CWE-416

High likelihood

Use After Free

Parent: CWE-825 - Expired Pointer Dereference

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

7,671 vulnerabilities with CWE-416
CVE-2018-11130 HIGH
vcftools 0.1.15 - Use-After-Free in header::add_FORMAT_descriptor
CVSS 7.8
CVE-2018-11129 HIGH
vcftools 0.1.15 - Use-After-Free in header::add_INFO_descriptor
CVSS 7.8
CVE-2018-9977 HIGH
Foxit Reader and PhantomPDF < 9.0.1.1049 - Remote Code Execution via U3D Modifier Chain Parsing
CVSS 8.8
CVE-2018-9975 HIGH
Foxit Reader and PhantomPDF < 9.0.1.1049 - Use-After-Free via Shift Event Handling
CVSS 8.8
CVE-2018-9970 HIGH
Foxit Reader and PhantomPDF < 9.0.1.1049 - Remote Code Execution via XFA Button execEvent Method
CVSS 8.8
CVE-2018-9969 HIGH
Foxit Reader < 9.0.1.1049 - Remote Code Execution via XFA boundItem Method Use-After-Free
CVSS 8.8
CVE-2018-9968 HIGH
Foxit Reader and PhantomPDF < 9.0.1.1049 - Remote Code Execution via Keystroke Action Handling
CVSS 8.8
CVE-2018-9967 HIGH
Foxit Reader and PhantomPDF < 9.0.1.1049 - Remote Code Execution via TextBox Format Action Use-After-Free
CVSS 8.8
CVE-2018-9966 HIGH
Foxit Reader and PhantomPDF < 9.0.1.1049 - Remote Code Execution via TextBox Calculate Action Use-After-Free
CVSS 8.8
CVE-2018-9965 HIGH
Foxit Reader and PhantomPDF < 9.0.1.1049 - Remote Code Execution via Link Object setAction Method
CVSS 8.8
CVE-2018-9964 HIGH
Foxit Reader < 9.0.1.1049 - Remote Code Execution via OCG Name Attribute Parsing
CVSS 8.8
CVE-2018-9962 HIGH
Foxit Reader and PhantomPDF < 9.0.1.1049 - Remote Code Execution via Annotation Author Attribute Parsing
CVSS 8.8
CVE-2018-9961 HIGH
Foxit Reader and PhantomPDF < 9.0.1.1049 - Use-After-Free in Rect Field Attribute Parsing
CVSS 8.8
CVE-2018-9960 HIGH
Foxit Reader and PhantomPDF < 9.0.1.1049 - Remote Code Execution via TextColor Field Attribute Parsing
CVSS 8.8
CVE-2018-9959 HIGH
Foxit Reader and PhantomPDF < 9.0.1.1049 - Remote Code Execution via PageNum Attribute Use-After-Free
CVSS 8.8
CVE-2018-9958 HIGH
Foxit Reader and PhantomPDF < 9.0.1.1049 - Remote Code Execution via Text Annotation Point Attribute
CVSS 8.8
CVE-2018-9957 HIGH
Foxit Reader and PhantomPDF < 9.0.1.1049 - Remote Code Execution via XFA Button resetData Method
CVSS 8.8
CVE-2018-9956 HIGH
Foxit Reader and PhantomPDF < 9.0.1.1049 - Remote Code Execution via XFA Button Element Handling
CVSS 8.8
CVE-2018-9955 HIGH
Foxit Reader < 9.0.1.1049 - Remote Code Execution via XFA resolveNode Method
CVSS 8.8
CVE-2018-9954 HIGH
Foxit Reader and PhantomPDF < 9.0.1.1049 - Remote Code Execution via XFA Button Element Handling
CVSS 8.8
CVE-2018-9953 HIGH
Foxit Reader and PhantomPDF < 9.0.1.1049 - Remote Code Execution via XFA Button Element Use-After-Free
CVSS 8.8
CVE-2018-9952 HIGH
Foxit Reader and PhantomPDF < 9.0.1.1049 - Remote Code Execution via XFA Button Element Handling
CVSS 8.8
CVE-2018-9951 HIGH
Foxit Reader < 9.0.1.1049 - Remote Code Execution via CPDF_Object Use-After-Free
CVSS 8.8
CVE-2018-9946 MEDIUM
Foxit Reader and PhantomPDF < 9.0.1.1049 - Exposure of Sensitive Information via setTimeOut Method
CVSS 6.5
CVE-2018-9945 HIGH
Foxit Reader and PhantomPDF < 9.0.1.1049 - Remote Code Execution via getField Method Use-After-Free
CVSS 8.8
Details
Vulnerabilities 7,671
Exploit Likelihood High