CWE-416

High likelihood

Use After Free

Parent: CWE-825 - Expired Pointer Dereference

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

7,672 vulnerabilities with CWE-416
CVE-2017-14528 MEDIUM
ImageMagick 7.0.6 - Use-After-Free in TIFFSetProfiles
CVSS 6.5
CVE-2017-12133 MEDIUM
GNU C Library <2.26 - Use After Free
CVSS 5.9
CVE-2017-2821 HIGH
Lexmark Perceptive Document Filters 11.3.0.2400 and 11.4.0.2452 - Use-After-Free in PDF Parser
CVSS 8.8
CVE-2017-2808 HIGH
Ledger-CLI 3.1.1 - Use-After-Free in Account Parsing Component
CVSS 7.5
CVE-2017-14103 HIGH
GraphicsMagick 1.3.26 - Use After Free
CVSS 8.8
CVE-2017-13711 HIGH
QEMU < 2.10.1 - Use-After-Free in slirp/socket.c sofree Function
CVSS 7.5
CVE-2017-13741 MEDIUM
Liblouis 3.2.0 - Use-After-Free in compileBrailleIndicator
CVSS 6.5
CVE-2017-13737 MEDIUM
GraphicsMagick 1.3.26 - Use-After-Free in MagickFree
CVSS 6.5
CVE-2017-12877 MEDIUM
ImageMagick < 6.9.9-6 - Use-After-Free in DestroyImage Function
CVSS 6.5
CVE-2017-10661 HIGH
Linux Kernel < 4.10.15 - Use-After-Free via Timerfd Race Condition
CVSS 7.0
CVE-2017-9685 HIGH
Qualcomm Android - Use After Free
CVSS 8.1
CVE-2017-9684 HIGH
Qualcomm Android USB Driver - Use-After-Free via Race Condition
CVSS 7.0
CVE-2017-7364 CRITICAL
Qualcomm Android CAF - Use-After-Free in __mdss_fb_copy_destscaler_data
CVSS 9.8
CVE-2017-8270 HIGH
Qualcomm Android Driver - Use-After-Free via Race Condition
CVSS 7.0
CVE-2017-8266 HIGH
Qualcomm Android Video Driver - Use-After-Free via Race Condition
CVSS 7.0
CVE-2017-8262 HIGH
Qualcomm Android CAF - Use-After-Free via Memory Allocation Race Condition
CVSS 7.0
CVE-2017-12936 HIGH
GraphicsMagick 1.3.26 - Use-After-Free in ReadWMFImage
CVSS 8.8
CVE-2017-12934 HIGH
PHP 7.0.x < 7.0.21 and 7.1.x < 7.1.7 - Use-After-Free in Unserialization
CVSS 7.5
CVE-2017-12932 CRITICAL
PHP 7.0.x-7.0.22 and 7.1.x-7.1.8 - Use-After-Free in Unserializer
CVSS 9.8
CVE-2017-3120 HIGH
Adobe Acrobat and Reader < 11.0.21, 15.006.30355, 17.012.20098 - Use-After-Free in XFA Parsing Engine
CVSS 8.8
CVE-2017-3113 HIGH
Adobe Acrobat and Reader < 11.0.21, 15.006.30355, 17.012.20098 - Use-After-Free via JavaScript Large String Handling
CVSS 8.8
CVE-2017-11279 HIGH
Adobe Digital Editions <= 4.5.4 - Use-After-Free
CVSS 7.5
CVE-2017-11274 CRITICAL
Adobe Digital Editions <= 4.5.4 - Use-After-Free
CVSS 9.8
CVE-2017-11256 HIGH
Adobe Acrobat and Reader - Use-After-Free in XFA Layout Engine
CVSS 8.8
CVE-2017-11254 HIGH
Adobe Acrobat and Reader - Use-After-Free in JavaScript Engine
CVSS 8.8
Details
Vulnerabilities 7,672
Exploit Likelihood High