CWE-416

High likelihood

Use After Free

Parent: CWE-825 - Expired Pointer Dereference

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

7,671 vulnerabilities with CWE-416
CVE-2018-5103 CRITICAL
Thunderbird <5.2.6 - Firefox <5.8 - Use After Free
CVSS 9.8
CVE-2018-5102 CRITICAL
Thunderbird <5.2.6 - Firefox <5.8 - Use After Free
CVSS 9.8
CVE-2018-5101 HIGH
Firefox < 58 - Use-After-Free via First-Letter Style Manipulation
CVSS 7.5
CVE-2018-5100 HIGH
Firefox < 58 - Use-After-Free in IsPotentiallyScrollable
CVSS 7.5
CVE-2018-5099 CRITICAL
Thunderbird < 52.6, Firefox ESR < 52.6, Firefox < 58 - Use After Free
CVSS 9.8
CVE-2018-5098 CRITICAL
Thunderbird < 52.6, Firefox ESR < 52.6, Firefox < 58 - Use After Free
CVSS 9.8
CVE-2018-5097 CRITICAL
Thunderbird <52.6-Firefox <58 - Use After Free
CVSS 9.8
CVE-2018-5096 CRITICAL
Firefox ESR < 52.6 - Use After Free
CVSS 9.8
CVE-2018-5092 CRITICAL
Firefox < 58 - Use-After-Free in Web Worker Fetch Cancellation
CVSS 9.8
CVE-2018-5091 CRITICAL
Firefox <58 - Use After Free
CVSS 9.8
CVE-2018-4218 HIGH
Safari < 11.1.1 - Remote Code Execution via WebKit @generatorState Use-After-Free
CVSS 8.8
CVE-2018-4200 HIGH
Safari < 11.1 - Remote Code Execution via WebCore::jsElementScrollHeightGetter Use-After-Free
CVSS 8.8
CVE-2018-5846 HIGH
Android - Use-After-Free in IPA Driver via IOCTL Handling
CVSS 7.8
CVE-2018-5845 HIGH
Android - Use-After-Free via Race Condition in drm_atomic_nonblocking_commit()
CVSS 7.0
CVE-2018-3853 HIGH
Foxit Reader 9.0.1.1049 - Use-After-Free via JavaScript Engine
CVSS 8.8
CVE-2018-11624 HIGH
ImageMagick 7.0.7-36 Q16 - Use-After-Free in ReadMATImage Function
CVSS 8.8
CVE-2018-11516 HIGH
VLC media player - Use-After-Free via Crafted SWF File
CVSS 8.8
CVE-2018-11499 CRITICAL
libsass 3.4.0-3.5.4 - Use-After-Free in handle_error()
CVSS 9.8
CVE-2018-11496 MEDIUM
Long Range Zip 0.631 - Use-After-Free in Stream Decompression
CVSS 6.5
CVE-2018-11412 MEDIUM
Linux Kernel 4.13-4.16.11 - Use-After-Free in ext4_read_inline_data
CVSS 5.9
CVE-2018-1000039 MEDIUM
Artifex MuPDF < 1.12.0 - Use-After-Free in PDF Parser
CVSS 6.3
CVE-2018-11410 CRITICAL
liblouis 3.5.0 - Use-After-Free in compileRule
CVSS 9.8
CVE-2018-11358 HIGH
Wireshark 2.2.0-2.2.14, 2.4.0-2.4.6, 2.6.0 - Use-After-Free in Q.931 Dissector
CVSS 7.5
CVE-2018-4932 HIGH
Adobe Flash Player < 29.0.0.113 - Use-After-Free
CVSS 8.8
CVE-2018-4919 HIGH
Adobe Flash Player < 28.0.0.161 - Use-After-Free
CVSS 8.8
Details
Vulnerabilities 7,671
Exploit Likelihood High