Common Weakness Enumeration

CWE-416

Allowed

Use After Free

Abstraction: Variant · Status: Stable

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

9812 vulnerabilities reference this CWE, most recent first.

GHSA-75PF-6V46-5V63

Vulnerability from github – Published: 2025-05-13 21:30 – Updated: 2025-05-13 21:30
VLAI
Details

Substance3D - Stager versions 3.1.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-43570"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-13T21:16:16Z",
    "severity": "HIGH"
  },
  "details": "Substance3D - Stager versions 3.1.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",
  "id": "GHSA-75pf-6v46-5v63",
  "modified": "2025-05-13T21:30:57Z",
  "published": "2025-05-13T21:30:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-43570"
    },
    {
      "type": "WEB",
      "url": "https://helpx.adobe.com/security/products/substance3d_stager/apsb25-46.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-75PX-8W84-PVHF

Vulnerability from github – Published: 2022-05-14 02:58 – Updated: 2022-05-14 02:58
VLAI
Details

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Calculate actions of TextBox objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5570.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-9966"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-05-17T15:29:00Z",
    "severity": "HIGH"
  },
  "details": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Calculate actions of TextBox objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5570.",
  "id": "GHSA-75px-8w84-pvhf",
  "modified": "2022-05-14T02:58:19Z",
  "published": "2022-05-14T02:58:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-9966"
    },
    {
      "type": "WEB",
      "url": "https://www.foxitsoftware.com/support/security-bulletins.php"
    },
    {
      "type": "WEB",
      "url": "https://zerodayinitiative.com/advisories/ZDI-18-350"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-75Q5-6X22-QJPW

Vulnerability from github – Published: 2025-02-27 18:31 – Updated: 2025-02-27 18:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

crypto: ccree - Fix use after free in cc_cipher_exit()

kfree_sensitive(ctx_p->user.key) will free the ctx_p->user.key. But ctx_p->user.key is still used in the next line, which will lead to a use after free.

We can call kfree_sensitive() after dev_dbg() to avoid the uaf.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-49258"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-26T07:01:02Z",
    "severity": "HIGH"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccree - Fix use after free in cc_cipher_exit()\n\nkfree_sensitive(ctx_p-\u003euser.key) will free the ctx_p-\u003euser.key. But\nctx_p-\u003euser.key is still used in the next line, which will lead to a\nuse after free.\n\nWe can call kfree_sensitive() after dev_dbg() to avoid the uaf.",
  "id": "GHSA-75q5-6x22-qjpw",
  "modified": "2025-02-27T18:31:08Z",
  "published": "2025-02-27T18:31:08Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49258"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/25c358efee5153dfd240d4e0d3169d5bebe9cacd"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/335bf1fc74f775a8255257aa3e33763f2257b676"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3d950c34074ed74d2713c3856ba01264523289e6"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c93017c8d5ebf55a4e453ac7c84cc84cf92ab570"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/cffb5382bd8d3cf21b874ab5b84bf7618932286b"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-75Q6-Q84V-3C56

Vulnerability from github – Published: 2024-03-12 18:31 – Updated: 2024-03-12 18:31
VLAI
Details

Windows Kernel Elevation of Privilege Vulnerability

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-26182"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-03-12T17:15:57Z",
    "severity": "HIGH"
  },
  "details": "Windows Kernel Elevation of Privilege Vulnerability",
  "id": "GHSA-75q6-q84v-3c56",
  "modified": "2024-03-12T18:31:14Z",
  "published": "2024-03-12T18:31:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26182"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26182"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-75QJ-FCP3-J9W2

Vulnerability from github – Published: 2023-07-05 09:30 – Updated: 2024-04-04 05:23
VLAI
Details

An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-37201"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-07-05T09:15:09Z",
    "severity": "HIGH"
  },
  "details": "An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This vulnerability affects Firefox \u003c 115, Firefox ESR \u003c 102.13, and Thunderbird \u003c 102.13.",
  "id": "GHSA-75qj-fcp3-j9w2",
  "modified": "2024-04-04T05:23:16Z",
  "published": "2023-07-05T09:30:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-37201"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1826002"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00006.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00015.html"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2023/dsa-5450"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2023/dsa-5451"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2023-22"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2023-23"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2023-24"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-75R3-JG89-HHJP

Vulnerability from github – Published: 2024-03-12 18:31 – Updated: 2024-03-12 18:31
VLAI
Details

Open Management Infrastructure (OMI) Remote Code Execution Vulnerability

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-21334"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-03-12T17:15:49Z",
    "severity": "CRITICAL"
  },
  "details": "Open Management Infrastructure (OMI) Remote Code Execution Vulnerability",
  "id": "GHSA-75r3-jg89-hhjp",
  "modified": "2024-03-12T18:31:12Z",
  "published": "2024-03-12T18:31:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21334"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21334"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-75R7-G667-C286

Vulnerability from github – Published: 2022-05-24 17:24 – Updated: 2022-05-24 17:24
VLAI
Details

Use after free in developer tools in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had convinced the user to use developer tools to potentially exploit heap corruption via a crafted HTML page.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-6518"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-07-22T17:15:00Z",
    "severity": "HIGH"
  },
  "details": "Use after free in developer tools in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had convinced the user to use developer tools to potentially exploit heap corruption via a crafted HTML page.",
  "id": "GHSA-75r7-g667-c286",
  "modified": "2022-05-24T17:24:07Z",
  "published": "2022-05-24T17:24:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6518"
    },
    {
      "type": "WEB",
      "url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
    },
    {
      "type": "WEB",
      "url": "https://crbug.com/986051"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MTRPPTKZ2RKVH2XGQCWNFZ7FOGQ5LLCA"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MYIDWCHG24ZTFD4P42D4A4WWPPA74BCG"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202007-08"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202101-30"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2021/dsa-4824"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00069.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00007.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00018.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00041.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-7639-4X37-QFJ8

Vulnerability from github – Published: 2024-03-04 15:31 – Updated: 2024-03-04 15:31
VLAI
Details

Dell Digital Delivery, versions prior to 5.0.86.0, contain a Use After Free Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to an application crash or execution of arbitrary code.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-0155"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-03-04T13:15:44Z",
    "severity": "HIGH"
  },
  "details": "Dell Digital Delivery, versions prior to 5.0.86.0, contain a Use After Free Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to an application crash or execution of arbitrary code.",
  "id": "GHSA-7639-4x37-qfj8",
  "modified": "2024-03-04T15:31:06Z",
  "published": "2024-03-04T15:31:06Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0155"
    },
    {
      "type": "WEB",
      "url": "https://www.dell.com/support/kbdoc/en-us/000222292/dsa-2024-033"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-763M-X8V7-RJ25

Vulnerability from github – Published: 2022-05-24 19:20 – Updated: 2022-05-24 19:20
VLAI
Details

Possible race condition can occur due to lack of synchronization mechanism when On-Device Logging node open twice concurrently in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-30263"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-11-12T07:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Possible race condition can occur due to lack of synchronization mechanism when On-Device Logging node open twice concurrently in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music",
  "id": "GHSA-763m-x8v7-rj25",
  "modified": "2022-05-24T19:20:33Z",
  "published": "2022-05-24T19:20:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-30263"
    },
    {
      "type": "WEB",
      "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-764W-G8WQ-QGG3

Vulnerability from github – Published: 2022-05-14 02:34 – Updated: 2025-04-11 04:10
VLAI
Details

Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1313.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2013-1306"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2013-05-15T03:36:00Z",
    "severity": "HIGH"
  },
  "details": "Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka \"Internet Explorer Use After Free Vulnerability,\" a different vulnerability than CVE-2013-1313.",
  "id": "GHSA-764w-g8wq-qgg3",
  "modified": "2025-04-11T04:10:14Z",
  "published": "2022-05-14T02:34:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1306"
    },
    {
      "type": "WEB",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-037"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16398"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/40894"
    },
    {
      "type": "WEB",
      "url": "http://blog.skylined.nl/20161208001.html"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/140092/Microsoft-Internet-Explorer-9-MSHTML-CDispNode-InsertSiblingNode-Use-After-Free.html"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/ncas/alerts/TA13-134A"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Mitigation
Architecture and Design

Strategy: Language Selection

Choose a language that provides automatic memory management.

Mitigation
Implementation

Strategy: Attack Surface Reduction

When freeing pointers, be sure to set them to NULL once they are freed. However, the utilization of multiple or complex data structures may lower the usefulness of this strategy.

No CAPEC attack patterns related to this CWE.