CWE-416
Use After Free
VariantStableLikelihood: High
Description
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
Hierarchy (View 1000)
Parents
Children
none
CVEs mapped to this weakness (1,404)
page 10 of 71| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2014-1532 | Cri | 0.64 | 9.8 | 0.05 | Apr 30, 2014 | Use-after-free vulnerability in the nsHostResolver::ConditionallyRefreshRecord function in libxul.so in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to host resolution. | |
| CVE-2013-5616 | Cri | 0.64 | 9.8 | 0.03 | Dec 11, 2013 | Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to mListeners event listeners. | |
| CVE-2010-4201 | Cri | 0.64 | 9.8 | 0.00 | Nov 6, 2010 | Use-after-free vulnerability in Google Chrome before 7.0.517.44 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving text control selections. | |
| CVE-2010-4197 | Cri | 0.64 | 9.8 | 0.06 | Nov 6, 2010 | Use-after-free vulnerability in WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving text editing. | |
| CVE-2010-0050 | Hig | 0.64 | 8.8 | 0.46 | Mar 15, 2010 | Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML document with improperly nested tags. | |
| CVE-2009-3616 | Cri | 0.64 | 9.9 | 0.01 | Oct 23, 2009 | Multiple use-after-free vulnerabilities in vnc.c in the VNC server in QEMU 0.10.6 and earlier might allow guest OS users to execute arbitrary code on the host OS by establishing a connection from a VNC client and then (1) disconnecting during data transfer, (2) sending a message using incorrect integer data types, or (3) using the Fuzzy Screen Mode protocol, related to double free vulnerabilities. | |
| CVE-2026-8580 | Cri | 0.62 | 9.6 | 0.00 | May 14, 2026 | Use after free in Mojo in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium) | |
| CVE-2026-8511 | Cri | 0.62 | 9.6 | 0.00 | May 14, 2026 | Use after free in UI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical) | |
| CVE-2026-7910 | Cri | 0.62 | 9.6 | 0.00 | May 6, 2026 | Use after free in Views in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security severity: High) | |
| CVE-2026-7908 | Cri | 0.62 | 9.6 | 0.00 | May 6, 2026 | Use after free in Fullscreen in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | |
| CVE-2026-7333 | Cri | 0.62 | 9.6 | 0.00 | Apr 28, 2026 | Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | |
| CVE-2026-6919 | Cri | 0.62 | 9.6 | 0.00 | Apr 23, 2026 | Use after free in DevTools in Google Chrome prior to 147.0.7727.117 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | |
| CVE-2026-5874 | Cri | 0.62 | 9.6 | 0.00 | Apr 8, 2026 | Use after free in PrivateAI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium) | |
| CVE-2026-5290 | Cri | 0.62 | 9.6 | 0.00 | Apr 1, 2026 | Use after free in Compositing in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | |
| CVE-2026-5289 | Cri | 0.62 | 9.6 | 0.00 | Apr 1, 2026 | Use after free in Navigation in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | |
| CVE-2026-5288 | Cri | 0.62 | 9.6 | 0.00 | Apr 1, 2026 | Use after free in WebView in Google Chrome on Android prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | |
| CVE-2017-2491 | Hig | 0.62 | 8.8 | 0.22 | Jun 27, 2017 | Use after free vulnerability in the String.replace method JavaScriptCore in Apple Safari in iOS before 10.3 allows remote attackers to execute arbitrary code via a crafted web page, or a crafted file. | |
| CVE-2017-2471 | Hig | 0.62 | 8.8 | 0.21 | Apr 2, 2017 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. watchOS before 3.2 is affected. The issue involves the "WebKit" component. A use-after-free vulnerability allows remote attackers to execute arbitrary code via a crafted web site. | |
| CVE-2010-3328 | Hig | 0.62 | 8.8 | 0.55 | Oct 13, 2010 | Use-after-free vulnerability in the CAttrArray::PrivateFind function in mshtml.dll in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code by setting an unspecified property of a stylesheet object, aka "Uninitialized Memory Corruption Vulnerability." | |
| CVE-2010-0248 | Hig | 0.62 | 8.1 | 0.78 | Jan 22, 2010 | Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Object Memory Corruption Vulnerability." |