CWE-416

High likelihood

Use After Free

Parent: CWE-825 - Expired Pointer Dereference

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

7,672 vulnerabilities with CWE-416
CVE-2016-10150 CRITICAL
Linux Kernel <4.8.13 - Use After Free
CVSS 9.8
CVE-2016-6082 CRITICAL
IBM BigFix Platform - Use After Free
CVSS 10.0
CVE-2016-5824 MEDIUM
libical 1.0 - Use-After-Free via Crafted ICS File
CVSS 5.5
CVE-2016-5823 MEDIUM
libical 0.47 and 1.0 - Use-After-Free via Crafted ICS File
CVSS 5.5
CVE-2016-9401 MEDIUM
GNU Bash < 4.4 - Use-After-Free via popd
CVSS 5.5
CVE-2016-3177 CRITICAL
giflib 5.1.2 - Use-After-Free and Double Free in gifcolor.c
CVSS 9.8
CVE-2016-5219 MEDIUM
Google Chrome < 55.0.2883.75 - Use-After-Free in V8 via Crafted HTML Page
CVSS 6.3
CVE-2016-5216 MEDIUM
Google Chrome < 55.0.2883.75 - Use-After-Free in PDFium via Crafted PDF File
CVSS 6.3
CVE-2016-5215 MEDIUM
Google Chrome < 55.0.2883.75 - Use-After-Free in WebAudio
CVSS 6.3
CVE-2016-5213 HIGH
Google Chrome < 55.0.2883.75 - Use-After-Free in V8
CVSS 8.8
CVE-2016-5211 HIGH
Google Chrome < 55.0.2883.75 - Use-After-Free in PDFium via Crafted PDF File
CVSS 8.8
CVE-2016-5203 HIGH
Google Chrome < 55.0.2883.75 - Use-After-Free in PDFium via Crafted PDF File
CVSS 8.8
CVE-2016-9678 CRITICAL
Citrix Provisioning Services - Use-After-Free
CVSS 9.8
CVE-2016-9584 CRITICAL
libical < 2.0 - Use-After-Free via Crafted ICS File
CVSS 9.1
CVE-2016-9279 HIGH
Samsung Exynos fimg2d Driver - Use-After-Free
CVSS 7.5
CVE-2016-7906 MEDIUM
ImageMagick 7.0.3-2 - Use-After-Free in magick/attribute.c
CVSS 5.5
CVE-2016-6885 HIGH
MatrixSSL < 3.8.3 - Denial of Service via Modular Exponentiation Base Zero
CVSS 7.5
CVE-2016-7479 CRITICAL
PHP 7.x - Use-After-Free during Unserialization
CVSS 9.8
CVE-2016-6892 HIGH
MatrixSSL < 3.8.6 - Use-After-Free via Crafted X.509 Certificate
CVSS 7.5
CVE-2016-9936 CRITICAL
PHP 7.x - Use-After-Free via Crafted Serialized Data
CVSS 9.8
CVE-2016-9138 CRITICAL
PHP < 5.6.27 and 7.x < 7.0.12 - Use-After-Free via Serialized Data
CVSS 9.8
CVE-2016-9137 CRITICAL
PHP <5.6.27, <7.0.12 - Use After Free
CVSS 9.8
CVE-2016-10088 HIGH
Linux Kernel < 3.10.107 - Use-After-Free in SG Implementation
CVSS 7.0
CVE-2016-9794 HIGH
Linux Kernel < 3.2.85 - Use-After-Free via ALSA SNDRV_PCM_TRIGGER_START Command
CVSS 7.8
CVE-2016-9576 HIGH
Linux Kernel 4.0-4.4.37 - Use-After-Free in blk_rq_map_user_iov
CVSS 7.8
Details
Vulnerabilities 7,672
Exploit Likelihood High