CWE-416

High likelihood

Use After Free

Parent: CWE-825 - Expired Pointer Dereference

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

7,662 vulnerabilities with CWE-416
CVE-2020-1752 HIGH
glibc 2.14-2.31 - Use-After-Free in Tilde Expansion
CVSS 7.0
CVE-2020-12464 MEDIUM
Linux kernel <5.6.8 - Use After Free
CVSS 6.7
CVE-2020-12267 CRITICAL
Qt < 5.14.2 - Use-After-Free in QTextMarkdownImporter
CVSS 9.8
CVE-2020-6819 HIGH KEV
Firefox < 74.0.1 and ESR < 68.6.1, Thunderbird < 68.7.0 - Use-After-Free via nsDocShell Destructor Race Condition
CVSS 8.1
CVE-2020-10907 HIGH
Foxit PhantomPDF and Reader < 9.7.1.29511 - Remote Code Execution via XFA Form Widget Handling
CVSS 7.8
CVE-2020-10906 HIGH
Foxit PhantomPDF and Reader < 9.7.1.29511 - Remote Code Execution via resetForm Method
CVSS 7.8
CVE-2020-10900 HIGH
Foxit PhantomPDF and Reader < 9.7.1.29511 - Remote Code Execution via AcroForms Processing
CVSS 7.8
CVE-2020-10899 HIGH
Foxit PhantomPDF and Reader < 9.7.1.29511 - Remote Code Execution via XFA Template Processing
CVSS 7.8
CVE-2020-1983 HIGH
libslirp < 4.2.0 - Use-After-Free in ip_reass()
CVSS 7.5
CVE-2020-7082 HIGH
Autodesk FBX-SDK < 2019.0 - Use-After-Free
CVSS 8.8
CVE-2020-11793 HIGH
WebKitGTK and WPE WebKit < 2.28.1 - Use-After-Free via Crafted Web Content
CVSS 8.8
CVE-2020-2758 HIGH
Oracle VM VirtualBox < 5.2.40, < 6.0.20, < 6.1.6 - Use-After-Free
CVSS 8.2
CVE-2020-6454 HIGH
Google Chrome < 81.0.4044.92 - Use-After-Free in Extensions
CVSS 8.8
CVE-2020-6451 HIGH
Google Chrome < 80.0.3987.162 - Use-After-Free in WebAudio
CVSS 8.8
CVE-2020-6450 HIGH
Google Chrome < 80.0.3987.162 - Use-After-Free in WebAudio
CVSS 8.8
CVE-2020-6448 HIGH
Google Chrome < 81.0.4044.92 - Use-After-Free in V8 via Crafted HTML Page
CVSS 8.8
CVE-2020-6436 HIGH
Google Chrome < 81.0.4044.92 - Use-After-Free in Window Management
CVSS 8.8
CVE-2020-6434 HIGH
Google Chrome < 81.0.4044.92 - Use-After-Free in DevTools
CVSS 8.8
CVE-2020-6423 HIGH
Google Chrome <81.0.4044.92 - Use After Free
CVSS 8.8
CVE-2020-11656 CRITICAL
SQLite < 3.31.1 - Use-After-Free in ALTER TABLE with ORDER BY Clause
CVSS 9.8
CVE-2020-11558 CRITICAL
GPAC 0.8.0 - Use-After-Free in audio_sample_entry_Read
CVSS 9.8
CVE-2020-5348 MEDIUM
Dell Latitude 7202 Rugged Tablet BIOS < A28 - Unauthenticated Use-After-Free in EFI_BOOT_SERVICES
CVSS 6.8
CVE-2020-9783 HIGH
iCloud < 10.9.3, iTunes < 12.10.5, Safari < 13.1, iPadOS < 13.4, iPhone OS < 13.4, tvOS < 13.4 - Use-After-Free
CVSS 8.8
CVE-2020-9768 HIGH
iPadOS < 13.4 - Use-After-Free
CVSS 7.8
CVE-2020-1712 HIGH
systemd < 245-rc1 - Use-After-Free via Asynchronous Polkit Queries
CVSS 7.8
Details
Vulnerabilities 7,662
Exploit Likelihood High