VYPR

CWE-416

Use After Free

VariantStableLikelihood: High

Description

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

Hierarchy (View 1000)

Parents

Children

none

CVEs mapped to this weakness (2,306)

page 9 of 116
  • CVE-2017-11011CriApr 11, 2018
    risk 0.64cvss 9.8epss 0.01

    In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 820, SD 835, a Use After Free condition can occur in a communication API.

  • CVE-2017-13272CriApr 4, 2018
    risk 0.64cvss 9.8epss 0.02

    In alarm_ready_generic of alarm.cc, there is a possible out of bounds write due to a use after free. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions:…

  • CVE-2018-3599CriApr 3, 2018
    risk 0.64cvss 9.8epss 0.00

    In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, while notifying a DCI client, a Use After Free condition can occur.

  • CVE-2017-14881CriMar 30, 2018
    risk 0.64cvss 9.8epss 0.01

    While calling the IPA IOCTL handler for IPA_IOC_ADD_HDR_PROC_CTX in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-13, a use-after-free condition may potentially occur.

  • CVE-2017-14877CriMar 30, 2018
    risk 0.64cvss 9.8epss 0.01

    While the IPA driver in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-08-31 is processing IOCTL commands there is no mutex lock of allocated memory. If one thread sends an ioctl cmd IPA_IOC_QUERY_RT_TBL_INDEX while another sends an ioctl cmd…

  • CVE-2017-14915CriMar 30, 2018
    risk 0.64cvss 9.8epss 0.02

    In Android before 2018-01-05 on Qualcomm Snapdragon Mobile SD 625, SD 650/52, SD 835, accessing SPCOM functions with a compromised client structure can result in a Use After Free condition.

  • CVE-2018-6916CriMar 9, 2018
    risk 0.64cvss 9.8epss 0.02

    In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p7, 10.4-STABLE, 10.4-RELEASE-p7, and 10.3-RELEASE-p28, the kernel does not properly validate IPsec packets coming from a trusted host. Additionally, a use-after-free vulnerability exists in the IPsec AH handling code. This issue could…

  • CVE-2018-7554CriFeb 28, 2018
    risk 0.64cvss 9.8epss 0.02

    There is an invalid free in ReadImage in input-bmp.ci that leads to a Segmentation fault in sam2p 0.49.4. A crafted input will lead to a denial of service or possibly unspecified other impact.

  • CVE-2018-7551CriFeb 28, 2018
    risk 0.64cvss 9.8epss 0.02

    There is an invalid free in MiniPS::delete0 in minips.cpp that leads to a Segmentation fault in sam2p 0.49.4. A crafted input will lead to a denial of service or possibly unspecified other impact.

  • CVE-2018-6641CriFeb 28, 2018
    risk 0.64cvss 9.8epss 0.06

    An Arbitrary Free (Remote Code Execution) issue was discovered in Design Science MathType 6.9c. Crafted input can overwrite a structure, leading to a function call with an invalid parameter, and a subsequent free of important data such as a function pointer or list pointer. This…

  • CVE-2018-7054CriFeb 15, 2018
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free when a server is disconnected during netsplits. NOTE: this issue exists because of an incomplete fix for CVE-2017-7191.

  • CVE-2018-7053CriFeb 15, 2018
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free when SASL messages are received in an unexpected order.

  • CVE-2018-4877CriFeb 6, 2018
    risk 0.64cvss 9.8epss 0.09

    A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player's quality of service functionality. A successful attack can lead to arbitrary code execution.

  • CVE-2018-6548CriFeb 2, 2018
    risk 0.64cvss 9.8epss 0.01

    A use-after-free issue was discovered in libwebm through 2018-02-02. If a Vp9HeaderParser was initialized once before, its property frame_ would not be changed because of code in vp9parser::Vp9HeaderParser::SetFrame. Its frame_ could be freed while the corresponding pointer…

  • CVE-2017-13179CriJan 12, 2018
    risk 0.64cvss 9.8epss 0.02

    In the ihevcd_allocate_static_bufs and ihevcd_create functions of SoftHEVC, there is a possible out-of-bounds write due to a use after free. Both ps_codec_obj and ps_create_op->s_ivd_create_op_t.pv_handle point to the same memory and ps_codec_obj could be freed without clearing…

  • CVE-2017-13178CriJan 12, 2018
    risk 0.64cvss 9.8epss 0.02

    In the initDecoder function of SoftAVCDec, there is a possible out-of-bounds write to mCodecCtx due to a use after free when buffer allocation fails. This could lead to remote code execution as a privileged process with no additional execution privileges needed. User interaction…

  • CVE-2018-0001CriJan 10, 2018
    risk 0.64cvss 9.8epss 0.06

    A remote, unauthenticated attacker may be able to execute code by exploiting a use-after-free defect found in older versions of PHP through injection of crafted data via specific PHP URLs within the context of the J-Web process. Affected releases are Juniper Networks Junos OS:…

  • CVE-2017-1000421CriJan 2, 2018
    risk 0.64cvss 9.8epss 0.03

    Gifsicle gifview 1.89 and older is vulnerable to a use-after-free in the read_gif function resulting potential code execution

  • CVE-2017-17499CriDec 11, 2017
    risk 0.64cvss 9.8epss 0.03

    ImageMagick before 6.9.9-24 and 7.x before 7.0.7-12 has a use-after-free in Magick::Image::read in Magick++/lib/Image.cpp.

  • CVE-2017-16398CriDec 9, 2017
    risk 0.64cvss 9.8epss 0.09

    An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the…