CWE-416

High likelihood

Use After Free

Parent: CWE-825 - Expired Pointer Dereference

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

7,671 vulnerabilities with CWE-416
CVE-2017-5403 CRITICAL
Thunderbird < 52.0 - Use-After-Free via addRange
CVSS 9.8
CVE-2017-5402 CRITICAL
Debian Linux < 45.8.0 - Use After Free
CVSS 9.8
CVE-2017-5396 CRITICAL
Thunderbird <45.7, Firefox ESR <45.7, Firefox <51 - Use After Free
CVSS 9.8
CVE-2017-5380 CRITICAL
Thunderbird <45.7-Firefox <51. - Use After Free
CVSS 9.8
CVE-2017-5379 HIGH
Firefox < 51.0 - Use-After-Free in Web Animations
CVSS 7.5
CVE-2017-5376 CRITICAL
Thunderbird <45.7-Firefox <51 - Use After Free
CVSS 9.8
CVE-2017-18272 MEDIUM
ImageMagick 7.0.7-16-7.0.7-21 - Use-After-Free in ReadOneMNGImage
CVSS 6.5
CVE-2017-14458 HIGH
Foxit PDF Reader <8.3.2.25013 - Use After Free
CVSS 8.8
CVE-2017-18145 CRITICAL
Qualcomm MSM8909W and Snapdragon Firmware - Use-After-Free in DPM Native Process
CVSS 9.8
CVE-2017-18144 CRITICAL
Qualcomm MSM8909W and Snapdragon Firmware - Use-After-Free via WPA Supplicant Command Retransmission
CVSS 9.8
CVE-2017-18140 CRITICAL
Qualcomm MDM9206 and related firmware - Use-After-Free during Call Disconnection with eMBMS
CVSS 9.8
CVE-2017-18136 CRITICAL
Qualcomm MDM9206 and Snapdragon Firmware - Use-After-Free in OMX AAC Component
CVSS 9.8
CVE-2017-11011 CRITICAL
Qualcomm MDM9206/MDM9607/SD 210/212/205/425/430/450/625/820/835 Firmware - Use-After-Free in Communication API
CVSS 9.8
CVE-2017-1081 HIGH
FreeBSD < 11.0 - Denial of Service via IPFilter State Handling
CVSS 7.5
CVE-2017-13272 CRITICAL
Android 7.0-8.1 - Use-After-Free in alarm_ready_generic
CVSS 9.8
CVE-2017-13257 MEDIUM
Android 5.1.1-8.1 - Use-After-Free in bta_pan_data_buf_ind_cback
CVSS 6.5
CVE-2017-13278 HIGH
Android 6.0 6.0.1 7.0 7.1.1 7.1.2 8.0 8.1 - Use-After-Free in MediaPlayerService
CVSS 7.8
CVE-2017-11075 HIGH
Qualcomm Android for MSM - Use-After-Free in wdsp_glink_write()
CVSS 7.8
CVE-2017-14881 CRITICAL
Android <2017-10-13 - Use After Free
CVSS 9.8
CVE-2017-14877 CRITICAL
Android IPA Driver - Use-After-Free via IOCTL Command Race Condition
CVSS 9.8
CVE-2017-14915 CRITICAL
Android <2018-01-05 - Use After Free
CVSS 9.8
CVE-2017-18066 HIGH
Android - Use-After-Free in msm_core_ioctl()
CVSS 7.8
CVE-2017-16749 HIGH
Delta Industrial Automation Screen Editor < 2.00.23.00 - Use-After-Free via Crafted .dpb File
CVSS 7.8
CVE-2017-18234 HIGH
exempi < 2.4.3 - Use-After-Free via JPEG Data in PDF Files
CVSS 7.8
CVE-2017-18220 HIGH
GraphicsMagick 1.3.26 - Use-After-Free in ReadOneJNGImage and ReadJNGImage
CVSS 8.8
Details
Vulnerabilities 7,671
Exploit Likelihood High