CWE-416: Use After Free

Mbed TLS versions before 3.6.4 contain a use-after-free vulnerability in the mbedtls_x509_string_to_names() function. The function unexpectedly frees ...

This CVE describes a use-after-free vulnerability in Firefox's DOM Core & HTML components that could allow attackers to execute arbitrary code or caus...

This is a use-after-free vulnerability in Chrome's CSS engine that allows remote attackers to execute arbitrary code within the browser's sandbox by t...

This is a use-after-free vulnerability in Chrome's Ozone component that could allow heap corruption when users perform specific UI gestures on a malic...

This is a use-after-free vulnerability in Chrome's CSS engine that allows remote attackers to potentially exploit heap corruption. Attackers can trigg...

A use-after-free vulnerability in Firefox's Layout: Scrolling and Overflow component allows attackers to execute arbitrary code by tricking users into...

This CVE describes a use-after-free vulnerability in ANGLE (Almost Native Graphics Layer Engine) in Google Chrome that could allow heap corruption. At...

This vulnerability allows non-privileged users to exploit improper GPU resource management through system calls, potentially leading to use-after-free...

A use-after-free vulnerability in Firefox and Thunderbird's IPC component allows attackers to execute arbitrary code or cause denial of service. This ...

This vulnerability allows remote attackers to execute arbitrary code by tricking users into opening malicious SFD font files or visiting malicious web...

A use-after-free vulnerability in FontForge's SFD file parser allows remote attackers to execute arbitrary code when users open malicious SFD files or...

A use-after-free vulnerability in Apple's WebKit browser engine allows processing malicious web content to execute arbitrary code. This affects multip...

This vulnerability is a use-after-free flaw in Chrome's WebGPU implementation that allows remote attackers to potentially exploit heap corruption. Att...

This CVE describes a use-after-free vulnerability in Chrome's Media Stream component that could allow heap corruption. Attackers could exploit this vi...

This is a use-after-free vulnerability in Google Chrome's Digital Credentials feature that allows heap corruption. Attackers who compromise the render...

This CVE describes a use-after-free vulnerability in the WebRTC audio/video component of Mozilla products. It allows attackers to execute arbitrary co...

This is a use-after-free vulnerability in the Audio/Video component of Mozilla products that could allow an attacker to execute arbitrary code or caus...

This CVE describes a use-after-free vulnerability in the Ozone component of Google Chrome on Linux and ChromeOS. It allows a remote attacker to potent...

This is a use-after-free vulnerability in Chrome's storage component that allows remote code execution when processing malicious video files. Attacker...

A use-after-free vulnerability in Google Chrome's Safe Browsing feature allows attackers who have already compromised the renderer process to potentia...

A use-after-free vulnerability in Apple's WebKit browser engine allows memory corruption when processing malicious web content. This affects users of ...

This CVE describes a use-after-free vulnerability in QuickJS's object printing functions. When printing arrays, maps, or sets, attacker-defined callba...

This vulnerability is a use-after-free memory corruption flaw in Microsoft Remote Desktop Client that allows unauthorized attackers to execute arbitra...

A use-after-free vulnerability in WebRTC in Google Chrome allows remote attackers to potentially exploit heap corruption via a crafted HTML page. This...

This CVE describes a use-after-free vulnerability in Android's Chrome sandbox that allows local attackers to escape the sandbox and attack the system_...

This CVE describes a use-after-free vulnerability in Bluetooth SDP server code that allows remote code execution without user interaction. Attackers w...

This CVE describes a use-after-free vulnerability in Android's Bluetooth HFP (Hands-Free Profile) implementation that allows remote code execution wit...

This critical vulnerability in Google Chrome's ANGLE graphics engine allows attackers to execute arbitrary code or cause system crashes by exploiting ...

This is a use-after-free vulnerability in Chrome's Aura UI framework that could allow heap corruption. Attackers can exploit it by tricking users into...

This CVE describes a use-after-free vulnerability in Vim's tuple reference management when processing nested tuples in Vim script. An attacker could e...

A use-after-free vulnerability in Google Chrome's extension system allows remote attackers to potentially exploit heap corruption via a malicious Chro...

This use-after-free vulnerability in Chrome's Cast component allows attackers to potentially exploit heap corruption by tricking users into visiting m...

This is a use-after-free vulnerability in Chrome's Media Stream component that allows remote attackers to potentially exploit heap corruption. Attacke...

This CVE describes a use-after-free vulnerability in WebRTC within Google Chrome that could allow remote attackers to exploit heap corruption. Attacke...

CVE-2025-47986 is a use-after-free vulnerability in the Universal Print Management Service that allows authenticated attackers to execute arbitrary co...

This is a use-after-free vulnerability in Chrome's Metrics component that allows remote attackers to potentially exploit heap corruption. Attackers ca...

This is a use-after-free vulnerability in Chrome's Blink rendering engine that could allow remote attackers to execute arbitrary code or cause denial ...

This is a use-after-free vulnerability in Chrome's compositing engine that allows remote attackers to potentially exploit heap corruption. Attackers c...

This is a use-after-free vulnerability in Chrome's WebAudio component that allows remote attackers to potentially exploit heap corruption. Attackers c...

A use-after-free memory corruption vulnerability in Apple operating systems allows local network attackers to corrupt process memory. This affects mac...

This CVE describes a use-after-free vulnerability in Apple's WebKit browser engine that could allow arbitrary code execution when processing malicious...

A use-after-free vulnerability in Chrome's Site Isolation feature allows remote attackers to potentially exploit heap corruption via a crafted HTML pa...

This critical vulnerability in Google Chrome's Lens feature allows remote attackers to execute arbitrary code via heap corruption. Attackers can explo...

A use-after-free vulnerability in Chrome's Inspector component allows remote attackers to potentially exploit heap corruption via specially crafted HT...

A use-after-free vulnerability in Google Chrome's Profiles component allows attackers to potentially exploit heap corruption. This affects users who i...