CWE-416

High likelihood

Use After Free

Parent: CWE-825 - Expired Pointer Dereference

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

7,662 vulnerabilities with CWE-416
CVE-2020-19467 MEDIUM
PDF2JSON 0.70 - Denial of Service via Use-After-Free in DCTStream::transformDataUnit
CVSS 5.5
CVE-2020-36405 HIGH
Keystone Engine 0.9.2 - Use-After-Free in X86Operand::getToken
CVSS 7.8
CVE-2020-23302 CRITICAL
JerryScript 2.2.0 - Use-After-Free in ecma_ref_ecma_string
CVSS 9.8
CVE-2020-11262 HIGH
Qualcomm APQ8009 and related firmwares - Use-After-Free via Race Condition in Context Management
CVSS 7.0
CVE-2020-11250 HIGH
Qualcomm APQ8009W Firmware - Use-After-Free via Race Condition in Device Driver Reopen
CVSS 7.0
CVE-2020-11239 HIGH
Qualcomm APQ8009 Firmware - Use-After-Free in DMA Buffer Import
CVSS 7.8
CVE-2020-36387 HIGH
Linux Kernel 5.7-5.8.1 - Use-After-Free in io_uring Async Task Handling
CVSS 7.8
CVE-2020-36385 HIGH
Linux Kernel < 5.10 - Use-After-Free in ucma_migrate_id
CVSS 7.8
CVE-2020-7469 HIGH
FreeBSD Use-After-Free in ICMPv6 Routing Option Handler
CVSS 7.5
CVE-2020-35506 MEDIUM
QEMU < 6.0.0 - Use-After-Free in am53c974 SCSI Host Bus Adapter Emulation
CVSS 6.7
CVE-2020-25669 HIGH
Linux Kernel < 4.4.245 - Use-After-Free in sunkbd_reinit
CVSS 7.8
CVE-2020-25671 HIGH
Linux Kernel 3.6-4.4.267 - Use-After-Free in llcp_sock_connect()
CVSS 7.8
CVE-2020-25670 HIGH
Linux Kernel 3.6-4.4.267 - Use-After-Free in llcp_sock_bind()
CVSS 7.8
CVE-2020-36329 CRITICAL
libwebp < 1.0.1 - Use-After-Free
CVSS 9.8
CVE-2020-23856 MEDIUM
cflow 1.6 - Use-After-Free in parser.c call Function
CVSS 5.5
CVE-2020-14354 LOW
c-ares 1.16.0 - Use-After-Free in ares_destroy()
CVSS 3.3
CVE-2020-11295 MEDIUM
Qualcomm Fsm10055 Firmware - Use After Free
CVSS 6.8
CVE-2020-28018 CRITICAL
Exim 4.90-4.94.1 - Use-After-Free in SMTP Reset
CVSS 9.8
CVE-2020-35980 HIGH
GPAC 0.8.0 and 1.0.1 - Use-After-Free in gf_isom_box_del()
CVSS 7.8
CVE-2020-36318 CRITICAL
Rust 1.48.0-1.48.4 - Use-After-Free in VecDeque::make_contiguous
CVSS 9.8
CVE-2020-11234 HIGH
Qualcomm APQ8009 Firmware - Use-After-Free via Socket Event Message Handling
CVSS 8.4
CVE-2020-36313 HIGH
Linux Kernel < 5.7 - Use-After-Free in KVM Memslot Handling
CVSS 7.8
CVE-2020-9975 HIGH
iPadOS < 14.0 - Use-After-Free
CVSS 7.8
CVE-2020-9926 HIGH
iCloud < 7.20 - Use-After-Free via Malicious XML Processing
CVSS 7.8
CVE-2020-27920 HIGH
macOS < 11.0.1, iPadOS < 14.2, iPhone OS < 14.2, tvOS < 14.2, watchOS < 7.1 - Use-After-Free
CVSS 8.8
Details
Vulnerabilities 7,662
Exploit Likelihood High