CWE-416: Use After Free

A use-after-free vulnerability in the Linux kernel's core dump subsystem allows local users to crash the system by triggering a kernel panic. This aff...

A use-after-free vulnerability in Firefox's WebAssembly JavaScript component allows attackers to execute arbitrary code by manipulating freed memory. ...

This CVE describes a use-after-free vulnerability in libvpx (VP8/VP9 video codec library) in Google Chrome. A remote attacker could exploit this via a...

This vulnerability is a use-after-free memory corruption flaw in Chrome's V8 JavaScript engine that could allow an attacker to execute arbitrary code ...

This vulnerability in Envoy proxy allows a crash when both request and response phase rate limits are enabled with apply_on_stream_done configuration....

A heap use-after-free vulnerability in ImageMagick's MSL decoder allows attackers to trigger access to freed memory by crafting malicious MSL files. T...

CVE-2026-22040 is a heap memory corruption vulnerability in NanoMQ MQTT Broker that can be triggered by sending specific traffic patterns, causing the...

This CVE describes a heap-use-after-free vulnerability in ImageMagick's MSL (Magick Scripting Language) parser. Attackers can exploit this by crafting...

A Use After Free vulnerability in Arm GPU kernel drivers allows local non-privileged users to access freed memory through GPU operations. This affects...

CVE-2024-9979 is a use-after-free vulnerability in PyO3, a Rust binding for Python. This flaw allows attackers to potentially cause memory corruption ...

This vulnerability in GPAC's MP4Box tool is a use-after-free flaw in the xmt_node_end function that could allow local attackers to crash the applicati...

This vulnerability allows non-privileged software to make improper GPU system calls that trigger use-after-free kernel exceptions. It affects systems ...

An authenticated MongoDB user can trigger a use-after-free vulnerability by executing specific aggregation pipeline operations, causing server crashes...

A use-after-free vulnerability in Windows SMBv3 Client allows authenticated attackers to execute arbitrary code remotely over a network. This affects ...

A use-after-free vulnerability in Tanium's Cloud Workloads Enforce client extension could allow an attacker to execute arbitrary code or cause a denia...

This CVE describes a use-after-free vulnerability in the Linux kernel's NVMe subsystem when using native multipath. The race condition occurs when con...

A race condition in the Linux kernel's gadgetfs driver allows concurrent mounting and unmounting operations to cause a use-after-free vulnerability. T...

CVE-2024-43374 is a use-after-free vulnerability in Vim's argument list handling that can cause the editor to crash. It affects users running Vim vers...

This CVE describes a use-after-free vulnerability in the cjwindow module where a pointer is not properly cleared after memory is freed. Successful exp...

This CVE describes a use-after-free vulnerability in the device node access module of Huawei devices. Successful exploitation could cause service exce...

This CVE describes a use-after-free vulnerability in OpenHarmony v4.1.2 and earlier versions that allows a local attacker to cause a denial of service...

A use-after-free vulnerability in Zabbix's browser.c es_browser_get_variant function could allow memory corruption. This affects Zabbix installations ...

This CVE describes a use-after-free vulnerability in OpenHarmony v4.1.0 that allows a local attacker with high privileges to execute arbitrary code in...

This CVE addresses a missing RCU read-side critical section in the ath11k WiFi driver's packet logging (pktlog) handling in the Linux kernel. The vuln...

This CVE describes a use-after-free vulnerability in the Linux kernel's SMB client implementation. When multiple threads access session structures dur...

A use-after-free vulnerability in Apple's web content processing allows attackers to cause unexpected process crashes by tricking users into visiting ...

A use-after-free vulnerability in Apple Safari, iOS, and iPadOS allows processing malicious web content to cause unexpected crashes. This affects user...

A Use After Free vulnerability in Arm GPU drivers allows non-privileged user processes to access freed memory through GPU operations like WebGL or Web...

A use-after-free vulnerability in Apple operating systems allows parsing malicious files to cause unexpected application termination. This affects use...

A use-after-free vulnerability in Zoom Workplace Apps and SDKs allows authenticated users to cause denial of service through network access. This affe...

A use-after-free vulnerability in Zoom Workplace Apps and SDKs allows authenticated users to cause denial of service through network access. This affe...

A use-after-free vulnerability in Foxit PDF Reader's Doc object handling allows remote attackers to disclose sensitive information. Attackers can expl...

A use-after-free vulnerability in Apple's WebKit browser engine allows processing malicious web content to cause unexpected process crashes. This affe...

This CVE describes a use-after-free vulnerability in pda (likely a MediaTek component) that allows local privilege escalation. An attacker with System...

This CVE describes a use-after-free memory corruption vulnerability in apusys that could allow local privilege escalation. Attackers who already have ...

This CVE describes a use-after-free vulnerability in clkdbg that could allow local privilege escalation. An attacker who already has System privilege ...

This CVE describes a double-free vulnerability in Vim's dialog_changed() function that occurs when abandoning an unnamed modified buffer. The vulnerab...

A type confusion vulnerability in the camera module could allow attackers to cause denial of service conditions. This affects Huawei consumer devices ...

A use-after-free vulnerability in Chrome's V8 JavaScript engine allows attackers to potentially access out-of-bounds memory via malicious HTML pages. ...

This CVE describes a use-after-free vulnerability in FreeRDP's RDPSND audio channel. When exploited, it could allow remote code execution or denial of...

FreeRDP versions before 3.22.0 contain an out-of-bounds read vulnerability in the H.264 video encoding component. Attackers controlling a malicious RD...

FreeRDP versions before 3.22.0 contain a use-after-free vulnerability in the ecam_channel_write function. This occurs when a capture thread sends samp...

This CVE describes a use-after-free vulnerability in FreeRDP's SDL pointer handling that occurs when memory is freed twice on error conditions. Attack...

This CVE describes a use-after-free vulnerability in FreeRDP's URBDRC channel handling. When Asynchronous bulk transfer completions occur after channe...

This is a use-after-free vulnerability in FreeRDP's ainput_send_input_event function, where improper caching of a channel callback without synchroniza...

FreeRDP versions before 3.22.0 contain a use-after-free vulnerability where video_timer can send client notifications after the control channel is clo...

This CVE describes a use-after-free vulnerability in FreeRDP's USB device handling code. An attacker could exploit this to crash the FreeRDP client or...

This is a use-after-free vulnerability in FreeRDP's audio input handling that occurs during format renegotiation. An attacker could potentially exploi...

A use-after-free vulnerability in Schneider Electric's Rapsody software allows remote code execution when users import malicious SSD project files. Th...

A Heap-Use-After-Free vulnerability in NanoMQ's TCP transport component allows attackers to potentially crash the broker or execute arbitrary code by ...