CWE-416— Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.— MITRE CWE catalog
7,395 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-416page 91 of 148
- CVE-2024-27530HIGHCVSS 8.4EG 8.42024-11-08
wasm3 139076a contains a Use-After-Free in ForEachModule.
- CVE-2024-27929HIGHCVSS 7.1EG 7.12024-03-05
ImageSharp is a managed, cross-platform, 2D graphics library. A heap-use-after-free flaw was found in ImageSharp's InitializeImage() function of PngDecoderCore.cs file. This vulnerability is triggered when an attacker passes a specially cr…
- CVE-2024-27934HIGHCVSS 8.4EG 8.42024-03-21
Deno is a JavaScript, TypeScript, and WebAssembly runtime. Starting in version 1.36.2 and prior to version 1.40.3, use of inherently unsafe `*const c_void` and `ExternalPointer` leads to use-after-free access of the underlying structure, r…
- CVE-2024-27975HIGHCVSS 8.8EG 8.82024-04-19
An Use-after-free vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM.
- CVE-2024-2883HIGHCVSS 8.8EG 7.52024-03-26
Use after free in ANGLE in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
- CVE-2024-2885HIGHCVSS 8.8EG 7.52024-03-26
Use after free in Dawn in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- CVE-2024-2886HIGHCVSS 7.5EG 7.52024-03-26
Use after free in WebCodecs in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
- CVE-2024-28888HIGHCVSS 8.8EG 8.82024-10-02
A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a checkbox field object. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory cor…
- CVE-2024-28951MEDIUMCVSS 5.5EG 5.52024-04-02
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free.
- CVE-2024-29043HIGHCVSS 8.8EG 8.82024-04-09
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
- CVE-2024-2937HIGHCVSS 7.8EG 7.82024-08-05
Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations t…
- CVE-2024-29787HIGHCVSS 7.8EG 7.42024-06-13
In lwis_process_transactions_in_queue of lwis_transaction.c, there is a possible use after free due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is n…
- CVE-2024-30006HIGHCVSS 8.8EG 8.82024-05-14
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
- CVE-2024-30028HIGHCVSS 7.8EG 7.82024-05-14
Win32k Elevation of Privilege Vulnerability
- CVE-2024-30031HIGHCVSS 7.8EG 7.82024-05-14
Windows CNG Key Isolation Service Elevation of Privilege Vulnerability
- CVE-2024-30032HIGHCVSS 7.8EG 7.82024-05-14
Windows DWM Core Library Elevation of Privilege Vulnerability
- CVE-2024-30035HIGHCVSS 7.8EG 7.82024-05-14
Windows DWM Core Library Elevation of Privilege Vulnerability
- CVE-2024-30049HIGHCVSS 7.8EG 7.82024-05-14
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
- CVE-2024-30062HIGHCVSS 7.8EG 7.82024-06-11
Windows Standards-Based Storage Management Service Remote Code Execution Vulnerability
- CVE-2024-30080CRITICALCVSS 9.8EG 9.82024-06-11
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
- CVE-2024-30082HIGHCVSS 7.8EG 7.82024-06-11
Win32k Elevation of Privilege Vulnerability
- CVE-2024-30086HIGHCVSS 7.8EG 7.82024-06-11
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
- CVE-2024-30089HIGHCVSS 7.8EG 7.82024-06-11
Microsoft Streaming Service Elevation of Privilege Vulnerability
- CVE-2024-30101HIGHCVSS 7.5EG 7.52024-06-11
Microsoft Office Remote Code Execution Vulnerability
- CVE-2024-30102HIGHCVSS 7.3EG 7.32024-06-11
Microsoft Office Remote Code Execution Vulnerability
- CVE-2024-30161MEDIUMCVSS 6.5EG 6.52024-03-24
In Qt 6.5.4, 6.5.5, and 6.6.2, QNetworkReply header data might be accessed via a dangling pointer in Qt for WebAssembly (wasm). (Earlier and later versions are unaffected.)
- CVE-2024-30275HIGHCVSS 7.8EG 7.82024-05-16
Adobe Aero Desktop versions 23.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a vi…
- CVE-2024-30284HIGHCVSS 7.8EG 7.82024-05-15
Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user intera…
- CVE-2024-30301HIGHCVSS 7.8EG 7.82024-05-02
Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user intera…
- CVE-2024-30302MEDIUMCVSS 5.5EG 5.52024-05-02
Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as AS…
- CVE-2024-30303HIGHCVSS 7.8EG 7.82024-05-02
Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user intera…
- CVE-2024-30304HIGHCVSS 7.8EG 7.82024-05-02
Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user intera…
- CVE-2024-30305HIGHCVSS 7.8EG 7.82024-05-02
Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user intera…
- CVE-2024-30322HIGHCVSS 7.8EG 7.82024-04-03
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this …
- CVE-2024-30324HIGHCVSS 7.8EG 7.82024-04-03
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit thi…
- CVE-2024-30325HIGHCVSS 7.8EG 7.82024-04-03
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this …
- CVE-2024-30326HIGHCVSS 7.8EG 7.82024-04-03
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit thi…
- CVE-2024-30327HIGHCVSS 7.8EG 7.82024-04-03
Foxit PDF Reader template Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this …
- CVE-2024-30328HIGHCVSS 7.8EG 7.82024-04-03
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this …
- CVE-2024-30329LOWCVSS 3.3EG 3.32024-04-03
Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to ex…
- CVE-2024-30330HIGHCVSS 7.8EG 7.82024-04-03
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this …
- CVE-2024-30331HIGHCVSS 7.8EG 7.82024-04-03
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this …
- CVE-2024-30332HIGHCVSS 7.8EG 7.82024-04-03
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit thi…
- CVE-2024-30333HIGHCVSS 7.8EG 7.82024-04-03
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit thi…
- CVE-2024-30334HIGHCVSS 7.8EG 7.82024-04-03
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit thi…
- CVE-2024-30336HIGHCVSS 7.8EG 7.82024-04-02
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this …
- CVE-2024-30337HIGHCVSS 7.8EG 7.82024-04-02
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this …
- CVE-2024-30338HIGHCVSS 7.8EG 7.82024-04-02
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit thi…
- CVE-2024-30339HIGHCVSS 7.8EG 7.82024-04-02
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this …
- CVE-2024-30342HIGHCVSS 7.8EG 7.82024-04-02
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit thi…
Map vulnerabilities like CWE-416 to your infrastructure
EchelonGraph correlates every CVE — across CWE-416 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →