VYPR

CWE-416

Use After Free

VariantStableLikelihood: High

Description

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

Hierarchy (View 1000)

Parents

Children

none

CVEs mapped to this weakness (2,306)

page 17 of 116
  • CVE-2010-0050HigMar 15, 2010
    risk 0.61cvss 8.8epss 0.12

    Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML document with improperly nested tags.

  • CVE-2009-3658HigOct 9, 2009
    risk 0.61cvss 8.8epss 0.09

    Use-after-free vulnerability in the Sb.SuperBuddy.1 ActiveX control (sb.dll) in America Online (AOL) 9.5.0.1 allows remote attackers to trigger memory corruption or possibly execute arbitrary code via a malformed argument to the SetSuperBuddy method.

  • CVE-2026-40402CriMay 12, 2026
    risk 0.60cvss 9.3epss 0.00

    Use after free in Windows Hyper-V allows an unauthorized attacker to elevate privileges locally.

  • CVE-2018-5065HigJul 20, 2018
    risk 0.60cvss 8.8epss 0.32

    Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

  • CVE-2017-14103HigSep 1, 2017
    risk 0.60cvss 8.8epss 0.30

    The ReadJNGImage and ReadOneJNGImage functions in coders/png.c in GraphicsMagick 1.3.26 do not properly manage image pointers after certain error conditions, which allows remote attackers to conduct use-after-free attacks via a crafted file, related to a ReadMNGImage…

  • CVE-2013-0022CriFeb 13, 2013
    risk 0.60cvss 9.0epss 0.17

    Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer LsGetTrailInfo Use After Free Vulnerability."

  • CVE-2012-4787CriDec 12, 2012
    risk 0.60cvss 9.0epss 0.18

    Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly initialized or (2) is deleted, aka "Improper Ref Counting Use After Free…

  • CVE-2010-3328HigOct 13, 2010
    risk 0.60cvss 8.8epss 0.32

    Use-after-free vulnerability in the CAttrArray::PrivateFind function in mshtml.dll in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code by setting an unspecified property of a stylesheet object, aka "Uninitialized Memory Corruption…

  • CVE-2010-0248HigJan 22, 2010
    risk 0.60cvss 8.1epss 0.53

    Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Object…

  • CVE-2008-0077HigFeb 12, 2008
    risk 0.60cvss 8.8epss 0.37

    Use-after-free vulnerability in Microsoft Internet Explorer 6 SP1, 6 SP2, and and 7 allows remote attackers to execute arbitrary code by assigning malformed values to certain properties, as demonstrated using the by property of an animateMotion SVG element, aka "Property Memory…

  • CVE-2026-9891CriMay 28, 2026
    risk 0.59cvss 9.0epss 0.00

    Use after free in Extensions in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted Chrome Extension. (Chromium security severity: Critical)

  • CVE-2026-9881CriMay 28, 2026
    risk 0.59cvss 9.0epss 0.00

    Use after free in Bluetooth in Google Chrome on Mac prior to 148.0.7778.216 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. (Chromium security severity: Critical)

  • CVE-2025-23115CriMar 1, 2025
    risk 0.59cvss 9.0epss 0.01

    A Use After Free vulnerability on UniFi Protect Cameras could allow a Remote Code Execution (RCE) by a malicious actor with access to UniFi Protect Cameras management network.

  • CVE-2024-38920CriDec 5, 2024
    risk 0.59cvss 9.1epss 0.01

    Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl process. This vulnerability is triggerd via remotely sending a request for change the value of dynamic-parameter`/amcl max_beams` .

  • CVE-2017-16393HigDec 9, 2017
    risk 0.59cvss 8.8epss 0.17

    An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the…

  • CVE-2017-9798HigSep 18, 2017
    risk 0.59cvss 7.5epss 0.95

    Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through…

  • CVE-2017-12936HigAug 18, 2017
    risk 0.59cvss 8.8epss 0.25

    The ReadWMFImage function in coders/wmf.c in GraphicsMagick 1.3.26 has a use-after-free issue for data associated with exception reporting.

  • CVE-2015-7849HigAug 7, 2017
    risk 0.59cvss 8.8epss 0.17

    Use-after-free vulnerability in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to possibly execute arbitrary code or cause a denial of service (crash) via crafted packets.

  • CVE-2017-11403HigJul 18, 2017
    risk 0.59cvss 8.8epss 0.28

    The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 has an out-of-order CloseBlob call, resulting in a use-after-free via a crafted file.

  • CVE-2016-7835CriJun 9, 2017
    risk 0.59cvss 9.1epss 0.02

    Use-after-free vulnerability in H2O allows remote attackers to cause a denial-of-service (DoS) or obtain server certificate private keys and possibly other information.