CWE-416

High likelihood

Use After Free

Parent: CWE-825 - Expired Pointer Dereference

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

7,672 vulnerabilities with CWE-416
CVE-2016-9923 MEDIUM
Qemu < 2.7.1 - Use-After-Free in Chardev Backend
CVSS 5.5
CVE-2016-5190 MEDIUM
Google Chrome < 54.0.2840.59 - Use-After-Free via Crafted HTML Pages
CVSS 6.3
CVE-2016-5185 HIGH
Google Chrome < 54.0.2840.59 - Use-After-Free via FrameView::updateLifecyclePhasesInternal()
CVSS 8.8
CVE-2016-5184 HIGH
Google Chrome < 54.0.2840.59 - Use-After-Free in PDFium CFFL_FormFillter
CVSS 8.8
CVE-2016-5183 HIGH
Google Chrome < 54.0.2840.59 - Use-After-Free in PDFium via Crafted PDF Files
CVSS 8.8
CVE-2016-7892 HIGH KEV
Adobe Flash Player < 23.0.0.207 and <= 11.2.202.644 - Use-After-Free in TextField Class
CVSS 8.8
CVE-2016-7881 HIGH
Adobe Flash Player <= 23.0.0.207 and <= 11.2.202.644 - Use-After-Free in MovieClip Class
CVSS 8.8
CVE-2016-7880 HIGH
Adobe Flash Player < 23.0.0.207 and <= 11.2.202.644 - Use-After-Free via Array Length Property
CVSS 8.8
CVE-2016-7879 HIGH
Adobe Flash Player <= 23.0.0.207 and <= 11.2.202.644 - Use-After-Free in NetConnection Script Handling
CVSS 8.8
CVE-2016-7878 HIGH
Adobe Flash Player <= 23.0.0.207 and <= 11.2.202.644 - Use-After-Free in MediaPlayer
CVSS 8.8
CVE-2016-7877 HIGH
Adobe Flash Player <= 23.0.0.207 and <= 11.2.202.644 - Use-After-Free in Action Message Format Serialization
CVSS 8.8
CVE-2016-7872 HIGH
Adobe Flash Player <= 23.0.0.207 and <= 11.2.202.644 - Use-After-Free in MovieClip Class
CVSS 8.8
CVE-2016-6833 MEDIUM
QEMU < 2.6.2 - Use-After-Free in vmxnet3_io_bar0_write
CVSS 4.4
CVE-2016-9120 HIGH
Linux kernel <4.6 - Privilege Escalation/DoS
CVSS 7.8
CVE-2016-8655 HIGH
AF_PACKET chocobo_root Privilege Escalation
CVSS 7.8
CVE-2016-9798 MEDIUM
BlueZ 5.42 - Use-After-Free in L2CAP Parser conf_opt Function
CVSS 5.3
CVE-2016-1251 HIGH
DBD::mysql 3.x-4.x - Use-After-Free with mysql_server_prepare=1
CVSS 8.1
CVE-2016-9373 MEDIUM
Wireshark 2.0.0-2.2.1 - Use After Free
CVSS 5.9
CVE-2016-7913 HIGH
Linux Kernel < 4.6 - Use-After-Free in xc2028_set_config
CVSS 7.8
CVE-2016-7912 HIGH
Linux Kernel 3.15-3.16.40 - Use-After-Free in ffs_user_copy_worker
CVSS 7.8
CVE-2016-7911 HIGH
Linux Kernel < 4.6.6 - Race Condition in get_task_ioprio Function
CVSS 7.8
CVE-2016-7910 HIGH
Linux Kernel < 4.7.1 - Use-After-Free in disk_seqf_stop
CVSS 7.8
CVE-2016-7864 HIGH
Adobe Flash Player <= 23.0.0.205 and <= 11.2.202.643 - Use-After-Free
CVSS 8.8
CVE-2016-7863 HIGH
Adobe Flash Player <= 23.0.0.205 and <= 11.2.202.643 - Use-After-Free
CVSS 8.8
CVE-2016-7862 HIGH
Adobe Flash Player <= 23.0.0.205 and <= 11.2.202.643 - Use-After-Free
CVSS 8.8
Details
Vulnerabilities 7,672
Exploit Likelihood High