CWE-416

High likelihood

Use After Free

Parent: CWE-825 - Expired Pointer Dereference

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

7,671 vulnerabilities with CWE-416
CVE-2018-8964 MEDIUM
libming 0.4.8 - Use-After-Free in decompileDELETE
CVSS 6.5
CVE-2018-8963 MEDIUM
libming 0.4.8 - Use-After-Free in decompileGETVARIABLE
CVSS 6.5
CVE-2018-8962 MEDIUM
libming 0.4.8 - Use-After-Free in decompileSingleArgBuiltInFunctionCall
CVSS 6.5
CVE-2018-8961 MEDIUM
libming 0.4.8 - Use-After-Free in decompilePUSHPARAM
CVSS 6.5
CVE-2018-7521 MEDIUM
Omron CX-Supervisor <= 3.30 - Use-After-Free in Project File Parser
CVSS 5.3
CVE-2018-8807 MEDIUM
libming 0.4.8 - Use-After-Free in decompileCALLFUNCTION
CVSS 6.5
CVE-2018-8806 MEDIUM
libming 0.4.8 - Use-After-Free in decompileArithmeticOp via Crafted SWF File
CVSS 6.5
CVE-2018-3561 HIGH
Android - Use-After-Free via Race Condition in diag_ioctl_lsm_deinit()
CVSS 7.0
CVE-2018-0935 HIGH
Internet Explorer - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 7.5
CVE-2018-6916 CRITICAL
FreeBSD < 11.1 - Use-After-Free in IPsec AH Handling
CVSS 9.8
CVE-2018-0491 HIGH
Tor 0.3.2.0-0.3.2.9 - Use-After-Free in KIST Pending List
CVSS 7.5
CVE-2018-7554 CRITICAL
sam2p 0.49.4 - Use-After-Free in ReadImage
CVSS 9.8
CVE-2018-7551 CRITICAL
sam2p 0.49.4 - Use-After-Free in MiniPS::delete0
CVSS 9.8
CVE-2018-6641 CRITICAL
MathType 6.9c - Use-After-Free
CVSS 9.8
CVE-2018-4913 HIGH
Adobe Acrobat/Reader <17.011.30070/<18.009.20050/<15.006.30394 XFA Engine Use-After-Free
CVSS 8.8
CVE-2018-4911 HIGH
Adobe Acrobat and Reader < 17.011.30070, < 18.009.20050, < 15.006.30394 - Use-After-Free via JavaScript Bookmark API
CVSS 8.8
CVE-2018-4902 HIGH
Adobe Acrobat and Reader Use-After-Free via Crafted PDF with Video Annotation
CVSS 8.8
CVE-2018-4892 HIGH
Adobe Acrobat and Reader < 17.011.30070, < 18.009.20050, < 15.006.30394 - Use-After-Free in JBIG2 Decoder
CVSS 8.8
CVE-2018-4888 HIGH
Adobe Acrobat and Reader < 17.011.30070, < 18.009.20050, < 15.006.30394 - Use-After-Free in XFA Engine
CVSS 8.8
CVE-2018-7249 HIGH
Microsoft Windows Vista, 7, 8, 8.1 - Use-After-Free via secdrv.sys IOCTL Race Condition
CVSS 7.0
CVE-2018-1166 HIGH
Joyent SmartOS release-20170803-20170803T064301Z - Privilege Escalation via SMBIOC_TREE_RELE ioctl
CVSS 7.8
CVE-2018-7054 CRITICAL
Irssi < 1.0.7 and 1.1.x < 1.1.1 - Use-After-Free during Netsplit Server Disconnection
CVSS 9.8
CVE-2018-7053 CRITICAL
irssi < 1.0.7 and 1.1.x < 1.1.1 - Use-After-Free via SASL Message Handling
CVSS 9.8
CVE-2018-1000051 HIGH
Artifex Mupdf 1.12.0 - Use After Free
CVSS 7.8
CVE-2018-1000030 LOW
Python < 2.7.14 - Heap-Buffer-Overflow and Use-After-Free via Race Condition
CVSS 3.6
Details
Vulnerabilities 7,671
Exploit Likelihood High