CWE-416
Use After Free
VariantStableLikelihood: High
Description
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
Hierarchy (View 1000)
Parents
Children
none
CVEs mapped to this weakness (1,405)
page 12 of 71| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-3113 | Hig | 0.58 | 8.8 | 0.05 | Aug 11, 2017 | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in JavaScript engine when creating large strings. Successful exploitation could lead to arbitrary code execution. | |
| CVE-2017-11256 | Hig | 0.58 | 8.8 | 0.05 | Aug 11, 2017 | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability when generating content using XFA layout engine. Successful exploitation could lead to arbitrary code execution. | |
| CVE-2017-11254 | Hig | 0.58 | 8.8 | 0.12 | Aug 11, 2017 | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the Acrobat/Reader's JavaScript engine. Successful exploitation could lead to arbitrary code execution. | |
| CVE-2017-11235 | Hig | 0.58 | 8.8 | 0.05 | Aug 11, 2017 | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the image conversion engine when decompressing JPEG data. Successful exploitation could lead to arbitrary code execution. | |
| CVE-2017-11231 | Hig | 0.58 | 8.8 | 0.05 | Aug 11, 2017 | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in Acrobat/Reader rendering engine. Successful exploitation could lead to arbitrary code execution. | |
| CVE-2017-11224 | Hig | 0.58 | 8.8 | 0.05 | Aug 11, 2017 | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the XFA layout engine. Successful exploitation could lead to arbitrary code execution. | |
| CVE-2017-11223 | Hig | 0.58 | 8.8 | 0.05 | Aug 11, 2017 | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the core of the XFA engine. Successful exploitation could lead to arbitrary code execution. | |
| CVE-2017-11219 | Hig | 0.58 | 8.8 | 0.05 | Aug 11, 2017 | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the XFA rendering engine. Successful exploitation could lead to arbitrary code execution. | |
| CVE-2017-11218 | Hig | 0.58 | 8.8 | 0.05 | Aug 11, 2017 | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in XFA event management. Successful exploitation could lead to arbitrary code execution. | |
| CVE-2015-7849 | Hig | 0.58 | 8.8 | 0.05 | Aug 7, 2017 | Use-after-free vulnerability in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to possibly execute arbitrary code or cause a denial of service (crash) via crafted packets. | |
| CVE-2016-7881 | Hig | 0.58 | 8.8 | 0.06 | Dec 15, 2016 | Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class when handling conversion to an object. Successful exploitation could lead to arbitrary code execution. | |
| CVE-2016-7880 | Hig | 0.58 | 8.8 | 0.06 | Dec 15, 2016 | Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability when setting the length property of an array object. Successful exploitation could lead to arbitrary code execution. | |
| CVE-2016-7879 | Hig | 0.58 | 8.8 | 0.04 | Dec 15, 2016 | Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the NetConnection class when handling an attached script object. Successful exploitation could lead to arbitrary code execution. | |
| CVE-2016-7878 | Hig | 0.58 | 8.8 | 0.04 | Dec 15, 2016 | Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the PSDK's MediaPlayer class. Successful exploitation could lead to arbitrary code execution. | |
| CVE-2016-7877 | Hig | 0.58 | 8.8 | 0.06 | Dec 15, 2016 | Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the Action Message Format serialization (AFM0). Successful exploitation could lead to arbitrary code execution. | |
| CVE-2016-7872 | Hig | 0.58 | 8.8 | 0.04 | Dec 15, 2016 | Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class related to objects at multiple presentation levels. Successful exploitation could lead to arbitrary code execution. | |
| CVE-2016-7864 | Hig | 0.58 | 8.8 | 0.08 | Nov 8, 2016 | Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution. | |
| CVE-2016-7863 | Hig | 0.58 | 8.8 | 0.08 | Nov 8, 2016 | Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution. | |
| CVE-2016-7862 | Hig | 0.58 | 8.8 | 0.08 | Nov 8, 2016 | Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution. | |
| CVE-2016-7859 | Hig | 0.58 | 8.8 | 0.08 | Nov 8, 2016 | Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution. |