30264 MEDIUM
Qualcomm APQ8009 and other Snapdragon Firmware - Use-After-Free in Internal Store Table
CVSS 6.7
CVE-2021-30263 MEDIUM
Qualcomm Firmware - Use-After-Free via On-Device Logging Node Race Condition
CVSS 6.7
CVE-2021-42074 HIGH
Barrier < 2.3.4 - Unauthenticated Use-After-Free via Rapid TCP Hello Messages
CVSS 7.5
CVE-2021-43412 HIGH
GNU Hurd < 0.9.20210404-9 - Use-After-Free via Fake Notification Messages
CVSS 7.8
CVE-2021-41220 HIGH
TensorFlow 2.6.0 - Use-After-Free in CollectiveReduceV2 Async Implementation
CVSS 7.8
CVE-2021-43400 CRITICAL
BlueZ - Use-After-Free in gatt-database.c via D-Bus WriteValue Processing
CVSS 9.1
CVE-2021-38498 HIGH
Firefox < 93, Thunderbird < 91.2, Firefox ESR < 91.2 - Use After Free
CVSS 7.5
CVE-2021-38496 HIGH
Thunderbird <78.15, Firefox ESR <91.2, Firefox <93 - Memory Corruption
CVSS 8.8
CVE-2021-37993 HIGH
Google Chrome < 95.0.4638.54 - Use-After-Free in PDF Accessibility
CVSS 8.8
CVE-2021-37988 HIGH
Google Chrome < 95.0.4638.54 - Use-After-Free in Profiles
CVSS 8.8
CVE-2021-37987 HIGH
Google Chrome < 95.0.4638.54 - Use-After-Free in Network APIs
CVSS 8.8
CVE-2021-37985 HIGH
Google Chrome < 95.0.4638.54 - Use-After-Free in V8 via Debugger Connection
CVSS 8.8
CVE-2021-37983 HIGH
Google Chrome < 95.0.4638.54 - Use-After-Free in Dev Tools
CVSS 8.8
CVE-2021-37982 HIGH
Google Chrome < 95.0.4638.54 - Use-After-Free in Incognito Mode
CVSS 8.8
CVE-2021-37977 HIGH
Google Chrome < 94.0.4606.81 - Use-After-Free in Garbage Collection
CVSS 8.8
CVE-2021-30809 HIGH
Safari < 15.0 - Use-After-Free via Malicious Web Content
CVSS 8.8
CVE-2021-22466 MEDIUM
HarmonyOS - Use-After-Free
CVSS 5.5
CVE-2021-22463 MEDIUM
HarmonyOS - Use-After-Free
CVSS 5.5
CVE-2021-43057 HIGH
Linux kernel <5.14.8 - Privilege Escalation
CVSS 7.8
CVE-2021-40125 MEDIUM
Cisco ASA and FTD - Authenticated Denial of Service via Malformed IKEv2 Messages
CVSS 5.3
CVE-2021-37122 MEDIUM
Huawei CloudEngine 12800/5800/6800/7800 Firmware - Use-After-Free via Crafted Packets
CVSS 6.5
CVE-2021-0941 MEDIUM
Android - Out-of-bounds Read in bpf_skb_change_head
CVSS 6.7
CVE-2021-0936 HIGH
Android - Use-After-Free in f_accessory.c acc_read
CVSS 7.8
CVE-2021-0935 MEDIUM
Android - Use-After-Free in ip6_xmit
CVSS 6.7
CVE-2021-0703 MEDIUM
Android 11 - Use-After-Free in SecondStageMain
CVSS 6.8
Details
Vulnerabilities 7,660
Exploit Likelihood High