CWE-416— Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.— MITRE CWE catalog
7,393 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-416page 89 of 148
- CVE-2024-2410HIGHCVSS 7.6EG 7.62024-05-03
The JsonToBinaryStream() function is part of the protocol buffers C++ implementation and is used to parse JSON from a stream. If the input is broken up into separate chunks in a certain way, the parser will attempt to read bytes from a ch…
- CVE-2024-24189CRITICALCVSS 9.8EG 9.82024-02-07
Jsish v3.5.0 (commit 42c694c) was discovered to contain a use-after-free via the SplitChar at ./src/jsiUtils.c.
- CVE-2024-24260HIGHCVSS 7.5EG 7.52024-02-05
media-server v1.0.0 was discovered to contain a Use-After-Free (UAF) vulnerability via the sip_subscribe_remove function at /uac/sip-uac-subscribe.c.
- CVE-2024-24262HIGHCVSS 7.5EG 7.52024-02-05
media-server v1.0.0 was discovered to contain a Use-After-Free (UAF) vulnerability via the sip_uac_stop_timer function at /uac/sip-uac-transaction.c.
- CVE-2024-24263HIGHCVSS 7.5EG 7.52024-02-05
Lotos WebServer v0.1.1 was discovered to contain a Use-After-Free (UAF) vulnerability via the response_append_status_line function at /lotos/src/response.c.
- CVE-2024-24266HIGHCVSS 7.5EG 7.52024-02-05
gpac v2.2.1 was discovered to contain a Use-After-Free (UAF) vulnerability via the dasher_configure_pid function at /src/filters/dasher.c.
- CVE-2024-24793HIGHCVSS 8.1EG 8.12024-02-20
A use-after-free vulnerability exists in the DICOM Element Parsing as implemented in Imaging Data Commons libdicom 1.0.5. A specially crafted DICOM file can cause premature freeing of memory that is used later. To trigger this vulnerabilit…
- CVE-2024-24794HIGHCVSS 8.1EG 8.12024-02-20
A use-after-free vulnerability exists in the DICOM Element Parsing as implemented in Imaging Data Commons libdicom 1.0.5. A specially crafted DICOM file can cause premature freeing of memory that is used later. To trigger this vulnerabilit…
- CVE-2024-24990HIGHCVSS 7.5EG 7.52024-02-14
When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate. Note: The HTTP/3 QUIC module is not enabled by default and is considered experimental. For more…
- CVE-2024-25062HIGHCVSS 7.5EG 7.52024-02-04
An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-af…
- CVE-2024-25110CRITICALCVSS 9.8EG 9.82024-02-12
The UAMQP is a general purpose C library for AMQP 1.0. During a call to open_get_offered_capabilities, a memory allocation may fail causing a use-after-free issue and if a client called it during connection communication it may cause a rem…
- CVE-2024-25198CRITICALCVSS 9.1EG 9.12024-02-20
Inappropriate pointer order of laser_scan_filter_.reset() and tf_listener_.reset() (amcl_node.cpp) in Open Robotics Robotic Operating Sytstem 2 (ROS2) and Nav2 humble versions leads to a use-after-free.
- CVE-2024-25199HIGHCVSS 8.1EG 8.12024-02-20
Inappropriate pointer order of map_sub_ and map_free(map_) (amcl_node.cpp) in Open Robotics Robotic Operating Sytstem 2 (ROS2) and Nav2 humble versions leads to a use-after-free.
- CVE-2024-25385MEDIUMCVSS 6.2EG 6.22024-02-22
An issue in flvmeta v.1.2.2 allows a local attacker to cause a denial of service via the flvmeta/src/flv.c:375:21 function in flv_close.
- CVE-2024-25443HIGHCVSS 7.8EG 7.82024-02-09
An issue in the HuginBase::ImageVariable<double>::linkWith function of Hugin v2022.0.0 allows attackers to cause a heap-use-after-free via parsing a crafted image.
- CVE-2024-25648HIGHCVSS 8.8EG 8.82024-04-30
A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a ComboBox widget. A specially crafted JavaScript code inside a malicious PDF document can trigger reuse of a previously freed object, which can lead to m…
- CVE-2024-25763MEDIUMCVSS 5.5EG 5.52024-02-26
openNDS 10.2.0 is vulnerable to Use-After-Free via /openNDS/src/auth.c.
- CVE-2024-25767MEDIUMCVSS 6.5EG 6.52024-02-26
nanomq 0.21.2 contains a Use-After-Free vulnerability in /nanomq/nng/src/core/socket.c.
- CVE-2024-25938HIGHCVSS 8.8EG 8.82024-04-30
A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a Barcode widget. A specially crafted JavaScript code inside a malicious PDF document can trigger reuse of a previously freed object, which can lead to me…
- CVE-2024-25985HIGHCVSS 8.4EG 8.42024-03-11
In bigo_unlocked_ioctl of bigo.c, there is a possible UAF due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- CVE-2024-2612HIGHCVSS 8.1EG 8.12024-03-19
If an attacker could find a way to trigger a particular code path in `SafeRefPtr`, it could have triggered a crash or potentially be leveraged to achieve code execution. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Th…
- CVE-2024-26182HIGHCVSS 7.8EG 7.82024-03-12
Windows Kernel Elevation of Privilege Vulnerability
- CVE-2024-26186HIGHCVSS 8.8EG 8.82024-09-10
Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
- CVE-2024-26221HIGHCVSS 7.2EG 7.22024-04-09
Windows DNS Server Remote Code Execution Vulnerability
- CVE-2024-26222HIGHCVSS 7.2EG 7.22024-04-09
Windows DNS Server Remote Code Execution Vulnerability
- CVE-2024-26223HIGHCVSS 7.2EG 7.22024-04-09
Windows DNS Server Remote Code Execution Vulnerability
- CVE-2024-26224HIGHCVSS 7.2EG 7.22024-04-09
Windows DNS Server Remote Code Execution Vulnerability
- CVE-2024-26227HIGHCVSS 7.2EG 7.22024-04-09
Windows DNS Server Remote Code Execution Vulnerability
- CVE-2024-26230HIGHCVSS 7.8EG 7.82024-04-09
Windows Telephony Server Elevation of Privilege Vulnerability
- CVE-2024-26231HIGHCVSS 7.2EG 7.22024-04-09
Windows DNS Server Remote Code Execution Vulnerability
- CVE-2024-26233HIGHCVSS 7.2EG 7.22024-04-09
Windows DNS Server Remote Code Execution Vulnerability
- CVE-2024-26237HIGHCVSS 7.8EG 7.82024-04-09
Windows Defender Credential Guard Elevation of Privilege Vulnerability
- CVE-2024-26241HIGHCVSS 7.8EG 7.82024-04-09
Win32k Elevation of Privilege Vulnerability
- CVE-2024-2627HIGHCVSS 8.8EG 8.82024-03-20
Use after free in Canvas in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
- CVE-2024-26333MEDIUMCVSS 5.5EG 5.52024-03-05
swftools v0.9.2 was discovered to contain a segmentation violation via the function free_lines at swftools/lib/modules/swfshape.c.
- CVE-2024-26455HIGHCVSS 7.5EG 7.52024-02-26
fluent-bit 2.2.2 contains a Use-After-Free vulnerability in /fluent-bit/plugins/custom_calyptia/calyptia.c.
- CVE-2024-26581HIGHCVSS 7.8EG 7.82024-02-20
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip end interval element from gc rbtree lazy gc on insert might collect an end interval element that has been just added in this transactions…
- CVE-2024-26582HIGHCVSS 7.8EG 7.82024-02-21
In the Linux kernel, the following vulnerability has been resolved: net: tls: fix use-after-free with partial reads and async decrypt tls_decrypt_sg doesn't take a reference on the pages from clear_skb, so the put_page() in tls_decrypt_d…
- CVE-2024-26592HIGHCVSS 7.8EG 7.82024-02-22
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix UAF issue in ksmbd_tcp_new_connection() The race is between the handling of a new TCP connection and its disconnection. It leads to UAF on `struct tcp_transpo…
- CVE-2024-26598HIGHCVSS 7.8EG 7.82024-02-23
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache There is a potential UAF scenario in the case of an LPI translation cache hit racing with an operation…
- CVE-2024-26616HIGHCVSS 7.8EG 7.82024-03-11
In the Linux kernel, the following vulnerability has been resolved: btrfs: scrub: avoid use-after-free when chunk length is not 64K aligned [BUG] There is a bug report that, on a ext4-converted btrfs, scrub leads to various problems, inc…
- CVE-2024-26619HIGHCVSS 7.8EG 7.82024-03-11
In the Linux kernel, the following vulnerability has been resolved: riscv: Fix module loading free order Reverse order of kfree calls to resolve use-after-free error.
- CVE-2024-26622HIGHCVSS 7.8EG 7.82024-03-04
In the Linux kernel, the following vulnerability has been resolved: tomoyo: fix UAF write bug in tomoyo_write_control() Since tomoyo_write_control() updates head->write_buf when write() of long lines is requested, we need to fetch head->…
- CVE-2024-26625HIGHCVSS 7.8EG 7.82024-03-06
In the Linux kernel, the following vulnerability has been resolved: llc: call sock_orphan() at release time syzbot reported an interesting trace [1] caused by a stale sk->sk_wq pointer in a closed llc socket. In commit ff7b11aa481f ("ne…
- CVE-2024-26630HIGHCVSS 7.1EG 7.12024-03-13
In the Linux kernel, the following vulnerability has been resolved: mm: cachestat: fix folio read-after-free in cache walk In cachestat, we access the folio from the page cache's xarray to compute its page offset, and check for its dirty…
- CVE-2024-26654HIGHCVSS 7.0EG 7.02024-04-01
In the Linux kernel, the following vulnerability has been resolved: ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs The dreamcastcard->timer could schedule the spu_dma_work and the spu_dma_work could also arm the dreamcastca…
- CVE-2024-26656MEDIUMCVSS 5.5EG 5.52024-04-02
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix use-after-free bug The bug can be triggered by sending a single amdgpu_gem_userptr_ioctl to the AMDGPU DRM driver on any ASICs with an invalid address an…
- CVE-2024-26680MEDIUMCVSS 5.5EG 5.52024-04-02
In the Linux kernel, the following vulnerability has been resolved: net: atlantic: Fix DMA mapping for PTP hwts ring Function aq_ring_hwts_rx_alloc() maps extra AQ_CFG_RXDS_DEF bytes for PTP HWTS ring but then generic aq_ring_free() does…
- CVE-2024-26689HIGHCVSS 7.8EG 7.82024-04-03
In the Linux kernel, the following vulnerability has been resolved: ceph: prevent use-after-free in encode_cap_msg() In fs/ceph/caps.c, in encode_cap_msg(), "use after free" error was caught by KASAN at this line - 'ceph_buffer_get(arg->…
- CVE-2024-26724HIGHCVSS 7.8EG 7.82024-04-03
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: DPLL, Fix possible use after free after delayed work timer triggers I managed to hit following use after free warning recently: [ 2169.711665] ===============…
Map vulnerabilities like CWE-416 to your infrastructure
EchelonGraph correlates every CVE — across CWE-416 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →