CWE-416

High likelihood

Use After Free

Parent: CWE-825 - Expired Pointer Dereference

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

7,670 vulnerabilities with CWE-416
CVE-2018-20538 MEDIUM
Netwide Assembler 2.14rc16 - Use-After-Free in pp_getline
CVSS 5.5
CVE-2018-20535 MEDIUM
Netwide Assembler 2.14rc16 - Use-After-Free in pp_getline
CVSS 5.5
CVE-2018-1000878 HIGH
libarchive <v3.1.0 - Use After Free
CVSS 8.8
CVE-2018-11988 HIGH
Android - Use-After-Free via Un-trusted Pointer Dereference
CVSS 7.8
CVE-2018-11984 HIGH
Android - Use-After-Free in DIAG Driver
CVSS 7.8
CVE-2018-11983 HIGH
Android - Use-After-Free in Kernel Mask Table Handling
CVSS 7.8
CVE-2018-11960 HIGH
Android - Use-After-Free in SPS Driver
CVSS 7.8
CVE-2018-6307 HIGH
LibVNC < 0.9.12 - Use-After-Free in File Transfer Extension
CVSS 8.1
CVE-2018-15126 CRITICAL
LibVNC <73cb96fec028a576a5a24417b57723b55854ad7b - Use After Free
CVSS 9.8
CVE-2018-16884 HIGH
Linux Kernel 3.7-3.16.64 - Use-After-Free in NFS41+ Back-Channel ID Handling
CVSS 8.0
CVE-2018-19364 MEDIUM
QEMU < 3.0.0 - Use-After-Free in 9pfs fid Path Handling
CVSS 5.5
CVE-2018-8625 HIGH
Internet Explorer 9, 10, 11 - Remote Code Execution via VBScript Engine Use-After-Free
CVSS 7.5
CVE-2018-6703 CRITICAL
McAfee Agent 5.0.0-5.5.x - Unauthenticated Use-After-Free in Remote Logging via HTTP Header
CVSS 9.8
CVE-2018-18356 HIGH
Google Chrome < 71.0.3578.80 - Use-After-Free via Skia Path Handling
CVSS 8.8
CVE-2018-18343 HIGH
Google Chrome < 71.0.3578.80 - Use-After-Free in Skia via Crafted HTML Page
CVSS 8.8
CVE-2018-18340 HIGH
Google Chrome < 71.0.3578.80 - Use-After-Free in MediaRecorder
CVSS 8.8
CVE-2018-18339 HIGH
Chrome < 71.0.3578.80 - Use-After-Free in WebAudio
CVSS 8.8
CVE-2018-18337 HIGH
Google Chrome < 71.0.3578.80 - Use-After-Free in Blink Stylesheet Handling
CVSS 8.8
CVE-2018-18336 HIGH
Google Chrome < 71.0.3578.80 - Use-After-Free in PDFium via Crafted PDF File
CVSS 8.8
CVE-2018-17481 HIGH
Google Chrome <71.0.3578.98 - Heap Corruption
CVSS 8.8
CVE-2018-20005 MEDIUM
Mini-XML 2.12 - Use-After-Free in mxmlWalkNext
CVSS 5.5
CVE-2018-9517 MEDIUM
Android - Use-After-Free in pppol2tp_connect
CVSS 6.7
CVE-2018-19876 MEDIUM
cairo 1.16.0 - Use-After-Free in cairo_ft_apply_variations
CVSS 6.5
CVE-2018-18989 HIGH
CX-One < 4.42, CX-Programmer < 9.66, CX-Server < 5.0.23 - Use-After-Free in Project File Processing
CVSS 7.8
CVE-2018-6087 HIGH
Google Chrome <66.0.3359.117 - Use After Free
CVSS 8.8
Details
Vulnerabilities 7,670
Exploit Likelihood High