CWE-416

High likelihood

Use After Free

Parent: CWE-825 - Expired Pointer Dereference

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

7,662 vulnerabilities with CWE-416
CVE-2020-16037 HIGH
Chrome < 87.0.4280.88 - Use-After-Free in Clipboard
CVSS 8.8
CVE-2020-16026 HIGH
Google Chrome < 87.0.4280.66 - Use-After-Free in WebRTC
CVSS 8.8
CVE-2020-16023 HIGH
Google Chrome < 87.0.4280.66 - Use-After-Free in WebCodecs
CVSS 8.8
CVE-2020-16018 CRITICAL
Chrome < 87.0.4280.66 - Use-After-Free in Payments
CVSS 9.6
CVE-2020-16017 CRITICAL KEV
Google Chrome < 86.0.4240.198 - Use-After-Free in Site Isolation
CVSS 9.6
CVE-2020-16014 CRITICAL
Google Chrome < 87.0.4280.66 - Use-After-Free in PPAPI
CVSS 9.6
CVE-2020-27835 MEDIUM
Linux infiniband_hfi1_driver < 5.10-rc6 - Use-After-Free via Ioctl After Fork
CVSS 4.4
CVE-2020-26972 CRITICAL
Firefox < 84.0 - Use-After-Free in WebGL IPC Actor
CVSS 9.8
CVE-2020-8265 HIGH
Node.js <10.23.1, 12.20.1, 14.15.4, 15.5.1 - Use After Free
CVSS 8.1
CVE-2020-35876 CRITICAL
rio < 0.9.3 - Use-After-Free via Struct Leak
CVSS 9.8
CVE-2020-35874 HIGH
internment crate < 0.4.0 - Use-After-Free via ArcIntern::drop Race Condition
CVSS 8.1
CVE-2020-35873 CRITICAL
rusqlite < 0.23.0 - Use-After-Free in sessions.rs
CVSS 9.8
CVE-2020-35870 CRITICAL
rusqlite < 0.23.0 - Use-After-Free via Auxdata API
CVSS 9.8
CVE-2020-35862 CRITICAL
bitvec < 0.17.4 - Use-After-Free in BitVec to BitBox Conversion
CVSS 9.8
CVE-2020-35923 MEDIUM
ordered-float < 1.1.1 and 2.x < 2.0.1 - Use-After-Free
CVSS 5.5
CVE-2020-35917 MEDIUM
pyo3 < 0.12.4 - Use-After-Free in From<Py<T>>
CVSS 5.5
CVE-2020-35906 HIGH
futures-task 0.2.1-0.3.5 - Use-After-Free in Waker
CVSS 7.8
CVE-2020-35902 CRITICAL
actix-codec < 0.3.0-beta.1 - Use-After-Free in Framed
CVSS 9.8
CVE-2020-35901 HIGH
actix-http < 2.0.0-alpha.1 - Use-After-Free in BodyStream
CVSS 7.5
CVE-2020-35900 MEDIUM
array-queue < 2020-09-26 - Use-After-Free via pop_back()
CVSS 5.5
CVE-2020-35899 MEDIUM
actix-service < 1.0.6 - Use-After-Free via Cell Mutable Reference
CVSS 5.5
CVE-2020-35898 CRITICAL
actix-utils < 2.0.0 - Use-After-Free via Cell Mutable Reference
CVSS 9.1
CVE-2020-9093 MEDIUM
Huawei Taurus-AL00A Firmware 10.0.0.1(C00E1R1P1) - Use-After-Free
CVSS 5.5
CVE-2020-13570 HIGH
Foxit Reader 10.1.0.37527 - Use-After-Free in JavaScript Engine
CVSS 8.8
CVE-2020-13560 HIGH
Foxit Reader 10.1.0.37527 - Use-After-Free in JavaScript Engine
CVSS 8.8
Details
Vulnerabilities 7,662
Exploit Likelihood High