CWE-416

High likelihood

Use After Free

Parent: CWE-825 - Expired Pointer Dereference

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

7,662 vulnerabilities with CWE-416
CVE-2020-27899 HIGH
tvOS < 14.2 - Use-After-Free
CVSS 7.8
CVE-2020-7463 MEDIUM
FreeBSD Use-After-Free via SCTP Socket User Messages
CVSS 5.5
CVE-2020-7462 MEDIUM
FreeBSD 11.3-RELEASE before p13 and 11.4-PRERELEASE before r360733 - Use-After-Free in IPv6 Hop-by-Hop Options Handling
CVSS 5.5
CVE-2020-11309 HIGH
Qualcomm APQ8009 and related firmware - Use-After-Free in GPU Driver Memory Mapping
CVSS 7.8
CVE-2020-11290 HIGH
Qualcomm APQ8009 and related firmware - Use-After-Free in msm ioctl Events
CVSS 7.0
CVE-2020-1900 CRITICAL
HHVM < 4.32.3 and 4.33.0-4.62.0 - Use-After-Free in Object Unserialization
CVSS 9.8
CVE-2020-13558 HIGH
WebKitGTK 2.30.1 - Remote Code Execution via AudioSourceProviderGStreamer Use-After-Free
CVSS 8.8
CVE-2020-25632 HIGH
GRUB2 < 2.06 - Use-After-Free via rmmod Dependency Handling
CVSS 8.2
CVE-2020-11277 HIGH
Qualcomm PM3003A and related firmware - Race Condition in FastRPC Async Session Handling
CVSS 7.4
CVE-2020-11272 CRITICAL
Qualcomm APQ8009 Firmware - Use-After-Free in PE Queue Frame Processing
CVSS 9.8
CVE-2020-11147 MEDIUM
Qualcomm PMx Firmware - Use-After-Free in Audio Module Object Handling
CVSS 6.7
CVE-2020-12361 MEDIUM
Intel Graphics Drivers < 15.33.51.5146 - Authenticated Use-After-Free
CVSS 5.5
CVE-2020-35512 HIGH
Freedesktop Dbus - Use After Free
CVSS 7.8
CVE-2020-13548 HIGH
Foxit Reader 10.1.0.37527 - Use-After-Free via Crafted PDF Document
CVSS 8.8
CVE-2020-16044 HIGH
Google Chrome < 88.0.4324.96 - Use-After-Free in WebRTC via Crafted SCTP Packet
CVSS 8.8
CVE-2020-36205 MEDIUM
xcb < 2020-12-10 - Use-After-Free in base::Error
CVSS 5.5
CVE-2020-27280 HIGH
ISPSoft < 3.12 - Use-After-Free via Crafted Project File
CVSS 7.8
CVE-2020-11151 MEDIUM
Qualcomm PM3003A and related - Use-After-Free via Race Condition in Video IOCTL
CVSS 6.4
CVE-2020-11148 MEDIUM
Qualcomm APQ8017 and related - Use-After-Free in HIDL Callback Event Handling
CVSS 6.7
CVE-2020-6572 HIGH KEV
Google Chrome < 81.0.4044.92 - Use-After-Free in Media
CVSS 8.8
CVE-2020-16045 CRITICAL
Google Chrome < 87.0.4280.66 - Use-After-Free in Payments
CVSS 9.6
CVE-2020-16119 MEDIUM
Linux Kernel - Use-After-Free in DCCP Socket Handling
CVSS 6.3
CVE-2020-27267 CRITICAL
KEPServerEX <6.10 - Buffer Overflow
CVSS 9.1
CVE-2020-16039 HIGH
Chrome < 87.0.4280.88 - Use-After-Free in Extensions via Crafted HTML Page
CVSS 8.8
CVE-2020-16038 HIGH
Google Chrome < 87.0.4280.88 - Use-After-Free in Media via Crafted HTML Page
CVSS 8.8
Details
Vulnerabilities 7,662
Exploit Likelihood High