CWE-416
AllowedUse After Free
Abstraction: Variant · Status: Stable
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
9821 vulnerabilities reference this CWE, most recent first.
GHSA-4XRM-7FMV-6PVG
Vulnerability from github – Published: 2022-05-17 03:29 – Updated: 2025-04-12 12:56Use-after-free vulnerability in the instanceof function in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code by leveraging improper reference handling, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0982, CVE-2016-0983, and CVE-2016-0984.
{
"affected": [],
"aliases": [
"CVE-2016-0975"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2016-02-10T20:59:00Z",
"severity": "HIGH"
},
"details": "Use-after-free vulnerability in the instanceof function in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allows attackers to execute arbitrary code by leveraging improper reference handling, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0982, CVE-2016-0983, and CVE-2016-0984.",
"id": "GHSA-4xrm-7fmv-6pvg",
"modified": "2025-04-12T12:56:54Z",
"published": "2022-05-17T03:29:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0975"
},
{
"type": "WEB",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201603-07"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1034970"
},
{
"type": "WEB",
"url": "http://zerodayinitiative.com/advisories/ZDI-16-160"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-4XRV-58CF-XVP6
Vulnerability from github – Published: 2022-05-24 19:11 – Updated: 2022-05-24 19:11Adobe Illustrator version 25.2.3 (and earlier) is affected by a Use After Free vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose potential sensitive information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
{
"affected": [],
"aliases": [
"CVE-2021-28593"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-08-20T19:15:00Z",
"severity": "LOW"
},
"details": "Adobe Illustrator version 25.2.3 (and earlier) is affected by a Use After Free vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose potential sensitive information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",
"id": "GHSA-4xrv-58cf-xvp6",
"modified": "2022-05-24T19:11:47Z",
"published": "2022-05-24T19:11:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28593"
},
{
"type": "WEB",
"url": "https://helpx.adobe.com/security/products/illustrator/apsb21-42.html"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-4XWG-FXHM-6R9C
Vulnerability from github – Published: 2025-11-04 09:31 – Updated: 2025-11-05 00:31In clkdbg, there is a possible escalation of privilege due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10136671; Issue ID: MSV-4651.
{
"affected": [],
"aliases": [
"CVE-2025-20743"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-11-04T07:15:46Z",
"severity": "MODERATE"
},
"details": "In clkdbg, there is a possible escalation of privilege due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10136671; Issue ID: MSV-4651.",
"id": "GHSA-4xwg-fxhm-6r9c",
"modified": "2025-11-05T00:31:32Z",
"published": "2025-11-04T09:31:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-20743"
},
{
"type": "WEB",
"url": "https://corp.mediatek.com/product-security-bulletin/November-2025"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-4XX4-XQW7-4F8R
Vulnerability from github – Published: 2022-05-24 17:29 – Updated: 2022-05-24 17:29Use after free in audio in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
{
"affected": [],
"aliases": [
"CVE-2020-6545"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-09-21T20:15:00Z",
"severity": "HIGH"
},
"details": "Use after free in audio in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"id": "GHSA-4xx4-xqw7-4f8r",
"modified": "2022-05-24T17:29:06Z",
"published": "2022-05-24T17:29:06Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6545"
},
{
"type": "WEB",
"url": "https://chromereleases.googleblog.com/2020/08/stable-channel-update-for-desktop.html"
},
{
"type": "WEB",
"url": "https://crbug.com/1095584"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EE7XWIZBME7JAY7N6CGPET4CLNHHEIVT"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202101-30"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2021/dsa-4824"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-4XXV-XHHW-92FW
Vulnerability from github – Published: 2025-06-10 18:32 – Updated: 2025-06-10 18:32Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
{
"affected": [],
"aliases": [
"CVE-2025-47164"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-06-10T17:23:31Z",
"severity": "HIGH"
},
"details": "Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.",
"id": "GHSA-4xxv-xhhw-92fw",
"modified": "2025-06-10T18:32:30Z",
"published": "2025-06-10T18:32:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47164"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47164"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-5223-3442-QP3J
Vulnerability from github – Published: 2022-05-13 01:23 – Updated: 2022-05-13 01:23Use-after-free vulnerability in the DOMSVGTests::GetRequiredFeatures function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
{
"affected": [],
"aliases": [
"CVE-2012-4183"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2012-10-10T17:55:00Z",
"severity": "HIGH"
},
"details": "Use-after-free vulnerability in the DOMSVGTests::GetRequiredFeatures function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"id": "GHSA-5223-3442-qp3j",
"modified": "2022-05-13T01:23:59Z",
"published": "2022-05-13T01:23:59Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4183"
},
{
"type": "WEB",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=786895"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79161"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16850"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00010.html"
},
{
"type": "WEB",
"url": "http://osvdb.org/86095"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1351.html"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/50856"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/50892"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/50904"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/50935"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/50936"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/50984"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/55318"
},
{
"type": "WEB",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:163"
},
{
"type": "WEB",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-85.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/56140"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/USN-1611-1"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-5265-H4F9-W9CF
Vulnerability from github – Published: 2022-04-15 00:00 – Updated: 2022-04-22 00:01MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component my_wildcmp_8bit_impl at /strings/ctype-simple.c.
{
"affected": [],
"aliases": [
"CVE-2022-27455"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-04-14T13:15:00Z",
"severity": "HIGH"
},
"details": "MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component my_wildcmp_8bit_impl at /strings/ctype-simple.c.",
"id": "GHSA-5265-h4f9-w9cf",
"modified": "2022-04-22T00:01:00Z",
"published": "2022-04-15T00:00:43Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27455"
},
{
"type": "WEB",
"url": "https://jira.mariadb.org/browse/MDEV-28097"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20220526-0007"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-5289-2Q6R-6Q3G
Vulnerability from github – Published: 2025-03-04 15:31 – Updated: 2025-03-05 18:32On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use-after-free in the Browser process. This could have led to a sandbox escape. This vulnerability affects Firefox < 136, Firefox ESR < 115.21, and Firefox ESR < 128.8.
{
"affected": [],
"aliases": [
"CVE-2025-1930"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-04T14:15:37Z",
"severity": "HIGH"
},
"details": "On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use-after-free in the Browser process. This could have led to a sandbox escape. This vulnerability affects Firefox \u003c 136, Firefox ESR \u003c 115.21, and Firefox ESR \u003c 128.8.",
"id": "GHSA-5289-2q6r-6q3g",
"modified": "2025-03-05T18:32:04Z",
"published": "2025-03-04T15:31:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-1930"
},
{
"type": "WEB",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1902309"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2025-14"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2025-15"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2025-16"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2025-17"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2025-18"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-529R-6CWW-Q8VR
Vulnerability from github – Published: 2026-05-28 12:30 – Updated: 2026-06-10 21:31In the Linux kernel, the following vulnerability has been resolved:
spi: mpc52xx: fix use-after-free on registration failure
Make sure to disable and free the interrupts in case controller registration fails to avoid a potential use-after-free and resource leak.
This issue was flagged by Sashiko when reviewing a controller deregistration fix.
{
"affected": [],
"aliases": [
"CVE-2026-46241"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-28T10:16:39Z",
"severity": "HIGH"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: mpc52xx: fix use-after-free on registration failure\n\nMake sure to disable and free the interrupts in case controller\nregistration fails to avoid a potential use-after-free and resource\nleak.\n\nThis issue was flagged by Sashiko when reviewing a controller\nderegistration fix.",
"id": "GHSA-529r-6cww-q8vr",
"modified": "2026-06-10T21:31:26Z",
"published": "2026-05-28T12:30:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46241"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/336d9ad7560b3baba17af06727a888040ee93390"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/5c77f11b9b5f1ad5a704dad875260c44016ede10"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/8b49b6aadd0c622ca7d68b4a53ae10362e221cf3"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f62c060272b9d7423b1650b844e8e4e7b8f9f925"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-52MH-J549-66JF
Vulnerability from github – Published: 2022-05-24 19:07 – Updated: 2022-05-24 19:07A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Jt981.dll library in affected applications lacks proper validation of user-supplied data prior to performing further free operations on an object when parsing JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13420)
{
"affected": [],
"aliases": [
"CVE-2021-34324"
],
"database_specific": {
"cwe_ids": [
"CWE-20",
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-07-13T11:15:00Z",
"severity": "HIGH"
},
"details": "A vulnerability has been identified in JT2Go (All versions \u003c V13.2), Teamcenter Visualization (All versions \u003c V13.2). The Jt981.dll library in affected applications lacks proper validation of user-supplied data prior to performing further free operations on an object when parsing JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13420)",
"id": "GHSA-52mh-j549-66jf",
"modified": "2022-05-24T19:07:38Z",
"published": "2022-05-24T19:07:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34324"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-862"
}
],
"schema_version": "1.4.0",
"severity": []
}
Mitigation
Strategy: Language Selection
Choose a language that provides automatic memory management.
Mitigation
Strategy: Attack Surface Reduction
When freeing pointers, be sure to set them to NULL once they are freed. However, the utilization of multiple or complex data structures may lower the usefulness of this strategy.
No CAPEC attack patterns related to this CWE.