Common Weakness Enumeration

CWE-416

Allowed

Use After Free

Abstraction: Variant · Status: Stable

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

9821 vulnerabilities reference this CWE, most recent first.

GHSA-5XWG-4CJR-7PRR

Vulnerability from github – Published: 2026-07-01 00:34 – Updated: 2026-07-01 18:31
VLAI
Details

Use after free in Core in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-13861"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-30T23:17:00Z",
    "severity": "CRITICAL"
  },
  "details": "Use after free in Core in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)",
  "id": "GHSA-5xwg-4cjr-7prr",
  "modified": "2026-07-01T18:31:30Z",
  "published": "2026-07-01T00:34:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-13861"
    },
    {
      "type": "WEB",
      "url": "https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0175352312.html"
    },
    {
      "type": "WEB",
      "url": "https://issues.chromium.org/issues/495456765"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5XWG-CCC9-X2GP

Vulnerability from github – Published: 2026-04-14 18:30 – Updated: 2026-04-14 18:30
VLAI
Details

Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-27924"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-14T18:17:03Z",
    "severity": "HIGH"
  },
  "details": "Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.",
  "id": "GHSA-5xwg-ccc9-x2gp",
  "modified": "2026-04-14T18:30:39Z",
  "published": "2026-04-14T18:30:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27924"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27924"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5XWV-33CP-778W

Vulnerability from github – Published: 2022-05-14 01:15 – Updated: 2025-04-20 03:50
VLAI
Details

In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in the pp_list_one_macro function in asm/preproc.c that will cause a remote denial of service attack, related to mishandling of line-syntax errors.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-17813"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-12-21T03:29:00Z",
    "severity": "MODERATE"
  },
  "details": "In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in the pp_list_one_macro function in asm/preproc.c that will cause a remote denial of service attack, related to mishandling of line-syntax errors.",
  "id": "GHSA-5xwv-33cp-778w",
  "modified": "2025-04-20T03:50:21Z",
  "published": "2022-05-14T01:15:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17813"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.nasm.us/show_bug.cgi?id=3392429"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3694-1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6223-FHXF-9MGJ

Vulnerability from github – Published: 2022-05-14 03:32 – Updated: 2022-05-14 03:32
VLAI
Details

In libming 0.4.8, the decompileSingleArgBuiltInFunctionCall function of decompile.c has a use-after-free. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-8962"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-03-23T21:29:00Z",
    "severity": "MODERATE"
  },
  "details": "In libming 0.4.8, the decompileSingleArgBuiltInFunctionCall function of decompile.c has a use-after-free. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file.",
  "id": "GHSA-6223-fhxf-9mgj",
  "modified": "2022-05-14T03:32:04Z",
  "published": "2022-05-14T03:32:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8962"
    },
    {
      "type": "WEB",
      "url": "https://github.com/libming/libming/issues/130"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6243-F9C4-77F4

Vulnerability from github – Published: 2022-05-02 06:14 – Updated: 2024-02-02 18:30
VLAI
Details

Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote authenticated users to cause a denial of service (daemon crash) via a request from a kadmin client that sends an invalid API version number.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2010-0629"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2010-04-07T15:30:00Z",
    "severity": "MODERATE"
  },
  "details": "Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote authenticated users to cause a denial of service (daemon crash) via a request from a kadmin client that sends an invalid API version number.",
  "id": "GHSA-6243-f9c4-77f4",
  "modified": "2024-02-02T18:30:21Z",
  "published": "2022-05-02T06:14:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0629"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9489"
    },
    {
      "type": "WEB",
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=567052"
    },
    {
      "type": "WEB",
      "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=5998"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038556.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00002.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/39264"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/39290"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/39315"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/39324"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/39367"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1023821"
    },
    {
      "type": "WEB",
      "url": "http://ubuntu.com/usn/usn-924-1"
    },
    {
      "type": "WEB",
      "url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-003.txt"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2010/dsa-2031"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:071"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0343.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/510566/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/39247"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2010/0876"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-624F-82HJ-X6PC

Vulnerability from github – Published: 2024-08-05 15:30 – Updated: 2024-08-05 15:30
VLAI
Details

Memory corruption when kernel driver attempts to trigger hardware fences.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-23383"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-08-05T15:15:47Z",
    "severity": "HIGH"
  },
  "details": "Memory corruption when kernel driver attempts to trigger hardware fences.",
  "id": "GHSA-624f-82hj-x6pc",
  "modified": "2024-08-05T15:30:53Z",
  "published": "2024-08-05T15:30:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23383"
    },
    {
      "type": "WEB",
      "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2024-bulletin.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-626C-C4R3-VMJG

Vulnerability from github – Published: 2024-08-21 18:31 – Updated: 2024-08-21 18:31
VLAI
Details

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23928.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-7725"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-08-21T16:15:11Z",
    "severity": "HIGH"
  },
  "details": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23928.",
  "id": "GHSA-626c-c4r3-vmjg",
  "modified": "2024-08-21T18:31:28Z",
  "published": "2024-08-21T18:31:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7725"
    },
    {
      "type": "WEB",
      "url": "https://www.foxit.com/support/security-bulletins.html"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1127"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-628X-VQ4W-VW68

Vulnerability from github – Published: 2025-03-04 06:30 – Updated: 2025-03-04 06:30
VLAI
Details

in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-20091"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-03-04T04:15:13Z",
    "severity": "LOW"
  },
  "details": "in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios.",
  "id": "GHSA-628x-vq4w-vw68",
  "modified": "2025-03-04T06:30:33Z",
  "published": "2025-03-04T06:30:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-20091"
    },
    {
      "type": "WEB",
      "url": "https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2025/2025-03.md"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-62C2-HMJM-MPM6

Vulnerability from github – Published: 2026-07-14 18:32 – Updated: 2026-07-14 18:32
VLAI
Details

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-49173"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-07-14T17:16:52Z",
    "severity": "HIGH"
  },
  "details": "Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.",
  "id": "GHSA-62c2-hmjm-mpm6",
  "modified": "2026-07-14T18:32:00Z",
  "published": "2026-07-14T18:32:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-49173"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-49173"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-62CC-G9F4-2R2G

Vulnerability from github – Published: 2022-05-24 17:01 – Updated: 2026-05-28 21:31
VLAI
Details

Use after free in PDFium in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-13721"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-11-25T15:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Use after free in PDFium in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
  "id": "GHSA-62cc-g9f4-2r2g",
  "modified": "2026-05-28T21:31:57Z",
  "published": "2022-05-24T17:01:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13721"
    },
    {
      "type": "WEB",
      "url": "https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_31.html"
    },
    {
      "type": "WEB",
      "url": "https://crbug.com/1013868"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00022.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design

Strategy: Language Selection

Choose a language that provides automatic memory management.

Mitigation
Implementation

Strategy: Attack Surface Reduction

When freeing pointers, be sure to set them to NULL once they are freed. However, the utilization of multiple or complex data structures may lower the usefulness of this strategy.

No CAPEC attack patterns related to this CWE.