CWE-416
AllowedUse After Free
Abstraction: Variant · Status: Stable
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
9821 vulnerabilities reference this CWE, most recent first.
GHSA-HPGJ-JH3H-GJMR
Vulnerability from github – Published: 2026-05-14 21:30 – Updated: 2026-05-15 00:30Use after free in Core in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
{
"affected": [],
"aliases": [
"CVE-2026-8542"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-14T20:17:15Z",
"severity": "HIGH"
},
"details": "Use after free in Core in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)",
"id": "GHSA-hpgj-jh3h-gjmr",
"modified": "2026-05-15T00:30:29Z",
"published": "2026-05-14T21:30:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-8542"
},
{
"type": "WEB",
"url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_12.html"
},
{
"type": "WEB",
"url": "https://issues.chromium.org/issues/497066659"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HPH3-9Q45-4PF2
Vulnerability from github – Published: 2025-09-16 18:31 – Updated: 2025-12-01 21:30In the Linux kernel, the following vulnerability has been resolved:
drm/msm/dp: Free resources after unregistering them
The DP component's unbind operation walks through the submodules to unregister and clean things up. But if the unbind happens because the DP controller itself is being removed, all the memory for those submodules has just been freed.
Change the order of these operations to avoid the many use-after-free that otherwise happens in this code path.
Patchwork: https://patchwork.freedesktop.org/patch/542166/
{
"affected": [],
"aliases": [
"CVE-2023-53316"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-16T17:15:37Z",
"severity": "HIGH"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/dp: Free resources after unregistering them\n\nThe DP component\u0027s unbind operation walks through the submodules to\nunregister and clean things up. But if the unbind happens because the DP\ncontroller itself is being removed, all the memory for those submodules\nhas just been freed.\n\nChange the order of these operations to avoid the many use-after-free\nthat otherwise happens in this code path.\n\nPatchwork: https://patchwork.freedesktop.org/patch/542166/",
"id": "GHSA-hph3-9q45-4pf2",
"modified": "2025-12-01T21:30:22Z",
"published": "2025-09-16T18:31:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53316"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3c3f3d35f5e05c468b048eb42a4f8c62c6655692"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/4e9f1a2367aea7d61f6781213e25313cd983b0d7"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/5c3278db06e332fdc14f3f297499fb88ded264d2"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/c67a55f7cc8d767d624235bf1bcd0947e56abe0f"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ca47d0dc00968358c136a1847cfed550cedfd1b5"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/fa0048a4b1fa7a50c8b0e514f5b428abdf69a6f8"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HPHX-5Q42-588C
Vulnerability from github – Published: 2024-05-03 03:31 – Updated: 2024-05-03 03:31Foxit PDF Reader AcroForm Signature Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Signature objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22007.
{
"affected": [],
"aliases": [
"CVE-2023-51552"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-03T03:16:13Z",
"severity": "HIGH"
},
"details": "Foxit PDF Reader AcroForm Signature Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Signature objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22007.",
"id": "GHSA-hphx-5q42-588c",
"modified": "2024-05-03T03:31:07Z",
"published": "2024-05-03T03:31:07Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51552"
},
{
"type": "WEB",
"url": "https://www.foxit.com/support/security-bulletins.html"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1865"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HPJ8-5PV7-F58M
Vulnerability from github – Published: 2026-02-11 21:30 – Updated: 2026-02-13 15:30Use after free in Ozone in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
{
"affected": [],
"aliases": [
"CVE-2026-2321"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-02-11T19:15:52Z",
"severity": "HIGH"
},
"details": "Use after free in Ozone in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)",
"id": "GHSA-hpj8-5pv7-f58m",
"modified": "2026-02-13T15:30:23Z",
"published": "2026-02-11T21:30:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2321"
},
{
"type": "WEB",
"url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_10.html"
},
{
"type": "WEB",
"url": "https://issues.chromium.org/issues/461877477"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HPJJ-93MM-G6F7
Vulnerability from github – Published: 2022-05-19 00:00 – Updated: 2022-06-02 00:00A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine.
{
"affected": [],
"aliases": [
"CVE-2022-1734"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-05-18T17:15:00Z",
"severity": "HIGH"
},
"details": "A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine.",
"id": "GHSA-hpjj-93mm-g6f7",
"modified": "2022-06-02T00:00:26Z",
"published": "2022-05-19T00:00:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1734"
},
{
"type": "WEB",
"url": "https://github.com/torvalds/linux/commit/d270453a0d9ec10bb8a802a142fb1b3601a83098"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20220707-0007"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2022/dsa-5173"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/06/05/4"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/06/09/1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HPMG-94XV-R9M5
Vulnerability from github – Published: 2022-08-29 20:06 – Updated: 2022-09-03 00:00Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.
{
"affected": [],
"aliases": [
"CVE-2021-41782"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-08-29T05:15:00Z",
"severity": "HIGH"
},
"details": "Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.",
"id": "GHSA-hpmg-94xv-r9m5",
"modified": "2022-09-03T00:00:24Z",
"published": "2022-08-29T20:06:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41782"
},
{
"type": "WEB",
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HPR8-XM43-7Q66
Vulnerability from github – Published: 2026-06-05 00:31 – Updated: 2026-06-05 03:31Use after free in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
{
"affected": [],
"aliases": [
"CVE-2026-10919"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-04T23:16:54Z",
"severity": "HIGH"
},
"details": "Use after free in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)",
"id": "GHSA-hpr8-xm43-7q66",
"modified": "2026-06-05T03:31:31Z",
"published": "2026-06-05T00:31:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-10919"
},
{
"type": "WEB",
"url": "https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop.html"
},
{
"type": "WEB",
"url": "https://issues.chromium.org/issues/498872764"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HPRC-66GH-5Q8W
Vulnerability from github – Published: 2024-11-12 18:30 – Updated: 2024-11-12 18:30Microsoft Office Graphics Remote Code Execution Vulnerability
{
"affected": [],
"aliases": [
"CVE-2024-49032"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-12T18:15:43Z",
"severity": "HIGH"
},
"details": "Microsoft Office Graphics Remote Code Execution Vulnerability",
"id": "GHSA-hprc-66gh-5q8w",
"modified": "2024-11-12T18:30:59Z",
"published": "2024-11-12T18:30:59Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-49032"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49032"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HPV6-625J-5G5J
Vulnerability from github – Published: 2024-11-20 18:32 – Updated: 2024-11-20 21:30In bta_dm_remove_sec_dev_entry of bta_dm_act.cc, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure over bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.
{
"affected": [],
"aliases": [
"CVE-2018-9483"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-20T18:15:20Z",
"severity": "MODERATE"
},
"details": "In bta_dm_remove_sec_dev_entry of bta_dm_act.cc, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure over bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.",
"id": "GHSA-hpv6-625j-5g5j",
"modified": "2024-11-20T21:30:49Z",
"published": "2024-11-20T18:32:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-9483"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/2018-09-01"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-HPVF-P22M-VXMH
Vulnerability from github – Published: 2022-07-16 00:00 – Updated: 2022-07-16 00:00Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
{
"affected": [],
"aliases": [
"CVE-2022-34234"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-07-15T16:15:00Z",
"severity": "MODERATE"
},
"details": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",
"id": "GHSA-hpvf-p22m-vxmh",
"modified": "2022-07-16T00:00:29Z",
"published": "2022-07-16T00:00:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34234"
},
{
"type": "WEB",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation
Strategy: Language Selection
Choose a language that provides automatic memory management.
Mitigation
Strategy: Attack Surface Reduction
When freeing pointers, be sure to set them to NULL once they are freed. However, the utilization of multiple or complex data structures may lower the usefulness of this strategy.
No CAPEC attack patterns related to this CWE.