CWE-416— Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.— MITRE CWE catalog
7,235 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-416page 2 of 145
- CVE-2011-1301NONECVSS 0.0EG 0.02011-04-15
Use-after-free vulnerability in the GPU process in Google Chrome before 10.0.648.205 allows remote attackers to execute arbitrary code via unknown vectors.
- CVE-2011-1440NONECVSS 0.0EG 0.02011-05-03
Use-after-free vulnerability in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the ruby element and Cascading Style Sheets (CSS) token …
- CVE-2011-1449NONECVSS 0.0EG 0.02011-05-03
Use-after-free vulnerability in the WebSockets implementation in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
- CVE-2011-1454NONECVSS 0.0EG 0.02011-05-03
Use-after-free vulnerability in the DOM id handling functionality in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted HTML document.
- CVE-2011-1808NONECVSS 0.0EG 0.02011-06-09
Use-after-free vulnerability in Google Chrome before 12.0.742.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to incorrect integer calculations during float handling.
- CVE-2011-1809NONECVSS 0.0EG 0.02011-06-09
Use-after-free vulnerability in the accessibility feature in Google Chrome before 12.0.742.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
- CVE-2011-1816NONECVSS 0.0EG 0.02011-06-09
Use-after-free vulnerability in the developer tools in Google Chrome before 12.0.742.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
- CVE-2011-1818NONECVSS 0.0EG 0.02011-06-09
Use-after-free vulnerability in the image loader in Google Chrome before 12.0.742.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
- CVE-2011-1874HIGHCVSS 7.8EG 7.82011-07-13
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows…
- CVE-2011-2334MEDIUMCVSS 6.5EG 6.52019-11-12
Use after free vulnerability exists in WebKit in Google Chrome before Blink M12 in RenderLayerwhen removing elements with reflections.
- CVE-2011-2346NONECVSS 0.0EG 0.02011-06-29
Use-after-free vulnerability in Google Chrome before 12.0.742.112 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG fonts.
- CVE-2011-2349NONECVSS 0.0EG 0.02011-06-29
Use-after-free vulnerability in Google Chrome before 12.0.742.112 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to text selection.
- CVE-2011-2351NONECVSS 0.0EG 0.02011-06-29
Use-after-free vulnerability in Google Chrome before 12.0.742.112 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG use elements.
- CVE-2011-2353MEDIUMCVSS 6.5EG 6.52019-11-07
Use after free vulnerability in documentloader in WebKit in Google Chrome before Blink M13 in DocumentWriter::replaceDocument function.
- CVE-2011-2789NONECVSS 0.0EG 0.02011-08-03
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to instantiation of the Pepper plug-in.
- CVE-2011-2790NONECVSS 0.0EG 0.02011-08-03
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving floating styles.
- CVE-2011-2792NONECVSS 0.0EG 0.02011-08-03
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to float removal.
- CVE-2011-2793NONECVSS 0.0EG 0.02011-08-03
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to media selectors.
- CVE-2011-2796NONECVSS 0.0EG 0.02011-08-03
Use-after-free vulnerability in Skia, as used in Google Chrome before 13.0.782.107, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
- CVE-2011-2797NONECVSS 0.0EG 0.02011-08-03
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to resource caching.
- CVE-2011-2799NONECVSS 0.0EG 0.02011-08-03
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to HTML range handling.
- CVE-2011-2801NONECVSS 0.0EG 0.02011-08-03
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the frame loader.
- CVE-2011-2818NONECVSS 0.0EG 0.02011-08-03
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to display box rendering.
- CVE-2011-2823NONECVSS 0.0EG 0.02011-08-29
Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a line box.
- CVE-2011-2824NONECVSS 0.0EG 0.02011-08-29
Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving counter nodes.
- CVE-2011-2825NONECVSS 0.0EG 0.02011-08-29
Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving custom fonts.
- CVE-2011-2827NONECVSS 0.0EG 0.02011-08-29
Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to text searching.
- CVE-2011-2846NONECVSS 0.0EG 0.02011-09-19
Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to unload event handling.
- CVE-2011-2847NONECVSS 0.0EG 0.02011-09-19
Use-after-free vulnerability in the document loader in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.
- CVE-2011-2853NONECVSS 0.0EG 0.02011-09-19
Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to plug-in handling.
- CVE-2011-2854NONECVSS 0.0EG 0.02011-09-19
Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "ruby / table style handing."
- CVE-2011-2857NONECVSS 0.0EG 0.02011-09-19
Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the focus controller.
- CVE-2011-2860NONECVSS 0.0EG 0.02011-09-19
Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to table styles.
- CVE-2011-2876NONECVSS 0.0EG 0.02011-10-04
Use-after-free vulnerability in Google Chrome before 14.0.835.202 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a text line box.
- CVE-2011-2880NONECVSS 0.0EG 0.02011-10-04
Use-after-free vulnerability in Google Chrome before 14.0.835.202 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the Google V8 bindings.
- CVE-2011-3016NONECVSS 0.0EG 0.02012-02-16
Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving counter nodes, related to a "read-after-free" issue.
- CVE-2011-3017NONECVSS 0.0EG 0.02012-02-16
Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to database handling.
- CVE-2011-3021NONECVSS 0.0EG 0.02012-02-16
Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to subframe loading.
- CVE-2011-3023NONECVSS 0.0EG 0.02012-02-16
Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to drag-and-drop operations.
- CVE-2011-3031NONECVSS 0.0EG 0.02012-03-05
Use-after-free vulnerability in the element wrapper in Google V8, as used in Google Chrome before 17.0.963.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
- CVE-2011-3032NONECVSS 0.0EG 0.02012-03-05
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of SVG values.
- CVE-2011-3034NONECVSS 0.0EG 0.02012-03-05
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving an SVG document.
- CVE-2011-3035NONECVSS 0.0EG 0.02012-03-05
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG use elements.
- CVE-2011-3038NONECVSS 0.0EG 0.02012-03-05
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to multi-column handling.
- CVE-2011-3039NONECVSS 0.0EG 0.02012-03-05
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to quote handling.
- CVE-2011-3041NONECVSS 0.0EG 0.02012-03-05
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of class attributes.
- CVE-2011-3042NONECVSS 0.0EG 0.02012-03-05
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of table sections.
- CVE-2011-3043NONECVSS 0.0EG 0.02012-03-05
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a flexbox (aka flexible box) in conjunction with the floa…
- CVE-2011-3044NONECVSS 0.0EG 0.02012-03-05
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG animation elements.
- CVE-2011-3050NONECVSS 0.0EG 0.02012-03-22
Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :…
Map vulnerabilities like CWE-416 to your infrastructure
EchelonGraph correlates every CVE — across CWE-416 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →