CWE-416
Use After Free
Description
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
Hierarchy (View 1000)
Parents
Children
none
CVEs mapped to this weakness (2,306)
page 102 of 116| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-11941 | 0.00 | — | 0.00 | Jun 19, 2026 | Cloudflare Quiche was affected by 2 use-after-free vulnerabilities in the connection ID iterator FFI functions. The “quiche_connection_id_iter_next” and “quiche_conn_retired_scid_next” functions would return a pointer to a “ConnectionId” to the applications via… | |||
| CVE-2026-26330 | 0.00 | — | 0.00 | Mar 10, 2026 | Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, At the rate limit filter, if the response phase limit with apply_on_stream_done in the rate limit configuration is enabled and the response phase limit request fails directly, it… | |||
| CVE-2026-26311 | 0.00 | — | 0.00 | Mar 10, 2026 | Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, a logic vulnerability in Envoy's HTTP connection manager (FilterManager) that allows for Zombie Stream Filter Execution. This issue creates a "Use-After-Free" (UAF) or… | |||
| CVE-2026-28688 | 0.00 | — | 0.00 | Mar 9, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a heap-use-after-free vulnerability exists in the MSL encoder, where a cloned image is destroyed twice. The MSL coder does not support writing… | |||
| CVE-2026-28687 | 0.00 | — | 0.00 | Mar 9, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a heap use-after-free vulnerability in ImageMagick's MSL decoder allows an attacker to trigger access to freed memory by crafting an MSL file.… | |||
| CVE-2026-25983 | 0.00 | — | 0.00 | Feb 24, 2026 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted MSL script triggers a heap-use-after-free. The operation element handler replaces and frees the image while the parser continues… | |||
| CVE-2026-25087 | 0.00 | — | 0.01 | Feb 17, 2026 | Use After Free vulnerability in Apache Arrow C++. This issue affects Apache Arrow C++ from 15.0.0 through 23.0.0. It can be triggered when reading an Arrow IPC file (but not an IPC stream) with pre-buffering enabled, if the IPC file contains data with variadic buffers (such as… | |||
| CVE-2025-66627 | — | 0.00 | — | 0.00 | Dec 9, 2025 | Wasmi is a WebAssembly interpreter focused on constrained and embedded systems. In versions 0.41.0, 0.41.1, 0.42.0 through 0.47.1, 0.50.0 through 0.51.2 and 1.0.0, Wasmi's linear memory implementation leads to a Use After Free vulnerability, triggered by a WebAssembly module… | ||
| CVE-2025-64183 | — | 0.00 | — | 0.00 | Nov 10, 2025 | OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.2.0 through 3.2.4, 3.3.0 through 3.3.5, and 3.4.0 through 3.4.2, there is a use-after-free in PyObject_StealAttrString… | ||
| CVE-2025-54588 | 0.00 | — | 0.00 | Sep 2, 2025 | Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. Versions 1.34.0 through 1.34.4 and 1.35.0 contain a use-after-free (UAF) vulnerability in the DNS cache, causing abnormal process termination. The vulnerability is in… | |||
| CVE-2025-48752 | 0.00 | — | 0.00 | May 24, 2025 | In the process-sync crate 0.2.2 for Rust, the drop function lacks a check for whether the pthread_mutex is unlocked. | |||
| CVE-2025-26623 | 0.00 | — | 0.01 | Feb 18, 2025 | Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. A heap buffer overflow was found in Exiv2 versions v0.28.0 to v0.28.4. Versions prior to v0.28.0, such as v0.27.7, are **not** affected. Exiv2 is a… | |||
| CVE-2024-27530 | 0.00 | — | 0.00 | Nov 8, 2024 | wasm3 139076a contains a Use-After-Free in ForEachModule. | |||
| CVE-2024-38229 | — | 0.00 | — | 0.02 | Oct 8, 2024 | .NET and Visual Studio Remote Code Execution Vulnerability | ||
| CVE-2024-8375 | 0.00 | — | 0.00 | Sep 19, 2024 | There exists a use after free vulnerability in Reverb. Reverb supports the VARIANT datatype, which is supposed to represent an arbitrary object in C++. When a tensor proto of type VARIANT is unpacked, memory is first allocated to store the entire tensor, and a ctor is called on… | |||
| CVE-2024-8947 | 0.00 | — | 0.01 | Sep 17, 2024 | A vulnerability was found in MicroPython 1.22.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file py/objarray.c. The manipulation leads to use after free. The attack can be launched remotely. The complexity of an attack is… | |||
| CVE-2024-35264 | — | 0.00 | — | 0.03 | Jul 9, 2024 | .NET and Visual Studio Remote Code Execution Vulnerability | ||
| CVE-2024-31583 | 0.00 | — | 0.00 | Apr 17, 2024 | Pytorch before version v2.2.0 was discovered to contain a use-after-free vulnerability in torch/csrc/jit/mobile/interpreter.cpp. | |||
| CVE-2024-27934 | 0.00 | — | 0.00 | Mar 6, 2024 | Deno is a JavaScript, TypeScript, and WebAssembly runtime. Starting in version 1.36.2 and prior to version 1.40.3, use of inherently unsafe `*const c_void` and `ExternalPointer` leads to use-after-free access of the underlying structure, resulting in arbitrary code execution.… | |||
| CVE-2024-27308 | 0.00 | — | 0.01 | Mar 6, 2024 | Mio is a Metal I/O library for Rust. When using named pipes on Windows, mio will under some circumstances return invalid tokens that correspond to named pipes that have already been deregistered from the mio registry. The impact of this vulnerability depends on how mio is used.… |
- CVE-2026-11941Jun 19, 2026risk 0.00cvss —epss 0.00
Cloudflare Quiche was affected by 2 use-after-free vulnerabilities in the connection ID iterator FFI functions. The “quiche_connection_id_iter_next” and “quiche_conn_retired_scid_next” functions would return a pointer to a “ConnectionId” to the applications via…
- CVE-2026-26330Mar 10, 2026risk 0.00cvss —epss 0.00
Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, At the rate limit filter, if the response phase limit with apply_on_stream_done in the rate limit configuration is enabled and the response phase limit request fails directly, it…
- CVE-2026-26311Mar 10, 2026risk 0.00cvss —epss 0.00
Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, a logic vulnerability in Envoy's HTTP connection manager (FilterManager) that allows for Zombie Stream Filter Execution. This issue creates a "Use-After-Free" (UAF) or…
- CVE-2026-28688Mar 9, 2026risk 0.00cvss —epss 0.00
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a heap-use-after-free vulnerability exists in the MSL encoder, where a cloned image is destroyed twice. The MSL coder does not support writing…
- CVE-2026-28687Mar 9, 2026risk 0.00cvss —epss 0.00
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a heap use-after-free vulnerability in ImageMagick's MSL decoder allows an attacker to trigger access to freed memory by crafting an MSL file.…
- CVE-2026-25983Feb 24, 2026risk 0.00cvss —epss 0.00
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted MSL script triggers a heap-use-after-free. The operation element handler replaces and frees the image while the parser continues…
- CVE-2026-25087Feb 17, 2026risk 0.00cvss —epss 0.01
Use After Free vulnerability in Apache Arrow C++. This issue affects Apache Arrow C++ from 15.0.0 through 23.0.0. It can be triggered when reading an Arrow IPC file (but not an IPC stream) with pre-buffering enabled, if the IPC file contains data with variadic buffers (such as…
- CVE-2025-66627Dec 9, 2025risk 0.00cvss —epss 0.00
Wasmi is a WebAssembly interpreter focused on constrained and embedded systems. In versions 0.41.0, 0.41.1, 0.42.0 through 0.47.1, 0.50.0 through 0.51.2 and 1.0.0, Wasmi's linear memory implementation leads to a Use After Free vulnerability, triggered by a WebAssembly module…
- CVE-2025-64183Nov 10, 2025risk 0.00cvss —epss 0.00
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.2.0 through 3.2.4, 3.3.0 through 3.3.5, and 3.4.0 through 3.4.2, there is a use-after-free in PyObject_StealAttrString…
- CVE-2025-54588Sep 2, 2025risk 0.00cvss —epss 0.00
Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. Versions 1.34.0 through 1.34.4 and 1.35.0 contain a use-after-free (UAF) vulnerability in the DNS cache, causing abnormal process termination. The vulnerability is in…
- CVE-2025-48752May 24, 2025risk 0.00cvss —epss 0.00
In the process-sync crate 0.2.2 for Rust, the drop function lacks a check for whether the pthread_mutex is unlocked.
- CVE-2025-26623Feb 18, 2025risk 0.00cvss —epss 0.01
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. A heap buffer overflow was found in Exiv2 versions v0.28.0 to v0.28.4. Versions prior to v0.28.0, such as v0.27.7, are **not** affected. Exiv2 is a…
- CVE-2024-27530Nov 8, 2024risk 0.00cvss —epss 0.00
wasm3 139076a contains a Use-After-Free in ForEachModule.
- CVE-2024-38229Oct 8, 2024risk 0.00cvss —epss 0.02
.NET and Visual Studio Remote Code Execution Vulnerability
- CVE-2024-8375Sep 19, 2024risk 0.00cvss —epss 0.00
There exists a use after free vulnerability in Reverb. Reverb supports the VARIANT datatype, which is supposed to represent an arbitrary object in C++. When a tensor proto of type VARIANT is unpacked, memory is first allocated to store the entire tensor, and a ctor is called on…
- CVE-2024-8947Sep 17, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in MicroPython 1.22.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file py/objarray.c. The manipulation leads to use after free. The attack can be launched remotely. The complexity of an attack is…
- CVE-2024-35264Jul 9, 2024risk 0.00cvss —epss 0.03
.NET and Visual Studio Remote Code Execution Vulnerability
- CVE-2024-31583Apr 17, 2024risk 0.00cvss —epss 0.00
Pytorch before version v2.2.0 was discovered to contain a use-after-free vulnerability in torch/csrc/jit/mobile/interpreter.cpp.
- CVE-2024-27934Mar 6, 2024risk 0.00cvss —epss 0.00
Deno is a JavaScript, TypeScript, and WebAssembly runtime. Starting in version 1.36.2 and prior to version 1.40.3, use of inherently unsafe `*const c_void` and `ExternalPointer` leads to use-after-free access of the underlying structure, resulting in arbitrary code execution.…
- CVE-2024-27308Mar 6, 2024risk 0.00cvss —epss 0.01
Mio is a Metal I/O library for Rust. When using named pipes on Windows, mio will under some circumstances return invalid tokens that correspond to named pipes that have already been deregistered from the mio registry. The impact of this vulnerability depends on how mio is used.…