CWE-672

Operation on a Resource after Expiration or Release

Parent: CWE-666 - Operation on Resource in Wrong Phase of Lifetime

The product uses, accesses, or otherwise operates on a resource after that resource has been expired, released, or revoked.

78 vulnerabilities with CWE-672
CVE-2024-57929 HIGH
Linux Kernel Use-After-Free in dm_array_cursor_end
CVSS 7.1
CVE-2024-47571 HIGH
Fortinet FortiManager <7.4.0 - Privilege Escalation
CVSS 8.1
CVE-2024-56674 MEDIUM
Linux Kernel - Use-After-Free in virtio_net
CVSS 5.5
CVE-2024-49955 MEDIUM
Linux Kernel - Use-After-Free in ACPI Battery Hook Unregistration
CVSS 5.5
CVE-2024-49953 MEDIUM
Linux Kernel 6.4-6.6.54, 6.7-6.10.13, 6.11-6.11.2 - Use-After-Free in XFRM State Deletion
CVSS 5.5
CVE-2024-39792 HIGH
NGINX Plus - Memory Exhaustion via MQTT Pre-Read Module
CVSS 7.5
CVE-2024-31895 MEDIUM
IBM App Connect Enterprise <12.0.12.1 - Info Disclosure
CVSS 4.3
CVE-2024-31894 MEDIUM
IBM App Connect Enterprise <12.0.12.1 - Info Disclosure
CVSS 4.3
CVE-2024-31893 MEDIUM
IBM App Connect Enterprise <12.0.12.1 - Info Disclosure
CVSS 4.3
CVE-2024-4693 MEDIUM
QEMU Virtio PCI Bindings - Use After Free
CVSS 5.5
CVE-2024-27308 HIGH
Tokio >=1.30.0 and Mio 0.7.2-0.8.10 - Use-After-Free via Named Pipe Token Deregistration
CVSS 7.5
CVE-2024-25619 LOW
Mastodon < 3.5.18 - Insufficient Session Expiration via OAuth Application Destruction
CVSS 3.1
CVE-2024-23638 MEDIUM
Squid 5.0-5.9 and 6.0-6.5 - Denial of Service via Cache Manager Error Response
CVSS 6.5
CVE-2024-23332 MEDIUM
Notary Project notation-go - Use-After-Free via Outdated OCI Artifacts
CVSS 4.0
CVE-2023-48220 MEDIUM
Decidim 0.0.1.alpha3-0.26.8 - Use-After-Free via Expired Invitation Acceptance
CVSS 5.7
CVE-2023-34326 HIGH
Xen - Use-After-Free via Stale DMA Mappings
CVSS 7.8
CVE-2023-41094 CRITICAL
Ember ZNet <7.1.6, <7.2.4 - Use After Free
CVSS 10.0
CVE-2023-42446 MEDIUM
Pow 1.0.14-1.0.33 - Session Hijacking via MnesiaCache Expiration Validation
CVSS 6.5
CVE-2023-1902 MEDIUM
Zephyr < 3.3.0 - Use-After-Free in Bluetooth HCI Host Layer
CVSS 5.9
CVE-2023-1901 MEDIUM
Zephyr < 3.3.0 - Use-After-Free in Bluetooth HCI Host Layer
CVSS 5.9
CVE-2022-42838 LOW
macOS Ventura <13 - Info Disclosure
CVSS 3.3
CVE-2022-22755 HIGH
Firefox < 97.0 - Use-After-Free via XSL Transforms
CVSS 8.8
CVE-2022-45292 MEDIUM
funkwhale 1.2.8 - Use-After-Free in User Invite Handling
CVSS 5.3
CVE-2022-30256 HIGH
MaraDNS Deadwood <3.5.0021 - Info Disclosure
CVSS 7.5
CVE-2022-27499 LOW
Intel SGX SDK < 2.17.100.1 and < 2.18.100.1 - Use-After-Free
CVSS 2.5
Details
Vulnerabilities 78
Links
MITRE CWE Entry Search this CWE With Exploits