CWE-416

High likelihood

Use After Free

Parent: CWE-825 - Expired Pointer Dereference

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

7,672 vulnerabilities with CWE-416
CVE-2017-14746 CRITICAL
Samba 4.0.0-4.5.0 - Remote Code Execution via SMB1 Request
CVSS 9.8
CVE-2017-16943 CRITICAL
Exim 4.88-4.89 - Remote Code Execution via BDAT Command Use-After-Free
CVSS 9.8
CVE-2017-16939 HIGH
Linux kernel <4.13.11 - Privilege Escalation/DoS
CVSS 7.8
CVE-2017-8203 HIGH
Huawei Nova 2 and Nova 2 Plus Firmware < BAC-AL00C00B173, < PIC-AL00C00B173 - Use-After-Free in Bastet Driver
CVSS 7.8
CVE-2017-8160 HIGH
Huawei Vicky and Victoria Smartphones - Use-After-Free in Madapt Driver
CVSS 7.8
CVE-2017-8142 HIGH
Huawei Mate 9 and Mate 9 Pro Firmware < MHA-AL00BC00B221, < LON-AL00BC00B221 - Use-After-Free in TEE Module Driver
CVSS 7.8
CVE-2017-1000211 MEDIUM
Lynx < 2.8.9dev.16 - Use-After-Free in HTML Parser
CVSS 5.3
CVE-2017-1000172 CRITICAL
Creolabs Gravity 1.0 - Use After Free
CVSS 9.8
CVE-2017-0861 HIGH
Android - Use-After-Free in ALSA Subsystem snd_pcm_info Function
CVSS 7.8
CVE-2017-11092 HIGH
Android for MSM - Use-After-Free in KGSL Driver GPU Command Handler
CVSS 7.8
CVE-2017-11091 HIGH
Android for MSM - Use-After-Free in mdss_rotator_ioctl Function
CVSS 7.8
CVE-2017-11024 HIGH
Android for MSM - Use-After-Free in rmnet USB Control Driver
CVSS 7.8
CVE-2017-15115 HIGH
Linux kernel < 4.14 - Use-After-Free in SCTP Peel-Off Action
CVSS 7.8
CVE-2017-15271 MEDIUM
PSFTPd 10.0.4 Build 729 - Unauthenticated Use-After-Free via Crafted SSH Identification String
CVSS 5.9
CVE-2017-12780 MEDIUM
libebml2 < 2012-08-26 - Use-After-Free in ReadData Function
CVSS 6.5
CVE-2017-16648 MEDIUM
Linux Kernel < 4.13.11 - Use-After-Free in DVB Frontend USB Device Handling
CVSS 6.6
CVE-2017-2922 CRITICAL
Cesanta Mongoose 6.8 - Use-After-Free via WebSocket Packet
CVSS 9.8
CVE-2017-2891 CRITICAL
Cesanta Mongoose 6.8 - Use-After-Free via HTTP POST Request with CGI Target
CVSS 9.8
CVE-2017-16528 MEDIUM
Linux kernel <4.13.4 - Use After Free
CVSS 6.6
CVE-2017-16527 MEDIUM
Linux Kernel < 4.13.8 - Use-After-Free in USB Mixer Interrupt Handler
CVSS 6.6
CVE-2017-16525 MEDIUM
Linux Kernel < 4.13.8 - Use-After-Free in USB Serial Console Disconnect
CVSS 6.6
CVE-2017-10948 HIGH
Foxit Reader 8.2.1.6871 - Remote Code Execution via app.execMenuItem Use-After-Free
CVSS 8.8
CVE-2017-10947 HIGH
Foxit Reader 8.2.1.6871 - Use-After-Free in Print Function
CVSS 8.8
CVE-2017-10946 HIGH
Foxit Reader 8.2.1.6871 - Remote Code Execution via setItem Use-After-Free
CVSS 8.8
CVE-2017-10945 HIGH
Foxit Reader 8.3.0.14878 - Remote Code Execution via app.alert Use-After-Free
CVSS 8.8
Details
Vulnerabilities 7,672
Exploit Likelihood High