CWE-416

High likelihood

Use After Free

Parent: CWE-825 - Expired Pointer Dereference

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

7,662 vulnerabilities with CWE-416
CVE-2020-13814 CRITICAL
Foxit PhantomPDF and Reader < 9.7.1 - Use-After-Free via Document Without Dictionary
CVSS 9.8
CVE-2020-13806 HIGH
Foxit PhantomPDF and Reader < 9.7.2 - Use-After-Free via JavaScript Execution
CVSS 7.5
CVE-2020-6496 HIGH
Google Chrome < 83.0.4103.97 - Use-After-Free in Payments
CVSS 8.8
CVE-2020-6493 CRITICAL
Chrome < 83.0.4103.97 - Use-After-Free in WebAuthentication
CVSS 9.6
CVE-2020-3618 HIGH
Qualcomm QCA8081, SC8180X, IPQ6018, IPQ8074, SXR2130 Firmware - Use-After-Free in RT FIFO Event Posting
CVSS 7.8
CVE-2020-13630 HIGH
SQLite < 3.32.0 - Use-After-Free in FTS3 Snippet Feature
CVSS 7.0
CVE-2020-12387 HIGH
Firefox ESR < 68.8 - Use After Free
CVSS 8.1
CVE-2020-1799 HIGH
Huawei E6878-370 Firmware 10.0.3.1 - Use-After-Free via Web Portal
CVSS 7.5
CVE-2020-6474 HIGH
Google Chrome < 83.0.4103.61 - Use-After-Free in Blink
CVSS 8.8
CVE-2020-6467 HIGH
Chrome < 83.0.4103.61 - Use-After-Free in WebRTC
CVSS 8.8
CVE-2020-6466 CRITICAL
Google Chrome < 83.0.4103.61 - Use-After-Free in Media
CVSS 9.6
CVE-2020-6465 CRITICAL
Google Chrome < 83.0.4103.61 - Use-After-Free in Reader Mode
CVSS 9.6
CVE-2020-6463 HIGH
Google Chrome < 81.0.4044.122 - Use-After-Free in ANGLE via Crafted HTML Page
CVSS 8.8
CVE-2020-6462 CRITICAL
Google Chrome < 81.0.4044.129 - Use-After-Free in Task Scheduling
CVSS 9.6
CVE-2020-6461 CRITICAL
Google Chrome < 81.0.4044.129 - Use-After-Free in Storage
CVSS 9.6
CVE-2020-6459 HIGH
Google Chrome < 81.0.4044.122 - Use-After-Free in Payments
CVSS 8.8
CVE-2020-6457 CRITICAL
Google Chrome < 81.0.4044.113 - Use-After-Free in Speech Recognizer
CVSS 9.6
CVE-2020-1897 CRITICAL
Proxygen <2020.05.18.00 - Use After Free
CVSS 9.8
CVE-2020-6074 HIGH
Nitro Pro 13.9.1.155 - Use After Free
CVSS 8.8
CVE-2020-10958 MEDIUM
Dovecot < 2.3.10.1 - Unauthenticated Use-After-Free via SMTP/LMTP Newline Handling
CVSS 5.3
CVE-2020-5897 HIGH
BIG-IP Edge Client <7.1.10 - Use After Free
CVSS 8.8
CVE-2020-11866 HIGH
libEMF < 1.0.11 - Use-After-Free
CVSS 7.8
CVE-2020-10690 MEDIUM
Linux Kernel < 5.5 - Use-After-Free via PTP Clock Resource Deallocation Race
CVSS 6.5
CVE-2020-12657 HIGH
Linux kernel <5.6.5 - Use After Free
CVSS 7.8
CVE-2020-10700 MEDIUM
Samba <4.10.15-4.12.2 - Use After Free
CVSS 5.3
Details
Vulnerabilities 7,662
Exploit Likelihood High