CWE-416
AllowedUse After Free
Abstraction: Variant · Status: Stable
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
9812 vulnerabilities reference this CWE, most recent first.
GHSA-75PF-6V46-5V63
Vulnerability from github – Published: 2025-05-13 21:30 – Updated: 2025-05-13 21:30Substance3D - Stager versions 3.1.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
{
"affected": [],
"aliases": [
"CVE-2025-43570"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-13T21:16:16Z",
"severity": "HIGH"
},
"details": "Substance3D - Stager versions 3.1.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",
"id": "GHSA-75pf-6v46-5v63",
"modified": "2025-05-13T21:30:57Z",
"published": "2025-05-13T21:30:57Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-43570"
},
{
"type": "WEB",
"url": "https://helpx.adobe.com/security/products/substance3d_stager/apsb25-46.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-75PX-8W84-PVHF
Vulnerability from github – Published: 2022-05-14 02:58 – Updated: 2022-05-14 02:58This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Calculate actions of TextBox objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5570.
{
"affected": [],
"aliases": [
"CVE-2018-9966"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-05-17T15:29:00Z",
"severity": "HIGH"
},
"details": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Calculate actions of TextBox objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5570.",
"id": "GHSA-75px-8w84-pvhf",
"modified": "2022-05-14T02:58:19Z",
"published": "2022-05-14T02:58:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-9966"
},
{
"type": "WEB",
"url": "https://www.foxitsoftware.com/support/security-bulletins.php"
},
{
"type": "WEB",
"url": "https://zerodayinitiative.com/advisories/ZDI-18-350"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-75Q5-6X22-QJPW
Vulnerability from github – Published: 2025-02-27 18:31 – Updated: 2025-02-27 18:31In the Linux kernel, the following vulnerability has been resolved:
crypto: ccree - Fix use after free in cc_cipher_exit()
kfree_sensitive(ctx_p->user.key) will free the ctx_p->user.key. But ctx_p->user.key is still used in the next line, which will lead to a use after free.
We can call kfree_sensitive() after dev_dbg() to avoid the uaf.
{
"affected": [],
"aliases": [
"CVE-2022-49258"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-26T07:01:02Z",
"severity": "HIGH"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccree - Fix use after free in cc_cipher_exit()\n\nkfree_sensitive(ctx_p-\u003euser.key) will free the ctx_p-\u003euser.key. But\nctx_p-\u003euser.key is still used in the next line, which will lead to a\nuse after free.\n\nWe can call kfree_sensitive() after dev_dbg() to avoid the uaf.",
"id": "GHSA-75q5-6x22-qjpw",
"modified": "2025-02-27T18:31:08Z",
"published": "2025-02-27T18:31:08Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49258"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/25c358efee5153dfd240d4e0d3169d5bebe9cacd"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/335bf1fc74f775a8255257aa3e33763f2257b676"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3d950c34074ed74d2713c3856ba01264523289e6"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/c93017c8d5ebf55a4e453ac7c84cc84cf92ab570"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/cffb5382bd8d3cf21b874ab5b84bf7618932286b"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-75Q6-Q84V-3C56
Vulnerability from github – Published: 2024-03-12 18:31 – Updated: 2024-03-12 18:31Windows Kernel Elevation of Privilege Vulnerability
{
"affected": [],
"aliases": [
"CVE-2024-26182"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-03-12T17:15:57Z",
"severity": "HIGH"
},
"details": "Windows Kernel Elevation of Privilege Vulnerability",
"id": "GHSA-75q6-q84v-3c56",
"modified": "2024-03-12T18:31:14Z",
"published": "2024-03-12T18:31:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26182"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26182"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-75QJ-FCP3-J9W2
Vulnerability from github – Published: 2023-07-05 09:30 – Updated: 2024-04-04 05:23An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.
{
"affected": [],
"aliases": [
"CVE-2023-37201"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-07-05T09:15:09Z",
"severity": "HIGH"
},
"details": "An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This vulnerability affects Firefox \u003c 115, Firefox ESR \u003c 102.13, and Thunderbird \u003c 102.13.",
"id": "GHSA-75qj-fcp3-j9w2",
"modified": "2024-04-04T05:23:16Z",
"published": "2023-07-05T09:30:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-37201"
},
{
"type": "WEB",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1826002"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00006.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00015.html"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2023/dsa-5450"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2023/dsa-5451"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2023-22"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2023-23"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2023-24"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-75R3-JG89-HHJP
Vulnerability from github – Published: 2024-03-12 18:31 – Updated: 2024-03-12 18:31Open Management Infrastructure (OMI) Remote Code Execution Vulnerability
{
"affected": [],
"aliases": [
"CVE-2024-21334"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-03-12T17:15:49Z",
"severity": "CRITICAL"
},
"details": "Open Management Infrastructure (OMI) Remote Code Execution Vulnerability",
"id": "GHSA-75r3-jg89-hhjp",
"modified": "2024-03-12T18:31:12Z",
"published": "2024-03-12T18:31:12Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21334"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21334"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-75R7-G667-C286
Vulnerability from github – Published: 2022-05-24 17:24 – Updated: 2022-05-24 17:24Use after free in developer tools in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had convinced the user to use developer tools to potentially exploit heap corruption via a crafted HTML page.
{
"affected": [],
"aliases": [
"CVE-2020-6518"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-07-22T17:15:00Z",
"severity": "HIGH"
},
"details": "Use after free in developer tools in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had convinced the user to use developer tools to potentially exploit heap corruption via a crafted HTML page.",
"id": "GHSA-75r7-g667-c286",
"modified": "2022-05-24T17:24:07Z",
"published": "2022-05-24T17:24:07Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6518"
},
{
"type": "WEB",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
},
{
"type": "WEB",
"url": "https://crbug.com/986051"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MTRPPTKZ2RKVH2XGQCWNFZ7FOGQ5LLCA"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MYIDWCHG24ZTFD4P42D4A4WWPPA74BCG"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202007-08"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202101-30"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2021/dsa-4824"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00069.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00007.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00018.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00041.html"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-7639-4X37-QFJ8
Vulnerability from github – Published: 2024-03-04 15:31 – Updated: 2024-03-04 15:31Dell Digital Delivery, versions prior to 5.0.86.0, contain a Use After Free Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to an application crash or execution of arbitrary code.
{
"affected": [],
"aliases": [
"CVE-2024-0155"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-03-04T13:15:44Z",
"severity": "HIGH"
},
"details": "Dell Digital Delivery, versions prior to 5.0.86.0, contain a Use After Free Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to an application crash or execution of arbitrary code.",
"id": "GHSA-7639-4x37-qfj8",
"modified": "2024-03-04T15:31:06Z",
"published": "2024-03-04T15:31:06Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0155"
},
{
"type": "WEB",
"url": "https://www.dell.com/support/kbdoc/en-us/000222292/dsa-2024-033"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-763M-X8V7-RJ25
Vulnerability from github – Published: 2022-05-24 19:20 – Updated: 2022-05-24 19:20Possible race condition can occur due to lack of synchronization mechanism when On-Device Logging node open twice concurrently in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
{
"affected": [],
"aliases": [
"CVE-2021-30263"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-11-12T07:15:00Z",
"severity": "MODERATE"
},
"details": "Possible race condition can occur due to lack of synchronization mechanism when On-Device Logging node open twice concurrently in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music",
"id": "GHSA-763m-x8v7-rj25",
"modified": "2022-05-24T19:20:33Z",
"published": "2022-05-24T19:20:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-30263"
},
{
"type": "WEB",
"url": "https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-764W-G8WQ-QGG3
Vulnerability from github – Published: 2022-05-14 02:34 – Updated: 2025-04-11 04:10Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1313.
{
"affected": [],
"aliases": [
"CVE-2013-1306"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2013-05-15T03:36:00Z",
"severity": "HIGH"
},
"details": "Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka \"Internet Explorer Use After Free Vulnerability,\" a different vulnerability than CVE-2013-1313.",
"id": "GHSA-764w-g8wq-qgg3",
"modified": "2025-04-11T04:10:14Z",
"published": "2022-05-14T02:34:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1306"
},
{
"type": "WEB",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-037"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16398"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/40894"
},
{
"type": "WEB",
"url": "http://blog.skylined.nl/20161208001.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/140092/Microsoft-Internet-Explorer-9-MSHTML-CDispNode-InsertSiblingNode-Use-After-Free.html"
},
{
"type": "WEB",
"url": "http://www.us-cert.gov/ncas/alerts/TA13-134A"
}
],
"schema_version": "1.4.0",
"severity": []
}
Mitigation
Strategy: Language Selection
Choose a language that provides automatic memory management.
Mitigation
Strategy: Attack Surface Reduction
When freeing pointers, be sure to set them to NULL once they are freed. However, the utilization of multiple or complex data structures may lower the usefulness of this strategy.
No CAPEC attack patterns related to this CWE.