Cwe 416

🧬 CWE Related 99
slug: cwe-416

Explanation

CWE-416は「メモリを解放した後にそのメモリを使ってしまう」欠陥です。 C/C++のような手動メモリ管理言語で頻発し、攻撃者はこれを利用して任意のコードを実行できることが多いです。 ブラウザのJavaScriptエンジン (V8, JavaScriptCore) でよく見つかり、ブラウザ経由のゼロデイ攻撃の典型的な原因となります。
📌 Example
Pwn2Own (年次ハッキングコンテスト) で、毎年ブラウザに対するUse-After-Free 攻撃が成功し、賞金10万ドル超を獲得する事例が続いています。

🔖 Related tags

🛡 Vulnerabilities tagged with this 1,410

ID Title
CVE-2024-57979 Use-After-Free in c (CVE-2024-57979)
CVE-2025-26600 Use-After-Free in tigervnc (CVE-2025-26600)
CVE-2025-26601 Use-After-Free in tigervnc (CVE-2025-26601)
CVE-2025-26594 Use-After-Free in tigervnc (CVE-2025-26594)
CVE-2025-0622 Use-After-Free in CVE-2025-0622 (CVE-2025-0622)
CVE-2024-57951 Use-After-Free in linux (CVE-2024-57951)
CVE-2025-24085 KEV [KEV] Use-After-Free in Apple multiple-products (CVE-2025-24085)
CVE-2025-21335 KEV [KEV] Use-After-Free in Microsoft windows (CVE-2025-21335)
CVE-2025-21334 KEV [KEV] Use-After-Free in Microsoft windows (CVE-2025-21334)
CVE-2024-56672 Use-After-Free in linux (CVE-2024-56672)
CVE-2024-56631 Use-After-Free in c (CVE-2024-56631)
CVE-2024-53166 Use-After-Free in linux (CVE-2024-53166)
CVE-2024-53057 Use-After-Free in c (CVE-2024-53057)
CVE-2024-50150 Use-After-Free in linux (CVE-2024-50150)
CVE-2024-50121 Use-After-Free in linux (CVE-2024-50121)
CVE-2024-50127 Use-After-Free in linux (CVE-2024-50127)
CVE-2024-50067 Out-of-Bounds Write in c (CVE-2024-50067)
CVE-2024-49889 Use-After-Free in linux (CVE-2024-49889)
CVE-2024-49903 Use-After-Free in c (CVE-2024-49903)
CVE-2024-49986 Use-After-Free in debian (CVE-2024-49986)
CVE-2024-49991 Use-After-Free in debian (CVE-2024-49991)
CVE-2024-49960 Use-After-Free in debian (CVE-2024-49960)
CVE-2024-49966 Use-After-Free in debian (CVE-2024-49966)
CVE-2024-49950 Use-After-Free in c (CVE-2024-49950)
CVE-2024-49924 Use-After-Free in debian (CVE-2024-49924)
CVE-2024-49925 Use-After-Free in linux (CVE-2024-49925)
CVE-2024-49883 Use-After-Free in debian (CVE-2024-49883)
CVE-2024-49884 Use-After-Free in debian (CVE-2024-49884)
CVE-2024-47747 Use-After-Free in linux (CVE-2024-47747)
CVE-2024-47730 Use-After-Free in debian (CVE-2024-47730)

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →