CWE-416

High likelihood

Use After Free

Parent: CWE-825 - Expired Pointer Dereference

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

7,672 vulnerabilities with CWE-416
CVE-2017-2438 HIGH
macOS < 10.12.4 - Use-After-Free in AppleRAID
CVSS 7.8
CVE-2017-7374 HIGH
Linux kernel < 4.10.7 - Use After Free
CVSS 7.8
CVE-2017-7191 CRITICAL
irssi < 1.0.1 - Use-After-Free in Netjoin Processing
CVSS 9.8
CVE-2017-7264 MEDIUM
Artifex MuPDF <1.10a - Use After Free
CVSS 5.3
CVE-2017-6966 MEDIUM
GNU Binutils <2.28 - Use After Free
CVSS 5.5
CVE-2017-0070 HIGH
Microsoft Edge - Remote Code Execution via Use-After-Free in Scripting Engine
CVSS 7.5
CVE-2017-3003 HIGH
Adobe Flash Player <= 24.0.0.221 - Use-After-Free via ActionScript 2 Camera Object
CVSS 8.8
CVE-2017-3002 HIGH
Adobe Flash Player <= 24.0.0.221 - Use-After-Free in ActionScript2 TextField Variable Property
CVSS 8.8
CVE-2017-3001 HIGH
Adobe Flash Player <= 24.0.0.221 - Use-After-Free in ActionScript 2 VM
CVSS 8.8
CVE-2017-6874 HIGH
Linux Kernel 4.9-4.9.15 - Use-After-Free via ucounts Race Condition
CVSS 7.0
CVE-2017-5194 HIGH
Irssi < 0.8.21 - Use-After-Free via Invalid Nick Message
CVSS 7.5
CVE-2017-6346 HIGH
Linux Kernel < 3.2.87 - Use-After-Free via PACKET_FANOUT Setsockopt Race Condition
CVSS 7.0
CVE-2017-5666 MEDIUM
mp3splt 2.6.2 - Denial of Service via Crafted File in free_options Function
CVSS 5.5
CVE-2017-6196 HIGH
afpl_ghostscript < 8452f9238959a4d518af365812bf031fe4d8d4b7 - Use-After-Free in gx_image_enum_begin
CVSS 7.8
CVE-2017-2360 HIGH
Apple <10.2.1, <10.12.3, <10.1.1, <3.1.3 - RCE/DoS
CVSS 7.8
CVE-2017-2353 HIGH
macOS < 10.12.3 - Use-After-Free in Bluetooth Component
CVSS 7.8
CVE-2017-5021 MEDIUM
Google Chrome <56.0.2924.76-56.0.2924.87 - Use After Free
CVSS 4.3
CVE-2017-5019 MEDIUM
Google Chrome <56.0.2924.76-56.0.2924.87 - Use After Free
CVSS 6.3
CVE-2017-5357 HIGH
GNU ed <1.14.1 - DoS
CVSS 7.5
CVE-2017-2994 HIGH
Adobe Flash Player <= 24.0.0.194 - Use-After-Free in Primetime SDK Event Dispatch
CVSS 8.8
CVE-2017-2993 HIGH
Adobe Flash Player < 24.0.0.194 - Use-After-Free via Event Handlers
CVSS 8.8
CVE-2017-2985 HIGH
Adobe Flash Player < 24.0.0.194 - Use-After-Free in ActionScript 3 BitmapData
CVSS 8.8
CVE-2017-2982 HIGH
Adobe Flash Player < 24.0.0.194 - Use-After-Free
CVSS 8.8
CVE-2017-3302 HIGH
Oracle MySQL < 5.6.21 and 5.7.x < 5.7.5 - Use-After-Free in libmysqlclient.so
CVSS 7.5
CVE-2017-5843 HIGH
GStreamer < 1.10.2 - Use-After-Free in Mini Object and Tag List Handling
CVSS 7.5
Details
Vulnerabilities 7,672
Exploit Likelihood High