Weaknesses of type CWE-416
4,154 resultsCVE-2025-31197MEDIUMThe issue was addressed with improved checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS SonoEPSS 0.3%CVE-2026-4449HIGHUse after free in Blink in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafEPSS 0.3%CVE-2026-54902MEDIUMOj: Use-After-Free in Oj::Parser SAJ Long Key CallbackEPSS 0.3%CVE-2022-49524HIGHmedia: pci: cx23885: Fix the error handling in cx23885_initdev()EPSS 0.3%CVE-2024-39463HIGH9p: add missing locking around taking dentry fid listEPSS 0.3%CVE-2026-14043CRITICALUse after free in GetUserMedia in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process toEPSS 0.3%CVE-2026-14005HIGHUse after free in Omnibox in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in speEPSS 0.3%CVE-2026-14044CRITICALUse after free in ANGLE in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentEPSS 0.3%CVE-2026-54901MEDIUMOj: Use-After-Free in Oj::Parser array_class/hash_class GC MarkingEPSS 0.3%CVE-2026-11061CRITICALType Confusion in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafEPSS 0.3%CVE-2026-9923HIGHUse after free in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a craftEPSS 0.3%CVE-2024-35869HIGHsmb: client: guarantee refcounted children from parent sessionEPSS 0.3%CVE-2026-14102HIGHUse after free in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to potentially exploit heap corruption via a cEPSS 0.3%CVE-2026-4454HIGHUse after free in Network in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crEPSS 0.3%CVE-2026-5874CRITICALUse after free in PrivateAI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI EPSS 0.3%CVE-2026-6360HIGHUse after free in FileSystem in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially exploit object corruption viaEPSS 0.3%CVE-2025-1290HIGHA race condition Use-After-Free vulnerability exists in the virtio_transport_space_update function within the Kernel 5.4 on ChromeOS. ConcurEPSS 0.3%CVE-2026-4445HIGHUse after free in WebRTC in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a craEPSS 0.3%CVE-2026-4456HIGHUse after free in Digital Credentials API in Google Chrome prior to 146.0.7680.153 allowed a remote attacker who had compromised the rendereEPSS 0.3%CVE-2026-11657HIGHUse after free in Payments in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code via a craftedEPSS 0.3%