CWE-416

High likelihood

Use After Free

Parent: CWE-825 - Expired Pointer Dereference

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

7,670 vulnerabilities with CWE-416
CVE-2018-6086 HIGH
Google Chrome <66.0.3359.117 - Use After Free
CVSS 8.8
CVE-2018-6085 HIGH
Google Chrome < 66.0.3359.117 - Remote Code Execution via Networking Disk Cache Destructor Re-entry
CVSS 8.8
CVE-2018-19827 HIGH
libsass 3.5.5 - Use-After-Free in SharedPtr
CVSS 8.8
CVE-2018-19824 HIGH
Linux kernel <4.19.6 - Use After Free
CVSS 7.8
CVE-2018-16841 MEDIUM
Samba 4.3.0-4.7.11 - Denial of Service via Smart-Card Authentication Double Free
CVSS 6.5
CVE-2018-5919 HIGH
Android - Use-After-Free in WLAN Host Driver
CVSS 7.8
CVE-2018-5904 HIGH
Android - Use-After-Free in LPM Status Driver
CVSS 7.8
CVE-2018-5856 HIGH
Android - Use-After-Free in Audio Component
CVSS 7.8
CVE-2018-11261 HIGH
Android - Use-After-Free in Media Codec Process
CVSS 7.8
CVE-2018-6072 HIGH
Google Chrome <65.0.3325.146 - Use After Free
CVSS 8.8
CVE-2018-6060 HIGH
Google Chrome <65.0.3325.146 - Use After Free
CVSS 8.8
CVE-2018-17474 HIGH
Google Chrome <70.0.3538.67 - Use After Free
CVSS 8.8
CVE-2018-17465 HIGH
Google Chrome <70.0.3538.67 - Info Disclosure
CVSS 8.8
CVE-2018-17462 CRITICAL
Google Chrome <70.0.3538.67 - Code Injection
CVSS 9.6
CVE-2018-8544 HIGH
Windows VBScript Engine - Remote Code Execution via Use-After-Free
CVSS 8.8
CVE-2018-19216 HIGH
Netwide Assembler <2.13.02 - Use After Free
CVSS 7.8
CVE-2018-9465 HIGH
Android - Use-After-Free in Binder Task FD Flags Handling
CVSS 7.8
CVE-2018-9422 HIGH
Android - Use-After-Free in futex.c
CVSS 7.8
CVE-2018-17909 HIGH
Omron CX-Supervisor <3.4.1.0 - Use After Free
CVSS 7.8
CVE-2018-16840 CRITICAL
curl 7.59.0-7.61.1 - Use-After-Free in Easy Handle Cleanup
CVSS 9.8
CVE-2018-17624 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via OCG Object Handling
CVSS 8.8
CVE-2018-17623 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via Link Object Use-After-Free
CVSS 8.8
CVE-2018-17621 HIGH
Foxit Reader < 9.1.0.5096 - Remote Code Execution via Format Event Handling
CVSS 8.8
CVE-2018-17620 HIGH
Foxit PhantomPDF and Reader < 9.2.0.9297 - Remote Code Execution via Calculate Event Handling
CVSS 8.8
CVE-2018-17619 HIGH
Foxit Reader < 9.1.0.5096 - Remote Code Execution via Validate Event Handling
CVSS 8.8
Details
Vulnerabilities 7,670
Exploit Likelihood High