CWE-416
AllowedUse After Free
Abstraction: Variant · Status: Stable
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
9821 vulnerabilities reference this CWE, most recent first.
GHSA-78QJ-JHVR-9X39
Vulnerability from github – Published: 2022-05-14 01:12 – Updated: 2022-05-14 01:12A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
{
"affected": [],
"aliases": [
"CVE-2018-4315"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-04-03T18:29:00Z",
"severity": "HIGH"
},
"details": "A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.",
"id": "GHSA-78qj-jhvr-9x39",
"modified": "2022-05-14T01:12:46Z",
"published": "2022-05-14T01:12:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-4315"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT209106"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT209107"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT209109"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT209140"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT209141"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-78V4-X94J-XVQ4
Vulnerability from github – Published: 2024-04-09 18:30 – Updated: 2024-04-09 18:30Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
{
"affected": [],
"aliases": [
"CVE-2024-29043"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-04-09T17:15:57Z",
"severity": "HIGH"
},
"details": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability",
"id": "GHSA-78v4-x94j-xvq4",
"modified": "2024-04-09T18:30:27Z",
"published": "2024-04-09T18:30:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29043"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29043"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-78VQ-JGWV-CVC9
Vulnerability from github – Published: 2022-05-14 03:55 – Updated: 2022-05-14 03:55Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6931, and CVE-2016-6932.
{
"affected": [],
"aliases": [
"CVE-2016-6930"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2016-09-14T18:59:00Z",
"severity": "CRITICAL"
},
"details": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6931, and CVE-2016-6932.",
"id": "GHSA-78vq-jgwv-cvc9",
"modified": "2022-05-14T03:55:56Z",
"published": "2022-05-14T03:55:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6930"
},
{
"type": "WEB",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201610-10"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/92927"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1036791"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-78XM-G4FW-G356
Vulnerability from github – Published: 2022-05-14 02:21 – Updated: 2022-05-14 02:21Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class when handling conversion to an object. Successful exploitation could lead to arbitrary code execution.
{
"affected": [],
"aliases": [
"CVE-2016-7881"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2016-12-15T06:59:00Z",
"severity": "CRITICAL"
},
"details": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class when handling conversion to an object. Successful exploitation could lead to arbitrary code execution.",
"id": "GHSA-78xm-g4fw-g356",
"modified": "2022-05-14T02:21:35Z",
"published": "2022-05-14T02:21:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7881"
},
{
"type": "WEB",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154"
},
{
"type": "WEB",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201701-17"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/94873"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1037442"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-78XP-XVW2-6RW6
Vulnerability from github – Published: 2025-04-17 18:31 – Updated: 2025-04-17 21:31In the Linux kernel, the following vulnerability has been resolved:
can: dev: can_restart: fix use after free bug
After calling netif_rx_ni(skb), dereferencing skb is unsafe. Especially, the can_frame cf which aliases skb memory is accessed after the netif_rx_ni() in: stats->rx_bytes += cf->len;
Reordering the lines solves the issue.
{
"affected": [],
"aliases": [
"CVE-2021-47668"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-04-17T18:15:43Z",
"severity": "HIGH"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: dev: can_restart: fix use after free bug\n\nAfter calling netif_rx_ni(skb), dereferencing skb is unsafe.\nEspecially, the can_frame cf which aliases skb memory is accessed\nafter the netif_rx_ni() in:\n stats-\u003erx_bytes += cf-\u003elen;\n\nReordering the lines solves the issue.",
"id": "GHSA-78xp-xvw2-6rw6",
"modified": "2025-04-17T21:31:03Z",
"published": "2025-04-17T18:31:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47668"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/03f16c5075b22c8902d2af739969e878b0879c94"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/08ab951787098ae0b6c0364aeea7a8138226f234"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/260925a0b7d2da5449f8ecfd02c1405e0c8a45b8"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/593c072b7b3c4d7044416eb039d9ad706bedd67a"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/92668d28c7e6a7a2ba07df287669ffcdf650c421"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ac48ef15826e83f4206c47add61072e8fc76d328"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/bbc6847b9b8978b520f62fbc7c68c54ef0f8d282"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-792H-432F-5Q3W
Vulnerability from github – Published: 2022-05-13 01:30 – Updated: 2022-05-13 01:30LibVNC before commit 73cb96fec028a576a5a24417b57723b55854ad7b contains heap use-after-free vulnerability in server code of file transfer extension that can result remote code execution
{
"affected": [],
"aliases": [
"CVE-2018-15126"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-12-19T16:29:00Z",
"severity": "CRITICAL"
},
"details": "LibVNC before commit 73cb96fec028a576a5a24417b57723b55854ad7b contains heap use-after-free vulnerability in server code of file transfer extension that can result remote code execution",
"id": "GHSA-792h-432f-5q3w",
"modified": "2022-05-13T01:30:47Z",
"published": "2022-05-13T01:30:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-15126"
},
{
"type": "WEB",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-027-libvnc-heap-use-after-free"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00029.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3877-1"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2019/dsa-4383"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-792Q-V8QG-WXVV
Vulnerability from github – Published: 2025-03-11 18:32 – Updated: 2025-03-11 18:32Use after free in DNS Server allows an unauthorized attacker to execute code over a network.
{
"affected": [],
"aliases": [
"CVE-2025-24064"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-11T17:16:29Z",
"severity": "HIGH"
},
"details": "Use after free in DNS Server allows an unauthorized attacker to execute code over a network.",
"id": "GHSA-792q-v8qg-wxvv",
"modified": "2025-03-11T18:32:17Z",
"published": "2025-03-11T18:32:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24064"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24064"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-7938-FGC9-GW6V
Vulnerability from github – Published: 2026-07-14 18:32 – Updated: 2026-07-14 18:32Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
{
"affected": [],
"aliases": [
"CVE-2026-50314"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-14T18:17:29Z",
"severity": "HIGH"
},
"details": "Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.",
"id": "GHSA-7938-fgc9-gw6v",
"modified": "2026-07-14T18:32:15Z",
"published": "2026-07-14T18:32:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50314"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50314"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-793M-WQ3J-WHVR
Vulnerability from github – Published: 2022-05-24 19:10 – Updated: 2025-10-22 00:32Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26425, CVE-2021-34487.
{
"affected": [],
"aliases": [
"CVE-2021-34486"
],
"database_specific": {
"cwe_ids": [
"CWE-269",
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-08-12T18:15:00Z",
"severity": "HIGH"
},
"details": "Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26425, CVE-2021-34487.",
"id": "GHSA-793m-wq3j-whvr",
"modified": "2025-10-22T00:32:19Z",
"published": "2022-05-24T19:10:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34486"
},
{
"type": "WEB",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34486"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-34486"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-793V-2P67-GW99
Vulnerability from github – Published: 2025-05-20 18:30 – Updated: 2026-02-06 18:30In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix use-after-free in ksmbd_session_rpc_open
A UAF issue can occur due to a race condition between ksmbd_session_rpc_open() and __session_rpc_close(). Add rpc_lock to the session to protect it.
{
"affected": [],
"aliases": [
"CVE-2025-37926"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-20T16:15:29Z",
"severity": "HIGH"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix use-after-free in ksmbd_session_rpc_open\n\nA UAF issue can occur due to a race condition between\nksmbd_session_rpc_open() and __session_rpc_close().\nAdd rpc_lock to the session to protect it.",
"id": "GHSA-793v-2p67-gw99",
"modified": "2026-02-06T18:30:26Z",
"published": "2025-05-20T18:30:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-37926"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/1067361a1cc6ad9cdf7acfc47f90012b72ad1502"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/6323fec65fe54b365961fed260dd579191e46121"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/8fb3b6c85b7e3127161623586b62abcc366caa20"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a1f46c99d9ea411f9bf30025b912d881d36fc709"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a4348710a7267705b75692dc1a000920481d1d92"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation
Strategy: Language Selection
Choose a language that provides automatic memory management.
Mitigation
Strategy: Attack Surface Reduction
When freeing pointers, be sure to set them to NULL once they are freed. However, the utilization of multiple or complex data structures may lower the usefulness of this strategy.
No CAPEC attack patterns related to this CWE.