CWE-416

High likelihood

Use After Free

Parent: CWE-825 - Expired Pointer Dereference

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

7,672 vulnerabilities with CWE-416
CVE-2017-3084 CRITICAL
Adobe Flash Player <= 25.0.0.171 - Use-After-Free in Advertising Metadata Functionality
CVSS 9.8
CVE-2017-3083 CRITICAL
Adobe Flash Player <= 25.0.0.171 - Use-After-Free in Primetime SDK Profile Metadata
CVSS 9.8
CVE-2017-3081 CRITICAL
Adobe Flash Player <= 25.0.0.171 - Use-After-Free via Display Object Mask Manipulation
CVSS 9.8
CVE-2017-3075 CRITICAL
Adobe Flash Player <= 25.0.0.171 - Use-After-Free in ActionScript 2 XML Class
CVSS 9.8
CVE-2017-9762 MEDIUM
radare2 1.5.0 - Use-After-Free in cmd_info Function
CVSS 5.5
CVE-2017-7371 HIGH
Android - Use-After-Free in SLIMbus Bluetooth Shutdown
CVSS 7.8
CVE-2017-7370 HIGH
Android - Use-After-Free in Video Driver
CVSS 7.0
CVE-2017-9527 HIGH
mruby < 1.2.0 - Use-After-Free in GC Mark Context Stack
CVSS 7.8
CVE-2017-9520 MEDIUM
radare2 1.5.0 - Use-After-Free via Crafted DEX File
CVSS 5.5
CVE-2017-7295 HIGH
Contiki Operating System 3.0 - Use After Free
CVSS 7.5
CVE-2017-2823 HIGH
PowerISO 6.8 - Use-After-Free in ISO File Parser
CVSS 7.8
CVE-2017-9190 HIGH
AutoTrace 0.31.1 - Use-After-Free in free_bitmap
CVSS 7.5
CVE-2017-9182 HIGH
AutoTrace 0.31.1 - Use-After-Free in GET_COLOR Function
CVSS 7.5
CVE-2017-2518 CRITICAL
iPhone OS < 10.3.2, macOS < 10.12.5, tvOS < 10.2.1, watchOS < 3.2.2 - RCE via Crafted SQL Statement
CVSS 9.8
CVE-2017-2513 CRITICAL
iPhone OS < 10.3.2, macOS < 10.12.5, tvOS < 10.2.1, watchOS < 3.2.2 - RCE via SQLite
CVSS 9.8
CVE-2017-8929 HIGH
YARA 3.5.0 - Use-After-Free in sized_string_cmp
CVSS 7.5
CVE-2017-7487 HIGH
Linux kernel <4.11.1 - Use After Free
CVSS 7.8
CVE-2017-8246 HIGH
Android - Use-After-Free in ALSA PCM Playback Kernel Module
CVSS 7.8
CVE-2017-0263 HIGH KEV
Microsoft Windows - Use-After-Free in Kernel-Mode Drivers
CVSS 7.8
CVE-2017-0261 HIGH KEV
Microsoft Office 2010 SP2, 2013 SP1, 2016 - Remote Code Execution via Use-After-Free
CVSS 7.8
CVE-2017-8895 CRITICAL
Veritas Backup Exec <16 FP1 - Use After Free
CVSS 9.8
CVE-2017-7698 HIGH
swftools < 0.9.2 - Remote Code Execution via Malformed PDF Document
CVSS 7.8
CVE-2017-3073 HIGH
Adobe Flash Player < 25.0.0.148 - Use-After-Free via Display Object Mask Properties
CVSS 8.8
CVE-2017-3071 HIGH
Adobe Flash Player < 25.0.0.148 - Use-After-Free via Display Object Masking
CVSS 8.8
CVE-2017-8846 MEDIUM
long_range_zip 0.631 - Use-After-Free in read_stream Function
CVSS 5.5
Details
Vulnerabilities 7,672
Exploit Likelihood High