CWE-416: Use After Free

CVE-2024-25985 is a use-after-free vulnerability in the bigo_unlocked_ioctl function of bigo.c that allows local privilege escalation without requirin...

This vulnerability allows memory corruption when invoking the HGSL IOCTL context create function in Qualcomm GPU drivers. Attackers could potentially ...

A use-after-free vulnerability in Arm Mali GPU kernel drivers allows local non-privileged users to exploit a race condition under heavy system load to...

This is a use-after-free vulnerability in the Linux kernel's Qualcomm IPC Router (QRTR) subsystem when used with MHI (Modem Host Interface). It allows...

This vulnerability allows memory corruption through improper handling of IOCTL calls for internal memory mapping/unmapping operations in Qualcomm comp...

This vulnerability allows memory corruption in Qualcomm's Graphics Driver when destroying a context with KGSL_GPU_AUX_COMMAND_TIMELINE objects queued....

This vulnerability allows memory corruption in automotive display systems when destroying image handles created using the connected display driver. At...

This CVE describes a memory corruption vulnerability in Qualcomm graphics drivers that occurs while processing user packets for command submission. At...

This CVE describes a memory corruption vulnerability in Qualcomm's audio subsystem that occurs during concurrent tunnel playback or recording sessions...

This is a use-after-free vulnerability in Qualcomm Snapdragon chipsets that allows attackers to execute arbitrary code or cause denial of service. It ...

This is a use-after-free vulnerability in Qualcomm Snapdragon audio components that allows memory corruption. Attackers could potentially execute arbi...

This CVE describes a use-after-free vulnerability in Qualcomm Snapdragon chipsets where DRM file status isn't properly checked after file structure is...

This vulnerability in Qualcomm Snapdragon chipsets allows attackers to execute arbitrary code or cause denial of service through a use-after-free cond...

This vulnerability allows improper memory access due to improper socket state validation in Qualcomm Snapdragon chipsets. Attackers could potentially ...

This vulnerability in Qualcomm Snapdragon Auto chipsets allows attackers to execute arbitrary code or cause denial of service through a use-after-free...

This CVE describes a use-after-free vulnerability in Qualcomm's kernel graphics driver affecting multiple Snapdragon platforms. Attackers could exploi...

This vulnerability is a use-after-free flaw in Qualcomm audio drivers affecting multiple Snapdragon platforms. It allows attackers to potentially exec...

CVE-2021-1905 is a use-after-free vulnerability in Qualcomm Snapdragon chipsets that allows attackers to potentially execute arbitrary code or cause d...

This CVE describes a use-after-free vulnerability in Qualcomm Snapdragon chipsets where a socket freed by one thread can still be accessed by another ...

This vulnerability in Microsoft Speech API (SAPI) allows remote attackers to execute arbitrary code on affected systems by sending specially crafted r...

This vulnerability in Microsoft Edge (Chromium-based) allows remote attackers to execute arbitrary code on affected systems. Attackers could exploit t...

This vulnerability in Microsoft Edge allows attackers to gain elevated privileges on affected systems by exploiting a use-after-free memory corruption...

This vulnerability in Microsoft Edge (Chromium-based) allows attackers to gain elevated privileges on affected systems. It affects users running vulne...

A use-after-free vulnerability in QEMU's LSI53C895A SCSI Host Bus Adapter emulation allows attackers to cause a denial of service or potentially escap...

CVE-2024-37030 is a use-after-free vulnerability in OpenHarmony v4.0.0 and earlier that allows remote attackers to execute arbitrary code in pre-insta...

CVE-2024-21860 is a use-after-free vulnerability in OpenHarmony v4.0.0 and earlier that allows an adjacent attacker to execute arbitrary code in any a...

A DMA reentrancy vulnerability in QEMU's USB EHCI controller emulation allows malicious guests to write crafted data to controller registers during pa...

CVE-2022-1071 is a use-after-free vulnerability in mrb_vm_exec in mruby, a lightweight Ruby implementation. This vulnerability allows attackers to exe...

This CVE-2020-25632 vulnerability in GRUB2 allows attackers to unload kernel modules that other modules depend on, creating a use-after-free condition...

A heap-use-after-free vulnerability in PoDoFo PDF library's PdfTokenizer::ReadDictionary function allows attackers to cause Denial of Service (DoS) by...

A race condition in EOL ASP.NET versions when closing HTTP/3 streams while writing response bodies can cause use-after-free memory corruption, potenti...

CVE-2025-49735 is a use-after-free vulnerability in Windows KDC Proxy Service (KPSSVC) that allows unauthorized attackers to execute arbitrary code re...

A race condition use-after-free vulnerability in ChromeOS Kernel 5.4's virtio_transport_space_update function allows concurrent allocation and freeing...

A use-after-free vulnerability in Windows LDAP allows unauthorized attackers to execute arbitrary code remotely over a network. This affects Windows s...

A use-after-free vulnerability in Exim versions 4.96 through 4.98.1 allows users with command-line access to escalate privileges. This affects systems...

This is a use-after-free vulnerability in DNS Server that allows unauthorized attackers to execute arbitrary code remotely. It affects systems running...

This is a use-after-free vulnerability in Google Chrome's navigation component that allows remote attackers to potentially exploit heap corruption via...

CVE-2022-49043 is a use-after-free vulnerability in libxml2's xmlXIncludeAddNode function that allows attackers to execute arbitrary code or cause den...

This vulnerability allows remote attackers to execute arbitrary code on affected systems by exploiting a use-after-free flaw in the SPNEGO Extended Ne...

This vulnerability allows remote attackers to execute arbitrary code on Windows systems with Remote Desktop Services enabled. Attackers can exploit th...

This vulnerability allows remote attackers to execute arbitrary code on Windows systems running the Line Printer Daemon (LPD) service. Attackers can e...

A use-after-free vulnerability in FortiManager and FortiAnalyzer's fgfmsd daemon allows remote unauthenticated attackers to execute arbitrary code as ...

This vulnerability allows attackers to execute arbitrary code on Windows systems through Remote Desktop Services. It affects Windows servers and works...

This vulnerability allows remote attackers to execute arbitrary code on Windows systems by exploiting a use-after-free bug (CWE-416) in the Local Secu...

This vulnerability in Windows Remote Desktop Services allows unauthorized attackers to execute arbitrary code remotely by exploiting improper memory l...

This vulnerability allows remote attackers to execute arbitrary code on Windows systems running vulnerable Remote Desktop Services. Attackers can pote...

This vulnerability allows remote attackers to execute arbitrary code on systems running Microsoft Message Queuing (MSMQ) by sending specially crafted ...

This vulnerability allows remote attackers to execute arbitrary code on systems running Microsoft Message Queuing (MSMQ) by sending specially crafted ...

This vulnerability allows remote attackers to execute arbitrary code on Windows systems with Remote Desktop Services enabled, potentially gaining full...

This vulnerability allows remote attackers to execute arbitrary code on Windows systems running vulnerable Remote Desktop Services. Attackers can expl...