Weaknesses of type CWE-416
4,138 resultsCVE-2024-34362MEDIUMEnvoy affected by a crash (use-after-free) in EnvoyQuicServerStreamEPSS 0.6%CVE-2022-38983CRITICALThe BT Hfp Client module has a Use-After-Free (UAF) vulnerability.Successful exploitation of this vulnerability may result in arbitrary codeEPSS 0.6%CVE-2026-25953MEDIUMFreeRDP has heap-use-after-free in xf_AppUpdateWindowFromSurface (freed appWindow)EPSS 0.6%CVE-2026-6746HIGHUse-after-free in the DOM: Core & HTML componentEPSS 0.6%CVE-2023-35943MEDIUMEnvoy vulnerable to CORS filter segfault when origin header is removed EPSS 0.6%CVE-2024-38921CRITICALOpen Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl proceEPSS 0.6%CVE-2026-48090MEDIUMEnvoy HTTP: OAuth2 filter late async token completion after stream teardown (UAF / crash risk)EPSS 0.6%CVE-2022-3197HIGHUse after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafteEPSS 0.6%CVE-2026-6100CRITICALUse-after-free in lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile after re-use under memory pressureEPSS 0.6%CVE-2023-0927HIGHUse after free in Web Payments API in Google Chrome on Android prior to 110.0.5481.177 allowed a remote attacker who had compromised the renEPSS 0.6%CVE-2022-3198HIGHUse after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafteEPSS 0.6%CVE-2023-0932HIGHUse after free in WebRTC in Google Chrome on Windows prior to 110.0.5481.177 allowed a remote attacker who convinced the user to engage in sEPSS 0.6%CVE-2025-62558HIGHMicrosoft Word Remote Code Execution VulnerabilityEPSS 0.6%CVE-2025-62559HIGHMicrosoft Word Remote Code Execution VulnerabilityEPSS 0.6%CVE-2025-21345HIGHMicrosoft Office Visio Remote Code Execution VulnerabilityEPSS 0.6%CVE-2024-25199HIGHInappropriate pointer order of map_sub_ and map_free(map_) (amcl_node.cpp) in Open Robotics Robotic Operating Sytstem 2 (ROS2) and Nav2 humbEPSS 0.6%CVE-2025-59282HIGHInternet Information Services (IIS) Inbox COM Objects (Global Memory) Remote Code Execution VulnerabilityEPSS 0.6%CVE-2020-14363HIGHAn integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an appEPSS 0.6%CVE-2025-29977HIGHMicrosoft Excel Remote Code Execution VulnerabilityEPSS 0.6%CVE-2026-28857MEDIUMThe issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visioEPSS 0.6%