CWE-416

High likelihood

Use After Free

Parent: CWE-825 - Expired Pointer Dereference

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

7,672 vulnerabilities with CWE-416
CVE-2017-11235 HIGH
Adobe Acrobat and Reader - Use-After-Free in JPEG Decompression
CVSS 8.8
CVE-2017-11232 MEDIUM
Adobe Acrobat and Reader < 11.0.20, 15.006.30306, 17.009.20058, 17.011.30066 - Use-After-Free via EMF Brush Manipulation
CVSS 6.5
CVE-2017-11231 HIGH
Adobe Acrobat and Reader < 11.0.20, 15.006.30306, 17.009.20058, 2017.008.30051, 2017.009.20058 - Use-After-Free
CVSS 8.8
CVE-2017-11224 HIGH
Adobe Acrobat and Reader < 11.0.20, 15.006.30306, 15.007.20033-17.009.20058, 17.011.30066 Use-After-Free
CVSS 8.8
CVE-2017-11223 HIGH
Adobe Acrobat and Reader - Use-After-Free in XFA Engine
CVSS 8.8
CVE-2017-11219 HIGH
Adobe Acrobat and Reader - Use-After-Free in XFA Rendering Engine
CVSS 8.8
CVE-2017-11218 HIGH
Adobe Acrobat and Reader < 11.0.20, 15.006.30306, 17.009.20058, 17.011.30066 - Use-After-Free in XFA Event Management
CVSS 8.8
CVE-2017-0727 HIGH
Android <7.1.2 - Privilege Escalation
CVSS 7.8
CVE-2017-12671 MEDIUM
ImageMagick 7.0.6-3 - Use-After-Free in PNG Coder
CVSS 6.5
CVE-2017-6420 MEDIUM
ClamAV 0.99.2 - Use-After-Free in wwunpack Function via Crafted PE File
CVSS 5.5
CVE-2017-12448 HIGH
GNU Binutils < 2.29 - Use-After-Free in BFD Archive Handling
CVSS 7.8
CVE-2017-12431 MEDIUM
ImageMagick <7.0.6-1 - Use After Free
CVSS 6.5
CVE-2017-9612 HIGH
Ghostscript GhostXPS <9.21 - Use After Free
CVSS 7.8
CVE-2017-11403 HIGH
GraphicsMagick 1.3.26 - Use-After-Free in ReadMNGImage Function
CVSS 8.8
CVE-2017-11337 MEDIUM
Exiv2 - Use-After-Free in Action::TaskFactory::cleanup
CVSS 6.5
CVE-2017-9789 HIGH
Apache httpd 2.4.26 - Memory Corruption
CVSS 7.5
CVE-2017-11176 HIGH
Linux Kernel <= 4.11.9 - Use-After-Free in mq_notify Netlink Socket Handling
CVSS 7.8
CVE-2017-11143 HIGH
PHP < 5.6.30 - Use-After-Free in WDDX Boolean Deserialization
CVSS 7.5
CVE-2017-11109 HIGH
Vim 8.0 - Use-After-Free via Crafted Source File
CVSS 7.8
CVE-2017-10966 CRITICAL
irssi < 1.0.3 - Use-After-Free in Nick List Update
CVSS 9.8
CVE-2017-10788 CRITICAL
DBD::mysql < 4.043 - Use-After-Free via MySQL Server Error Response
CVSS 9.8
CVE-2017-10686 HIGH
Netwide Assembler 2.14rc0 - Use-After-Free in Token Handling
CVSS 7.8
CVE-2017-10672 CRITICAL
XML-LibXML < 2.0129 - Use-After-Free via replaceChild Call
CVSS 9.8
CVE-2017-2491 HIGH
iPhone OS < 10.2.1 - Remote Code Execution via JavaScript String.replace Use-After-Free
CVSS 8.8
CVE-2017-9953 HIGH
Exiv2 0.26 - Use-After-Free in Image::printIFDStructure
CVSS 7.5
Details
Vulnerabilities 7,672
Exploit Likelihood High