CWE-416

High likelihood

Use After Free

Parent: CWE-825 - Expired Pointer Dereference

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

7,672 vulnerabilities with CWE-416
CVE-2017-0428 HIGH
Android Kernel-3.10 - Use-After-Free in NVIDIA GPU Driver
CVSS 7.8
CVE-2017-2584 HIGH
Linux Kernel < 4.9.3 - Use-After-Free and Information Disclosure via Instruction Emulation
CVSS 7.1
CVE-2017-2961 HIGH
Adobe Acrobat and Reader < 11.0.18, < 15.006.30244, < 15.020.20042 - Use-After-Free in XFA Engine
CVSS 7.8
CVE-2017-2958 HIGH
Adobe Acrobat and Reader < 11.0.18, < 15.006.30244, < 15.020.20042 - Use-After-Free in JavaScript Engine
CVSS 7.8
CVE-2017-2957 HIGH
Adobe Acrobat and Reader < 11.0.18, < 15.006.30244, < 15.020.20042 - Use-After-Free in JavaScript Engine
CVSS 7.8
CVE-2017-2956 HIGH
Adobe Acrobat and Reader < 11.0.18, < 15.006.30244, < 15.020.20042 - Use-After-Free in JavaScript Engine
CVSS 7.8
CVE-2017-2955 HIGH
Adobe Acrobat and Reader < 11.0.18, < 15.006.30244, < 15.020.20042 - Use-After-Free in JavaScript Engine
CVSS 7.8
CVE-2017-2951 HIGH
Adobe Acrobat and Reader < 11.0.18, < 15.006.30244, < 15.020.20042 - Use-After-Free in XFA Sub-Form Handling
CVSS 7.8
CVE-2017-2950 HIGH
Adobe Acrobat and Reader < 11.0.18, < 15.006.30244, < 15.020.20042 - Use-After-Free in XFA Engine Layout
CVSS 7.8
CVE-2017-2937 HIGH
Adobe Flash Player < 24.0.0.186 - Use-After-Free in ActionScript FileReference Class
CVSS 8.8
CVE-2017-2936 HIGH
Adobe Flash Player < 24.0.0.186 - Use-After-Free in ActionScript FileReference
CVSS 8.8
CVE-2017-2932 HIGH
Adobe Flash Player < 24.0.0.186 - Use-After-Free in ActionScript MovieClip
CVSS 8.8
CVE-2016-4761 HIGH
WebKitGTK+ < 2.14.0 - Use-After-Free
CVSS 8.8
CVE-2016-1000006 CRITICAL
hhvm < 3.12.11 - Use-After-Free in serialize_memoize_param and ResourceBundle
CVSS 9.8
CVE-2016-10906 HIGH
Linux Kernel < 4.5 - Use-After-Free via Race Condition in arc_emac_tx and arc_emac_tx_clean
CVSS 7.0
CVE-2016-10905 HIGH
Linux Kernel < 4.8 - Use-After-Free in GFS2 Resource Group Handling
CVSS 7.8
CVE-2016-1573 HIGH
Unity8 <8.11+16.04.20160122-0ubuntu1 - Code Injection
CVSS 7.8
CVE-2016-9069 HIGH
Firefox < 50.0 - Use-After-Free in nsINode::ReplaceOrInsertBefore
CVSS 7.8
CVE-2016-8623 LOW
curl < 7.51.0 - Use-After-Free in Cookie Handling
CVSS 3.3
CVE-2016-8619 MEDIUM
curl < 7.51.0 - Use-After-Free in read_data()
CVSS 5.3
CVE-2016-8618 MEDIUM
curl < 7.51.0 - Use-After-Free via Unsafe size_t Multiplication in curl_maprintf()
CVSS 5.3
CVE-2016-9899 CRITICAL
Debian Linux < 52.1.0 - Use After Free
CVSS 9.8
CVE-2016-9898 CRITICAL
Debian Linux < 45.6.0 - Use After Free
CVSS 9.8
CVE-2016-9896 HIGH
Firefox < 50.1.0 - Use-After-Free in WebVR Navigator Object
CVSS 8.1
CVE-2016-9079 HIGH KEV
SVG Animation - Use After Free
CVSS 7.5
Details
Vulnerabilities 7,672
Exploit Likelihood High