CWE-416: Use After Free

A use-after-free vulnerability in Firefox's WebRTC audio input handling allows multiple threads to claim the same audio connection, potentially leadin...

CVE-2024-21334 is a use-after-free vulnerability in Open Management Infrastructure (OMI) that allows remote attackers to execute arbitrary code with r...

This vulnerability allows remote attackers to execute arbitrary code or cause denial of service via memory corruption when processing specially crafte...

This CVE describes a use-after-free vulnerability in Apache Xerces C++ XML parser versions 3.0.0 through 3.2.4. When processing external DTDs, the par...

This vulnerability in Ghostscript allows attackers to execute arbitrary code or cause denial of service by exploiting out-of-bounds write and use-afte...

A heap-use-after-free vulnerability in live555 media server allows attackers to execute arbitrary code or cause denial of service by sending specially...

This is a critical use-after-free vulnerability in Apple's WebKit browser engine that allows arbitrary code execution when processing malicious web co...

CVE-2024-22088 is a critical use-after-free vulnerability in Lotos WebServer that allows remote attackers to execute arbitrary code or cause denial of...

CVE-2023-46850 is a use-after-free vulnerability in OpenVPN that can lead to memory corruption, information disclosure, or remote code execution when ...

CVE-2023-38703 is a use-after-free vulnerability in PJSIP's SRTP implementation that occurs when higher-level media transport isn't properly synchroni...

This CVE describes a use-after-free vulnerability in Firefox's Ion Engine hashtable implementation. An attacker could exploit this to execute arbitrar...

This CVE describes a use-after-free vulnerability in Firefox/Thunderbird on Windows when run in non-standard configurations (like using 'runas'). If e...

A use-after-free vulnerability in Accusoft ImageGear's TIFF parsing functionality allows arbitrary code execution when processing specially crafted fi...

This CVE-2023-38598 is a use-after-free vulnerability in Apple operating systems that allows an application to execute arbitrary code with kernel priv...

CVE-2023-29824 is a use-after-free vulnerability in the Py_FindObjects() function in SciPy versions before 1.8.0. This could potentially allow attacke...

This is a critical use-after-free vulnerability in Apple operating systems that allows remote attackers to cause application crashes or execute arbitr...

This is a critical use-after-free vulnerability in macOS that allows remote attackers to cause application crashes or execute arbitrary code on affect...

This is a critical use-after-free vulnerability in Android's attribution processor that allows remote code execution without user interaction. Attacke...

CVE-2023-23392 is a critical remote code execution vulnerability in the Windows HTTP Protocol Stack (http.sys) that allows unauthenticated attackers t...

This critical vulnerability in PMB v7.4.6 allows attackers to upload malicious image files through the camera_upload.php component, leading to arbitra...

CVE-2021-33391 is a use-after-free vulnerability in HTACG HTML Tidy that allows attackers to execute arbitrary code via the -g option in the CleanNode...

This vulnerability in Arm Mali GPU Kernel Driver allows attackers to trigger a use-after-free condition through improper GPU operations, potentially l...

This vulnerability in Arm Mali GPU kernel drivers allows improper GPU memory operations to reach a use-after-free situation. Attackers can exploit thi...

CVE-2022-1795 is a use-after-free vulnerability in GPAC multimedia framework that allows attackers to execute arbitrary code or cause denial of servic...

CVE-2022-29794 is a Use After Free vulnerability in the frame scheduling module of Huawei HarmonyOS and EMUI devices. This vulnerability allows attack...

CVE-2022-1212 is a use-after-free vulnerability in mruby's str_escape function that could allow attackers to execute arbitrary code. This affects appl...

CVE-2022-22641 is a use-after-free vulnerability in Apple operating systems that allows malicious applications to gain elevated privileges. This affec...

This is a use-after-free vulnerability in radare2, a popular reverse engineering framework. Attackers can exploit this to execute arbitrary code or ca...

CVE-2022-0139 is a use-after-free vulnerability in radare2, a popular reverse engineering framework. This allows attackers to execute arbitrary code o...

This vulnerability in the tremor-script Rust crate allows use-after-free memory corruption when performing patch operations. Attackers could exploit t...

This CVE describes a use-after-free vulnerability in Huawei smartphones that allows attackers to execute arbitrary kernel-mode code. Successful exploi...

CVE-2021-22930 is a use-after-free vulnerability in Node.js that allows memory corruption attacks. An attacker could exploit this to execute arbitrary...

This critical vulnerability in Qualcomm Snapdragon chipsets allows remote code execution due to a use-after-free memory corruption flaw in Wi-Fi P2P (...

This is a use-after-free vulnerability in Apple's iOS, iPadOS, watchOS, and tvOS that allows an attacker with JavaScript execution capability to poten...

CVE-2021-38383 is a use-after-free vulnerability in OwnTone's net_bind() function that allows attackers to execute arbitrary code or cause denial of s...

This is a critical use-after-free vulnerability (CWE-416) in Huawei smartphones that allows attackers to execute arbitrary code. Successful exploitati...

This is a critical use-after-free vulnerability in Synology DiskStation Manager's file transfer protocol component that allows remote attackers to exe...

This CVE describes a use-after-free vulnerability in the Hermes JavaScript engine that could allow attackers to execute arbitrary code by crafting mal...

This is a critical heap-use-after-free vulnerability in JerryScript's string handling that allows memory corruption. Attackers can exploit this to exe...

CVE-2021-30474 is a use-after-free vulnerability in libaom's grain_table.c that allows memory corruption. Attackers can exploit this to execute arbitr...

This CVE describes a use-after-free vulnerability in the GNU C Library (glibc) mq_notify function affecting versions 2.32 and 2.33. Attackers could ex...

CVE-2020-36329 is a use-after-free vulnerability in libwebp that allows attackers to execute arbitrary code or cause denial of service. This affects a...

CVE-2021-31166 is a critical remote code execution vulnerability in the Microsoft HTTP Protocol Stack (http.sys) that allows unauthenticated attackers...

This CVE-2021-20231 is a critical use-after-free vulnerability in GnuTLS that occurs when a client sends a key_share extension, potentially leading to...

CVE-2020-1900 is a use-after-free vulnerability in HHVM's object unserialization that occurs when dynamic properties are not properly pre-reserved in ...

This is a use-after-free vulnerability in Qualcomm Snapdragon chipsets that allows attackers to execute arbitrary code or cause denial of service. It ...

This vulnerability is a use-after-free flaw in LG mobile devices' USB laf gadget driver that could allow local attackers to execute arbitrary code wit...

This is a use-after-free vulnerability in Firefox's WebGL implementation where IPC actors can outlive their managers, leading to memory corruption. At...

This vulnerability in the Rio crate for Rust allows attackers to leak structs, potentially exposing sensitive information, causing use-after-free cond...

CVE-2020-35870 is a use-after-free vulnerability in the rusqlite crate for Rust that allows memory corruption through the Auxdata API. This can lead t...