CWE-416
AllowedUse After Free
Abstraction: Variant · Status: Stable
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
9821 vulnerabilities reference this CWE, most recent first.
GHSA-3HC5-9533-FP2F
Vulnerability from github – Published: 2026-07-01 00:34 – Updated: 2026-07-01 18:31Use after free in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
{
"affected": [],
"aliases": [
"CVE-2026-13775"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-30T23:16:52Z",
"severity": "CRITICAL"
},
"details": "Use after free in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)",
"id": "GHSA-3hc5-9533-fp2f",
"modified": "2026-07-01T18:31:26Z",
"published": "2026-07-01T00:34:02Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-13775"
},
{
"type": "WEB",
"url": "https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0175352312.html"
},
{
"type": "WEB",
"url": "https://issues.chromium.org/issues/511766407"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-3HCQ-FQCW-CVGF
Vulnerability from github – Published: 2025-01-14 18:32 – Updated: 2025-10-22 00:33Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability
{
"affected": [],
"aliases": [
"CVE-2025-21334"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-14T18:15:58Z",
"severity": "HIGH"
},
"details": "Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability",
"id": "GHSA-3hcq-fqcw-cvgf",
"modified": "2025-10-22T00:33:12Z",
"published": "2025-01-14T18:32:05Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21334"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21334"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-21334"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-3HF8-M65W-793G
Vulnerability from github – Published: 2022-05-14 03:54 – Updated: 2023-01-24 15:30Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to an interaction between the privacy user interface and the ActionScript 2 Camera object. Successful exploitation could lead to arbitrary code execution.
{
"affected": [],
"aliases": [
"CVE-2017-3003"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-03-14T16:59:00Z",
"severity": "CRITICAL"
},
"details": "Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to an interaction between the privacy user interface and the ActionScript 2 Camera object. Successful exploitation could lead to arbitrary code execution.",
"id": "GHSA-3hf8-m65w-793g",
"modified": "2023-01-24T15:30:22Z",
"published": "2022-05-14T03:54:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3003"
},
{
"type": "WEB",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb17-07.html"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201703-02"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0526.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/96861"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1037994"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-3HFV-3383-4HVP
Vulnerability from github – Published: 2022-10-14 12:00 – Updated: 2025-05-15 21:31A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.14 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code.
{
"affected": [],
"aliases": [
"CVE-2022-42719"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-10-13T23:15:00Z",
"severity": "HIGH"
},
"details": "A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.14 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code.",
"id": "GHSA-3hfv-3383-4hvp",
"modified": "2025-05-15T21:31:14Z",
"published": "2022-10-14T12:00:23Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42719"
},
{
"type": "WEB",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1204051"
},
{
"type": "WEB",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless.git/commit/?id=ff05d4b45dd89b922578dac497dcabf57cf771c6"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GGHENNMLCWIQV2LLA56BJNFIUZ7WB4IY"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S2KTU5LFZNQS7YNGE56MT46VHMXL3DD2"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VNN3VFQPECS6D4PS6ZWD7AFXTOSJDSSR"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GGHENNMLCWIQV2LLA56BJNFIUZ7WB4IY"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S2KTU5LFZNQS7YNGE56MT46VHMXL3DD2"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VNN3VFQPECS6D4PS6ZWD7AFXTOSJDSSR"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20230203-0008"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2022/dsa-5257"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/171005/Kernel-Live-Patch-Security-Notice-LNS-0091-1.html"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/10/13/2"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/10/13/5"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-3HH3-M5G3-6J82
Vulnerability from github – Published: 2021-12-24 00:01 – Updated: 2021-12-29 00:01Use after free in loader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
{
"affected": [],
"aliases": [
"CVE-2021-38005"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-12-23T01:15:00Z",
"severity": "HIGH"
},
"details": "Use after free in loader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"id": "GHSA-3hh3-m5g3-6j82",
"modified": "2021-12-29T00:01:14Z",
"published": "2021-12-24T00:01:03Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-38005"
},
{
"type": "WEB",
"url": "https://chromereleases.googleblog.com/2021/11/stable-channel-update-for-desktop.html"
},
{
"type": "WEB",
"url": "https://crbug.com/1241091"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3W46HRT2UVHWSLZB6JZHQF6JNQWKV744"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2022/dsa-5046"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-3HJW-3FCJ-GCQJ
Vulnerability from github – Published: 2022-05-17 03:32 – Updated: 2022-05-17 03:32Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
{
"affected": [],
"aliases": [
"CVE-2016-0995"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2016-03-12T15:59:00Z",
"severity": "CRITICAL"
},
"details": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.",
"id": "GHSA-3hjw-3fcj-gcqj",
"modified": "2022-05-17T03:32:14Z",
"published": "2022-05-17T03:32:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0995"
},
{
"type": "WEB",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201603-07"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/84312"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1035251"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-3HM8-6X9W-R3FC
Vulnerability from github – Published: 2022-05-24 19:11 – Updated: 2022-05-24 19:11Adobe Illustrator version 25.2.3 (and earlier) is affected by an Use-after-free vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to read arbitrary file system information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
{
"affected": [],
"aliases": [
"CVE-2021-36008"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-08-20T19:15:00Z",
"severity": "LOW"
},
"details": "Adobe Illustrator version 25.2.3 (and earlier) is affected by an Use-after-free vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to read arbitrary file system information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",
"id": "GHSA-3hm8-6x9w-r3fc",
"modified": "2022-05-24T19:11:43Z",
"published": "2022-05-24T19:11:43Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36008"
},
{
"type": "WEB",
"url": "https://helpx.adobe.com/security/products/illustrator/apsb21-42.html"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1146"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-3HMC-JXR7-RW7J
Vulnerability from github – Published: 2023-10-24 00:31 – Updated: 2024-07-24 18:31The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user could potentially use this flaw to escalate their privileges.
{
"affected": [],
"aliases": [
"CVE-2023-5633"
],
"database_specific": {
"cwe_ids": [
"CWE-416",
"CWE-911"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-10-23T22:15:09Z",
"severity": "HIGH"
},
"details": "The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user could potentially use this flaw to escalate their privileges.",
"id": "GHSA-3hmc-jxr7-rw7j",
"modified": "2024-07-24T18:31:15Z",
"published": "2023-10-24T00:31:07Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5633"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2024:0113"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2024:0134"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2024:0461"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2024:1404"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2024:4823"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2024:4831"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2023-5633"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2245663"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-3HP2-FJXJ-6WJ4
Vulnerability from github – Published: 2026-04-14 18:30 – Updated: 2026-04-14 18:30Use after free in Windows Server Update Service allows an authorized attacker to elevate privileges locally.
{
"affected": [],
"aliases": [
"CVE-2026-32224"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-14T18:17:30Z",
"severity": "HIGH"
},
"details": "Use after free in Windows Server Update Service allows an authorized attacker to elevate privileges locally.",
"id": "GHSA-3hp2-fjxj-6wj4",
"modified": "2026-04-14T18:30:42Z",
"published": "2026-04-14T18:30:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32224"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32224"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-3HP2-JG96-579W
Vulnerability from github – Published: 2024-11-22 21:32 – Updated: 2024-11-22 21:32Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of SKP files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23530.
{
"affected": [],
"aliases": [
"CVE-2024-9712"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-22T21:15:24Z",
"severity": "HIGH"
},
"details": "Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of SKP files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23530.",
"id": "GHSA-3hp2-jg96-579w",
"modified": "2024-11-22T21:32:19Z",
"published": "2024-11-22T21:32:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9712"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1473"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation
Strategy: Language Selection
Choose a language that provides automatic memory management.
Mitigation
Strategy: Attack Surface Reduction
When freeing pointers, be sure to set them to NULL once they are freed. However, the utilization of multiple or complex data structures may lower the usefulness of this strategy.
No CAPEC attack patterns related to this CWE.