CWE-416
AllowedUse After Free
Abstraction: Variant · Status: Stable
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
9821 vulnerabilities reference this CWE, most recent first.
GHSA-J7V8-GG92-F664
Vulnerability from github – Published: 2022-01-28 00:01 – Updated: 2022-02-03 00:00Jsish v3.5.0 was discovered to contain a heap-use-after-free via Jsi_DecrRefCount in src/jsiValue.c. This vulnerability can lead to a Denial of Service (DoS).
{
"affected": [],
"aliases": [
"CVE-2021-46489"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-01-27T21:15:00Z",
"severity": "MODERATE"
},
"details": "Jsish v3.5.0 was discovered to contain a heap-use-after-free via Jsi_DecrRefCount in src/jsiValue.c. This vulnerability can lead to a Denial of Service (DoS).",
"id": "GHSA-j7v8-gg92-f664",
"modified": "2022-02-03T00:00:35Z",
"published": "2022-01-28T00:01:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46489"
},
{
"type": "WEB",
"url": "https://github.com/pcmacdon/jsish/issues/74"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-J7WF-QMPF-6V3C
Vulnerability from github – Published: 2023-10-27 21:30 – Updated: 2024-04-04 08:57In GpuService of GpuService.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
{
"affected": [],
"aliases": [
"CVE-2023-40131"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-10-27T21:15:09Z",
"severity": "HIGH"
},
"details": "In GpuService of GpuService.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.",
"id": "GHSA-j7wf-qmpf-6v3c",
"modified": "2024-04-04T08:57:44Z",
"published": "2023-10-27T21:30:23Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40131"
},
{
"type": "WEB",
"url": "https://android.googlesource.com/platform/frameworks/native/+/0cda11569dd256ff3220b4fe44f861f8081d7116"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/2023-10-01"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-J7WH-6HCG-WW2C
Vulnerability from github – Published: 2022-04-03 00:00 – Updated: 2022-04-09 00:00Omron CX-Position (versions 2.5.3 and prior) is vulnerable to a use after free memory condition while processing a specific project file, which may allow an attacker to execute arbitrary code.
{
"affected": [],
"aliases": [
"CVE-2022-26417"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-04-01T23:15:00Z",
"severity": "HIGH"
},
"details": "Omron CX-Position (versions 2.5.3 and prior) is vulnerable to a use after free memory condition while processing a specific project file, which may allow an attacker to execute arbitrary code.",
"id": "GHSA-j7wh-6hcg-ww2c",
"modified": "2022-04-09T00:00:36Z",
"published": "2022-04-03T00:00:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26417"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-088-02"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-578"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-J7WW-G7M2-FPCG
Vulnerability from github – Published: 2022-05-24 19:21 – Updated: 2022-05-24 19:21A code execution vulnerability exists in the dxfRW::processLType() functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dxf file can lead to a use-after-free vulnerability. An attacker can provide a malicious file to trigger this vulnerability.
{
"affected": [],
"aliases": [
"CVE-2021-21900"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-11-19T19:15:00Z",
"severity": "HIGH"
},
"details": "A code execution vulnerability exists in the dxfRW::processLType() functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dxf file can lead to a use-after-free vulnerability. An attacker can provide a malicious file to trigger this vulnerability.",
"id": "GHSA-j7ww-g7m2-fpcg",
"modified": "2022-05-24T19:21:06Z",
"published": "2022-05-24T19:21:06Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21900"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00002.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RDI3HCTCACMIC7I4ILB3NRU6DCMADI5H"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZTIAMP7QJDKV4ADDLR4GVVX2TXYLHVOZ"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202305-26"
},
{
"type": "WEB",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1351"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2022/dsa-5077"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-J7XW-9X43-VXFH
Vulnerability from github – Published: 2022-05-24 19:19 – Updated: 2022-05-24 19:19Use after free in ANGLE in Google Chrome prior to 83.0.4103.97 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
{
"affected": [],
"aliases": [
"CVE-2020-6492"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-11-02T23:15:00Z",
"severity": "CRITICAL"
},
"details": "Use after free in ANGLE in Google Chrome prior to 83.0.4103.97 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.",
"id": "GHSA-j7xw-9x43-vxfh",
"modified": "2022-05-24T19:19:39Z",
"published": "2022-05-24T19:19:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6492"
},
{
"type": "WEB",
"url": "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html"
},
{
"type": "WEB",
"url": "https://crbug.com/1078375"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-J83W-4J6Q-7RXP
Vulnerability from github – Published: 2022-05-14 01:57 – Updated: 2022-05-14 01:57Use after free in WebUI in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension.
{
"affected": [],
"aliases": [
"CVE-2018-6054"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-09-25T14:29:00Z",
"severity": "HIGH"
},
"details": "Use after free in WebUI in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension.",
"id": "GHSA-j83w-4j6q-7rxp",
"modified": "2022-05-14T01:57:53Z",
"published": "2022-05-14T01:57:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6054"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:0265"
},
{
"type": "WEB",
"url": "https://chromereleases.googleblog.com/2018/01/stable-channel-update-for-desktop_24.html"
},
{
"type": "WEB",
"url": "https://crbug.com/797511"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2018/dsa-4103"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/102797"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1040282"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-J84J-RVVF-PMCM
Vulnerability from github – Published: 2025-10-14 18:30 – Updated: 2025-10-14 18:30Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
{
"affected": [],
"aliases": [
"CVE-2025-59221"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-14T17:16:02Z",
"severity": "HIGH"
},
"details": "Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.",
"id": "GHSA-j84j-rvvf-pmcm",
"modified": "2025-10-14T18:30:34Z",
"published": "2025-10-14T18:30:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59221"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59221"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-J84V-78J2-55GH
Vulnerability from github – Published: 2025-05-27 21:32 – Updated: 2025-11-03 21:33Use after free in libvpx in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
{
"affected": [],
"aliases": [
"CVE-2025-5283"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-27T21:15:23Z",
"severity": "MODERATE"
},
"details": "Use after free in libvpx in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)",
"id": "GHSA-j84v-78j2-55gh",
"modified": "2025-11-03T21:33:58Z",
"published": "2025-05-27T21:32:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5283"
},
{
"type": "WEB",
"url": "https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_27.html"
},
{
"type": "WEB",
"url": "https://issues.chromium.org/issues/419467315"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00043.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00046.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00052.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-J85C-4FRX-F93R
Vulnerability from github – Published: 2024-11-12 18:30 – Updated: 2024-11-12 18:30Microsoft SQL Server Remote Code Execution Vulnerability
{
"affected": [],
"aliases": [
"CVE-2024-49021"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-12T18:15:42Z",
"severity": "HIGH"
},
"details": "Microsoft SQL Server Remote Code Execution Vulnerability",
"id": "GHSA-j85c-4frx-f93r",
"modified": "2024-11-12T18:30:59Z",
"published": "2024-11-12T18:30:59Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-49021"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49021"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-J864-W7VW-6XG3
Vulnerability from github – Published: 2026-07-01 00:34 – Updated: 2026-07-01 18:31Use after free in Bluetooth in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
{
"affected": [],
"aliases": [
"CVE-2026-13878"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-30T23:17:02Z",
"severity": "CRITICAL"
},
"details": "Use after free in Bluetooth in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)",
"id": "GHSA-j864-w7vw-6xg3",
"modified": "2026-07-01T18:31:31Z",
"published": "2026-07-01T00:34:05Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-13878"
},
{
"type": "WEB",
"url": "https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0175352312.html"
},
{
"type": "WEB",
"url": "https://issues.chromium.org/issues/499007266"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation
Strategy: Language Selection
Choose a language that provides automatic memory management.
Mitigation
Strategy: Attack Surface Reduction
When freeing pointers, be sure to set them to NULL once they are freed. However, the utilization of multiple or complex data structures may lower the usefulness of this strategy.
No CAPEC attack patterns related to this CWE.