CWE-416: Use After Free

NVIDIA vGPU software contains a use-after-free vulnerability in the Virtual GPU Manager that allows a malicious guest VM to access heap memory after i...

A use-after-free vulnerability in the Linux kernel's Tegra ADMA driver allows memory corruption when audio streams terminate during XRUN conditions. T...

A race condition in the Linux kernel's ublk driver allows use-after-free when partition scanning occurs during device teardown. This vulnerability cou...

This CVE describes a race condition vulnerability in the Linux kernel's NFS server (nfsd) that can lead to use-after-free memory corruption. The issue...

This vulnerability allows remote attackers to execute arbitrary code by tricking users into opening malicious SKP files in Trimble SketchUp. Attackers...

CVE-2026-21287 is a use-after-free vulnerability in Substance3D Stager that allows arbitrary code execution when a user opens a malicious file. This a...

This vulnerability is a use-after-free memory corruption flaw in Microsoft Office Excel that allows an attacker to execute arbitrary code on a victim'...

This is a use-after-free vulnerability in the Windows Win32K ICOMP component that allows an authenticated attacker to execute arbitrary code with elev...

This CVE describes a use-after-free vulnerability in Windows Management Services that allows an authenticated attacker to execute arbitrary code with ...

This CVE describes a use-after-free vulnerability in the Windows Win32K ICOMP component that allows an authenticated attacker to escalate privileges l...

This CVE describes a use-after-free vulnerability in Desktop Windows Manager that allows an authenticated attacker to execute arbitrary code with elev...

This vulnerability involves a use-after-free memory corruption flaw in Windows Management Services that allows an authenticated attacker to execute ar...

This CVE describes a use-after-free vulnerability in Windows Kernel-Mode Drivers that allows an authenticated attacker to execute arbitrary code with ...

This vulnerability involves a use-after-free flaw in Microsoft's Graphics Component that allows an authenticated attacker to execute arbitrary code wi...

This CVE describes a use-after-free vulnerability in Imagination Technologies GPU drivers where improper reference counting allows non-privileged user...

This CVE describes a use-after-free vulnerability in the Linux kernel's ksmbd SMB server module. Under high concurrency conditions, a tree-connection ...

A use-after-free vulnerability in Samsung's PROCA driver allows local attackers to potentially execute arbitrary code with kernel privileges. This aff...

This vulnerability involves memory corruption during HDCP session deinitialization, potentially allowing attackers to execute arbitrary code or cause ...

CVE-2025-20799 is a use-after-free vulnerability in c2ps that allows memory corruption. This enables local privilege escalation from System privilege ...

This CVE describes a use-after-free memory corruption vulnerability in display components that could allow local privilege escalation. Attackers who a...

This CVE describes a use-after-free memory corruption vulnerability in a display component that could allow local privilege escalation. Attackers who ...

This CVE describes a use-after-free vulnerability in the Linux kernel's HID uclogic driver. When the input device is unregistered, it can trigger a ue...

This vulnerability allows remote attackers to execute arbitrary code by tricking users into opening malicious XCF files in GIMP. The use-after-free fl...

A use-after-free vulnerability in Foxit PDF Reader's PDF parsing allows remote code execution when opening malicious PDF files. This affects Windows u...

A use-after-free vulnerability in Foxit PDF Reader's annotation handling allows remote code execution when opening malicious PDF files containing craf...

A use-after-free vulnerability in Foxit PDF software allows remote code execution when opening malicious PDF files containing crafted JavaScript. This...

A use-after-free vulnerability in NI LabVIEW's sentry!sentry_span_set_data() function when parsing corrupted VI files could allow information disclosu...

This vulnerability allows memory corruption when a user-space application makes concurrent memory mapping and unmapping requests. It affects systems u...

This vulnerability allows attackers to cause memory corruption through improper handling of IOCTL calls when setting modes. Successful exploitation co...

This vulnerability allows memory corruption in Qualcomm video processing components when a video session fails to open due to timeout errors. Attacker...

A Use After Free vulnerability in AzeoTech DAQFactory allows attackers to execute arbitrary code by tricking users into opening malicious .ctl files. ...

A use-after-free vulnerability in GRUB's gettext module allows attackers to invoke an orphaned command after module unloading, causing memory access t...

A use-after-free vulnerability in Autodesk 3ds Max allows malicious DWG files to cause crashes, data leaks, or arbitrary code execution when opened. T...

This CVE describes a use-after-free vulnerability in the Linux kernel's TLS implementation. When setsockopt() is called, get_netdev_for_sock() could a...

A use-after-free vulnerability in Substance3D Stager versions 3.1.5 and earlier allows attackers to execute arbitrary code when a user opens a malicio...

CVE-2025-61834 is a use-after-free vulnerability in Substance3D Stager that could allow arbitrary code execution when a user opens a malicious file. T...

This vulnerability is a use-after-free memory corruption flaw in Microsoft Office that allows an attacker to execute arbitrary code on a victim's syst...

A use-after-free vulnerability in Microsoft Office Word allows attackers to execute arbitrary code on a victim's system by tricking them into opening ...

CVE-2025-62199 is a use-after-free vulnerability in Microsoft Office that allows an attacker to execute arbitrary code on a victim's system by trickin...

This vulnerability is a use-after-free flaw in Microsoft Office Excel that allows an unauthorized attacker to execute arbitrary code on a victim's sys...

CVE-2025-60707 is a use-after-free vulnerability in Windows Multimedia Class Scheduler Service (MMCSS) that allows authenticated attackers to execute ...

Adobe InDesign versions 20.5, 19.5.5 and earlier contain a use-after-free vulnerability that could allow attackers to execute arbitrary code when a us...

Adobe InCopy versions 20.5, 19.5.5 and earlier contain a use-after-free vulnerability that could allow attackers to execute arbitrary code when a user...

A use-after-free vulnerability in Adobe InCopy allows arbitrary code execution when a user opens a malicious file. This affects users running vulnerab...

Adobe InDesign versions 20.5, 19.5.5 and earlier contain a use-after-free vulnerability that could allow arbitrary code execution when a user opens a ...

This vulnerability allows remote attackers to execute arbitrary code on Ashlar-Vellum Cobalt installations by tricking users into opening malicious CO...

A use-after-free vulnerability in GCC Productions Inc. Fade In 4.2.0's XML parser allows heap-based memory corruption when processing malicious .xml f...

Adobe Animate versions 23.0.13, 24.0.10 and earlier contain a use-after-free vulnerability that could allow attackers to execute arbitrary code on a v...

CVE-2025-61802 is a use-after-free vulnerability in Substance3D Stager that could allow arbitrary code execution when a user opens a malicious file. T...

Adobe Framemaker versions 2020.9, 2022.7 and earlier contain a use-after-free vulnerability that could allow attackers to execute arbitrary code when ...