CWE-416

High likelihood

Use After Free

Parent: CWE-825 - Expired Pointer Dereference

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

7,670 vulnerabilities with CWE-416
CVE-2019-6984 MEDIUM
Foxit 3D Plugin Beta <9.4.0.16807 - Memory Corruption
CVSS 6.5
CVE-2019-6719 HIGH
libiec61850 1.3.1 - Use-After-Free in getState Function
CVSS 7.5
CVE-2019-6706 HIGH
Lua 5.3.5 - Use-After-Free in lua_upvaluejoin
CVSS 7.5
CVE-2019-5882 CRITICAL
irssi 1.1.0-1.1.1 - Use-After-Free in Scroll Buffer Hidden Line Expiration
CVSS 9.8
CVE-2019-5721 MEDIUM
Wireshark 2.4.0-2.4.11 - Use-After-Free in ENIP Dissector
CVSS 5.5
CVE-2019-0570 HIGH
Windows Runtime - Privilege Escalation
CVSS 7.8
CVE-2018-9439 MEDIUM
Android - Use-After-Free in af_packet.c
CVSS 6.7
CVE-2018-11816 HIGH
Qualcomm 9206 LTE Modem Firmware - Use-After-Free via Crafted Binder Request
CVSS 7.8
CVE-2018-9483 MEDIUM
Android - Out-of-Bounds Read in bta_dm_remove_sec_dev_entry
CVSS 6.5
CVE-2018-9428 HIGH
Android - Use-After-Free in AAudioServiceStreamBase.cpp
CVSS 7.8
CVE-2018-9417 HIGH
Android - Use-After-Free in f_hid.c
CVSS 7.8
CVE-2018-9344 HIGH
Android - Use-After-Free in DescramblerImpl.cpp
CVSS 7.8
CVE-2018-25028 HIGH
libpulse-binding <1.2.1 - Use After Free
CVSS 7.5
CVE-2018-25027 HIGH
libpulse-binding <1.2.1 - Use After Free
CVSS 7.5
CVE-2018-25015 HIGH
Linux Kernel < 4.14.16 - Use-After-Free in SCTP Socket Peel Off
CVSS 7.8
CVE-2018-25001 MEDIUM
libpulse-binding < 2.5.0 - Use-After-Free in proplist::Iterator
CVSS 6.5
CVE-2018-10756 HIGH
Transmission < 3.00 - Use-After-Free via Crafted Torrent File
CVSS 7.8
CVE-2018-21040 HIGH
Samsung Android O(8.x) and P(9.0) - Use-After-Free via g2d Driver Race Condition
CVSS 8.1
CVE-2018-21085 HIGH
Android L(5.x)-N(7.x) - Use-After-Free via Race Condition in vnswap_deinit_backing_storage
CVSS 8.1
CVE-2018-21084 HIGH
Android L(5.1) M(6.0) N(7.x) - Race Condition Read-After-Free in get_kek
CVSS 8.1
CVE-2018-1311 HIGH
Apache Xerces-C++ 3.0.0-3.2.3 - Use-After-Free in External DTD Scanning
CVSS 8.1
CVE-2018-21008 MEDIUM
Linux Kernel < 4.16.7 - Use-After-Free in rsi_mac80211_detach
CVSS 5.5
CVE-2018-20997 CRITICAL
rust-openssl < 0.10.9 - Use-After-Free in CMS Signing
CVSS 9.8
CVE-2018-20976 HIGH
Linux Kernel < 4.18 - Use-After-Free in xfs_fs_fill_super
CVSS 7.8
CVE-2018-20856 HIGH
Linux Kernel < 4.18.7 - Use-After-Free in Block Core Queue Drain
CVSS 7.8
Details
Vulnerabilities 7,670
Exploit Likelihood High