CWE-416: Use After Free

A use-after-free vulnerability in Intel PROSet/Wireless WiFi Software for Windows allows an unauthenticated attacker on the same network to potentiall...

A use-after-free vulnerability in Intel PROSet/Wireless WiFi and Killer WiFi software for Windows allows an unauthenticated attacker on the same netwo...

This CVE describes a use-after-free vulnerability in the Linux kernel's TCP Authentication Option (TCP-AO) implementation. Attackers could potentially...

A Use After Free vulnerability in Arm Mali GPU kernel drivers allows a local non-privileged user to perform improper GPU memory operations. On Armv8.0...

This CVE describes a use-after-free vulnerability in the Linux kernel's rtl8xxxu WiFi driver. When the driver is stopped, a workqueue might still be r...

This CVE describes a use-after-free vulnerability in the Linux kernel's SCSI subsystem. When removing a SCSI host, the .exit_cmd_priv callback could a...

This vulnerability involves a use-after-free flaw in Microsoft Graphics Component that allows an authenticated attacker to execute arbitrary code with...

A use-after-free vulnerability in Windows BitLocker allows authenticated attackers to execute arbitrary code with elevated privileges on affected syst...

A use-after-free vulnerability in Windows Media allows authenticated attackers to execute arbitrary code with elevated privileges on affected systems....

CVE-2024-30102 is a use-after-free vulnerability (CWE-416) in Microsoft Office that allows remote code execution when a user opens a specially crafted...

This vulnerability allows remote code execution in .NET, .NET Framework, and Visual Studio through a use-after-free memory corruption issue (CWE-416)....

This Windows kernel vulnerability allows an authenticated attacker to execute arbitrary code with elevated SYSTEM privileges. It affects Windows syste...

This vulnerability in Microsoft Edge (Chromium-based) allows attackers to execute arbitrary code on a user's system by tricking them into visiting a m...

This vulnerability in Microsoft Message Queuing (MSMQ) allows remote attackers to execute arbitrary code on affected systems by sending specially craf...

This CVE describes a use-after-free vulnerability in FreeRDP's H.264 video codec implementation that could allow remote code execution or denial of se...

This CVE describes a use-after-free vulnerability in Adobe Acrobat Reader DC that allows authenticated attackers to execute arbitrary code when a vict...

This vulnerability in the Rocket web framework for Rust allows use-after-free memory corruption when user-provided functions panic during URI formatti...

CVE-2024-26231 is a use-after-free vulnerability in Windows DNS Server that allows remote attackers to execute arbitrary code with SYSTEM privileges. ...

CVE-2024-26233 is a use-after-free vulnerability in Windows DNS Server that allows remote attackers to execute arbitrary code with SYSTEM privileges. ...

CVE-2024-26227 is a use-after-free vulnerability in Windows DNS Server that allows remote attackers to execute arbitrary code with SYSTEM privileges. ...

CVE-2024-26221 is a use-after-free vulnerability (CWE-416) in Windows DNS Server that allows remote attackers to execute arbitrary code with SYSTEM pr...

CVE-2024-26223 is a use-after-free vulnerability in Windows DNS Server that allows remote attackers to execute arbitrary code with SYSTEM privileges. ...

CVE-2021-42383 is a use-after-free vulnerability in BusyBox's awk applet that can be triggered by processing a specially crafted awk pattern. This vul...

CVE-2021-42385 is a use-after-free vulnerability in BusyBox's awk applet that can be triggered by processing a specially crafted awk pattern. This vul...

CVE-2021-42379 is a use-after-free vulnerability in BusyBox's awk applet that can be triggered by processing a specially crafted awk pattern. This cou...

A use-after-free vulnerability in BusyBox's awk applet allows attackers to cause denial of service or potentially execute arbitrary code by providing ...

A use-after-free vulnerability in Juniper's 802.1X authentication daemon (dot1xd) allows authenticated, network-adjacent attackers to crash the daemon...

This vulnerability allows a denial-of-service condition in Qualcomm hardware when multiple profiles run concurrently with QHS (Qualcomm High-Speed) en...

This CVE describes a use-after-free vulnerability in the Canvas2D graphics component of Mozilla products, allowing sandbox escape. Attackers could exp...

CVE-2025-48821 is a use-after-free vulnerability in Windows Universal Plug and Play (UPnP) Device Host that allows an authenticated attacker on the sa...

This vulnerability allows remote attackers to execute arbitrary code on affected systems by sending specially crafted DHCP packets to the DHCP client ...

This CVE describes a use-after-free vulnerability in the Linux kernel's cachestat functionality. Attackers could potentially exploit this to cause ker...

This CVE describes a use-after-free vulnerability in the Linux kernel's ksmbd SMB server module. An attacker could exploit this to cause denial of ser...

CVE-2024-23839 is a heap use-after-free vulnerability in Suricata's HTTP header parsing. Attackers can cause memory corruption and potential code exec...

This vulnerability allows an attacker to trigger an out-of-bounds memory read in the KSMBD (in-kernel Samba server) and CIFS components of the Linux k...

This vulnerability in Microsoft Edge allows attackers to gain elevated privileges on affected systems by exploiting a use-after-free memory corruption...

This CVE describes a use-after-free vulnerability in the Linux kernel's virtual console screen driver (vc_screen). An attacker with local user access ...

A use-after-free vulnerability in the Linux kernel's r592 memory stick host driver allows local attackers to crash the system during device disconnect...

This CVE describes a use-after-free vulnerability in the ext4 filesystem that affects Apptainer container platform. It allows attackers to potentially...

A use-after-free vulnerability in the Linux kernel's virtio network driver allows local attackers to crash the system or potentially leak kernel memor...

A use-after-free vulnerability in the NFS server implementation in the Linux kernel allows a local attacker to crash the system or potentially leak ke...

A use-after-free vulnerability in the Linux kernel's Bluetooth subsystem allows local attackers to crash the system or potentially escalate privileges...

This is a use-after-free vulnerability in Apple's iOS/iPadOS Mail application that could allow an attacker to execute arbitrary code or crash the appl...

This vulnerability is a use-after-free flaw in the Windows Ancillary Function Driver for WinSock that allows an authenticated attacker to escalate pri...

This CVE describes a use-after-free vulnerability in Windows Hyper-V that allows an authenticated attacker to escalate privileges on the local system....

CVE-2026-24285 is a use-after-free vulnerability in Windows Win32K that allows an authenticated attacker to escalate privileges on a local system. Thi...

A Use After Free vulnerability in Apache Arrow C++ allows memory corruption when reading Arrow IPC files with pre-buffering enabled. This affects C++ ...

This vulnerability involves a use-after-free flaw in the Windows Mailslot File System that allows an authenticated attacker to execute arbitrary code ...

This vulnerability is a use-after-free flaw in Windows Ancillary Function Driver for WinSock that allows an authenticated attacker to execute arbitrar...

This CVE describes a use-after-free vulnerability in Inbox COM Objects that allows an unauthorized attacker to execute arbitrary code locally on affec...