CWE-416

High likelihood

Use After Free

Parent: CWE-825 - Expired Pointer Dereference

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

7,681 vulnerabilities with CWE-416
CVE-2016-6938 CRITICAL
Adobe Acrobat and Reader < 11.0.17 - Use-After-Free
CVSS 9.8
CVE-2016-4263 CRITICAL
Adobe Digital Editions <4.5.2 - Memory Corruption
CVSS 9.8
CVE-2016-6932 HIGH
Adobe Flash Player < 18.0.0.375, 19.x-23.x < 23.0.0.162, < 11.2.202.635 - Use-After-Free
CVSS 8.8
CVE-2016-6931 HIGH
Adobe Flash Player < 18.0.0.375, 19.x-23.x < 23.0.0.162, < 11.2.202.635 - Use-After-Free
CVSS 8.8
CVE-2016-6930 HIGH
Adobe Flash Player < 18.0.0.375, 19.x-23.x < 23.0.0.162, < 11.2.202.635 - Use-After-Free
CVSS 8.8
CVE-2016-6929 HIGH
Adobe Flash Player < 18.0.0.375, 19.x-23.x < 23.0.0.162, < 11.2.202.635 - Use-After-Free
CVSS 8.8
CVE-2016-6927 HIGH
Adobe Flash Player < 18.0.0.375, 19.x-23.x < 23.0.0.162, < 11.2.202.635 - Use-After-Free
CVSS 8.8
CVE-2016-6926 HIGH
Adobe Flash Player < 18.0.0.375, 19.x-23.x < 23.0.0.162, < 11.2.202.635 - Use-After-Free
CVSS 8.8
CVE-2016-6925 HIGH
Adobe Flash Player < 18.0.0.375, 19.x-23.x < 23.0.0.162, < 11.2.202.635 - Use-After-Free
CVSS 8.8
CVE-2016-6923 HIGH
Adobe Flash Player < 18.0.0.375, 19.x-23.x < 23.0.0.162, < 11.2.202.635 - Use-After-Free
CVSS 8.8
CVE-2016-6921 HIGH
Adobe Flash Player < 18.0.0.375, 19.x-23.x < 23.0.0.162, < 11.2.202.635 - Use-After-Free
CVSS 8.8
CVE-2016-4279 HIGH
Adobe Flash Player <19.x-23.x - Use After Free
CVSS 8.8
CVE-2016-4272 HIGH
Adobe Flash Player <19.x-23.x - Use After Free
CVSS 8.8
CVE-2016-5156 HIGH
Opensuse Leap < 52.0.2743.116 - Use After Free
CVSS 8.8
CVE-2016-5151 HIGH
Opensuse Leap < 52.0.2743.116 - Use After Free
CVSS 8.8
CVE-2016-5150 HIGH
Opensuse Leap < 52.0.2743.116 - Use After Free
CVSS 8.8
CVE-2016-7180 MEDIUM
Debian Linux - Use After Free
CVSS 5.9
CVE-2016-5421 HIGH
Opensuse Leap < 7.50.0 - Use After Free
CVSS 8.1
CVE-2016-5142 CRITICAL
Google Chrome < 52.0.2743.82 - Use-After-Free in Web Cryptography API
CVSS 9.8
CVE-2016-5773 CRITICAL
PHP < 5.5.37, 5.6.x < 5.6.23, 7.x < 7.0.8 - Remote Code Execution via ZipArchive Unserialize Use-After-Free
CVSS 9.8
CVE-2016-5771 CRITICAL
PHP < 5.5.37 - Use-After-Free in SPL Array Unserialize Interaction
CVSS 9.8
CVE-2016-3841 HIGH
Linux kernel <4.3.3 - Privilege Escalation/DoS
CVSS 7.3
CVE-2016-5264 HIGH
Firefox < 48.0 - Use-After-Free in nsNodeUtils NativeAnonymousChildListChange
CVSS 8.8
CVE-2016-5259 HIGH
Firefox < 48.0 - Remote Code Execution via Service Worker Nested Sync Event Loop
CVSS 8.8
CVE-2016-5258 HIGH
Oracle Linux < 47.0.1 - Use After Free
CVSS 8.8
Details
Vulnerabilities 7,681
Exploit Likelihood High