CWE-416: Use After Free

This CVE describes a use-after-free vulnerability in Adobe Acrobat Reader that could allow arbitrary code execution when a user opens a malicious PDF ...

CVE-2023-48011 is a heap-use-after-free vulnerability in GPAC's movie_fragments.c that allows attackers to execute arbitrary code or cause denial of s...

CVE-2023-21381 is a use-after-free vulnerability in Android's Media Resource Manager that allows local arbitrary code execution. This enables local pr...

CVE-2023-21355 is a use-after-free vulnerability in Android's libaudioclient library that allows local privilege escalation without user interaction. ...

This CVE describes a use-after-free vulnerability in Android's InputDevice component that allows local privilege escalation without user interaction. ...

This CVE describes a use-after-free vulnerability in macOS that allows an application to execute arbitrary code with kernel privileges. Attackers coul...

This is a use-after-free vulnerability in Ichitaro 2023's Figure stream parser that allows arbitrary code execution when a user opens a malicious docu...

This CVE describes a use-after-free vulnerability in the Linux kernel's ext4 filesystem driver, specifically in the extents status handling code. Atta...

This CVE describes a use-after-free vulnerability in the Linux kernel's SMB client component that allows local attackers to escalate privileges. The f...

This CVE describes a use-after-free vulnerability in the Linux kernel's netfilter nf_tables component. It allows local attackers to escalate privilege...

This CVE describes a use-after-free vulnerability in Apple's iOS, iPadOS, and macOS that allows a malicious app to execute arbitrary code with kernel ...

This CVE-2023-41071 is a use-after-free vulnerability in Apple operating systems that allows an app to execute arbitrary code with kernel privileges. ...

This CVE describes a use-after-free vulnerability in the Linux kernel's qfq scheduler component that allows local attackers to escalate privileges. Th...

This Windows Graphics Device Interface (GDI) vulnerability allows an attacker to execute arbitrary code with elevated privileges. It affects Windows s...

This Windows GDI vulnerability allows local attackers to escalate privileges on affected systems. An authenticated attacker could exploit this to gain...

This vulnerability in Microsoft Streaming Service Proxy allows attackers to escalate privileges on affected Windows systems. An authenticated attacker...

CVE-2023-36760 is a use-after-free vulnerability in Microsoft 3D Viewer that allows remote code execution when a user opens a specially crafted malici...

This CVE describes a use-after-free vulnerability in Siemens JT2Go, Teamcenter Visualization, and Tecnomatix Plant Simulation software. Attackers can ...

Adobe InCopy versions 17.1 and earlier (and 16.4.1 and earlier) contain a use-after-free vulnerability that could allow attackers to execute arbitrary...

This CVE describes a use-after-free vulnerability in Adobe Acrobat Reader that could allow an attacker to execute arbitrary code on a victim's system....

This CVE describes a use-after-free vulnerability in Adobe Illustrator that could allow an attacker to execute arbitrary code on a victim's system. Th...

This CVE describes a use-after-free vulnerability in the Linux kernel's af_unix component that allows local attackers to escalate privileges. The race...

This CVE describes a use-after-free vulnerability in the Linux kernel's net/sched: cls_route component that allows local attackers to escalate privile...

This CVE describes a use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 traffic control subsystem. It allows a local attacker to es...

This CVE describes a use-after-free vulnerability in the Linux kernel's netfilter nf_tables component. It allows a local attacker to escalate privileg...

This CVE describes a use-after-free vulnerability in Adobe Acrobat Reader DC that allows arbitrary code execution when a user opens a malicious PDF fi...

CVE-2023-4750 is a use-after-free vulnerability in Vim text editor that could allow an attacker to execute arbitrary code by tricking a user into open...

CVE-2020-21722 is a buffer overflow vulnerability in oggvideotools 0.9.1 that allows remote attackers to execute arbitrary code by tricking users into...

CVE-2020-19725 is a use-after-free vulnerability in Z3 theorem prover that occurs during constraint simplification in pdd_simplifier.cpp. This vulnera...

Adobe Dimension 3.4.9 contains a use-after-free vulnerability that could allow an attacker to execute arbitrary code on a victim's system when they op...

CVE-2023-36895 is a use-after-free vulnerability in Microsoft Outlook that allows remote code execution when processing specially crafted email messag...

This is a Windows kernel use-after-free vulnerability that allows local attackers to gain SYSTEM privileges. It affects Windows systems where an authe...

This Windows kernel vulnerability allows an authenticated attacker to execute arbitrary code with elevated SYSTEM privileges. It affects Windows opera...

A use-after-free vulnerability in Solid Edge SE2023 allows attackers to execute arbitrary code by tricking users into opening malicious DWG files. Thi...

A use-after-free vulnerability in Siemens JT2Go, Solid Edge, and Teamcenter Visualization applications allows remote code execution when parsing malic...

A use-after-free vulnerability in Omron CX-Programmer versions 9.79 and earlier allows attackers to cause information disclosure or execute arbitrary ...

A use-after-free vulnerability in Omron CX-Programmer versions 9.79 and earlier allows attackers to cause information disclosure or arbitrary code exe...

This is a use-after-free vulnerability in Apple operating systems that allows an application to execute arbitrary code with kernel privileges. It affe...

This CVE describes a use-after-free vulnerability in Apple operating systems that allows an application to execute arbitrary code with kernel privileg...

This CVE describes a use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component that allows local privilege escalation. Attackers...

A use-after-free vulnerability in SOLIDWORKS Desktop allows attackers to execute arbitrary code when users open malicious SLDPRT files. This affects S...

This vulnerability allows remote code execution through the Windows Online Certificate Status Protocol (OCSP) SnapIn component. Attackers can exploit ...

This vulnerability allows remote code execution through specially crafted Office documents containing malicious graphics. Attackers can exploit this b...

This vulnerability allows an attacker to gain SYSTEM-level privileges on Windows systems by exploiting a use-after-free bug in the Win32k driver. It a...

This Linux kernel vulnerability allows attackers to exploit incorrect lock handling in virtual memory area management, leading to use-after-free condi...

This CVE-2023-31248 is a use-after-free vulnerability in the Linux kernel's nftables subsystem that allows local attackers to escalate privileges. The...

A use-after-free vulnerability in the Linux kernel's netfilter subsystem allows local attackers with user access to escalate privileges. The flaw occu...

This CVE describes a use-after-free vulnerability in the Android kernel's I2C device driver that allows local privilege escalation without user intera...

A use-after-free vulnerability in Autodesk Navisworks allows malicious SKP files to trigger memory corruption, potentially leading to arbitrary code e...

CVE-2023-28287 is a use-after-free vulnerability in Microsoft Publisher that allows remote code execution when a user opens a specially crafted Publis...