Weaknesses of type CWE-416

4,137 results
CVE-2023-34366HIGHA use-after-free vulnerability exists in the Figure stream parsing functionality of Ichitaro 2023 1.0.1.59372. A specially crafted document EPSS 0.6%CVE-2021-3929A DMA reentrancy issue was found in the NVM Express Controller (NVME) emulation in QEMU. This CVE is similar to CVE-2021-3750 and, just likeEPSS 0.6%CVE-2025-62553HIGHMicrosoft Excel Remote Code Execution VulnerabilityEPSS 0.6%CVE-2023-0931HIGHUse after free in Video in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafEPSS 0.6%CVE-2022-45405MEDIUMFreeing arbitrary <code>nsIInputStream</code>'s on a different thread than creation could have led to a use-after-free and potentially exploEPSS 0.6%CVE-2023-6706HIGHUse after free in FedCM in Google Chrome prior to 120.0.6099.109 allowed a remote attacker who convinced a user to engage in specific UI intEPSS 0.6%CVE-2023-6703HIGHUse after free in Blink in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafEPSS 0.6%CVE-2022-3058HIGHUse after free in Sign-In Flow in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific EPSS 0.6%CVE-2024-5498MEDIUMUse after free in Presentation API in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruptionEPSS 0.6%CVE-2021-32495CRITICALRadare2 has a use-after-free vulnerability in pyc parser's get_none_object function. Attacker can read freed memory afterwards. This will alEPSS 0.6%CVE-2024-10827HIGHUse after free in Serial in Google Chrome prior to 130.0.6723.116 allowed a remote attacker to potentially exploit heap corruption via a craEPSS 0.6%CVE-2022-3450HIGHUse after free in Peer Connection in Google Chrome prior to 106.0.5249.119 allowed a remote attacker to potentially exploit heap corruption EPSS 0.6%CVE-2026-28859MEDIUMThe issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS EPSS 0.6%CVE-2024-6103HIGHUse after free in Dawn in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to potentially exploit heap corruption via a craftEPSS 0.6%CVE-2022-3887HIGHUse after free in Web Workers in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via EPSS 0.6%CVE-2022-39823HIGHAn issue was discovered in Softing OPC UA C++ SDK 5.66 through 6.x before 6.10. An OPC/UA browse request exceeding the server limit on contiEPSS 0.6%CVE-2024-49074HIGHWindows Kernel-Mode Driver Elevation of Privilege VulnerabilityEPSS 0.6%CVE-2024-43509HIGHWindows Graphics Component Elevation of Privilege VulnerabilityEPSS 0.6%CVE-2026-0794HIGHALGO 8180 IP Audio Alerter SIP Use-After-Free Remote Code Execution VulnerabilityEPSS 0.6%CVE-2026-28387HIGHPotential Use-after-free in DANE Client CodeEPSS 0.6%