Double Free

The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

CVEs (781)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-25907 1Containers Project 1Containers Nov 21, 2024 Jan 26, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in the containers crate before 0.9.11 for Rust. When a panic occurs, a util::{mutate,mutate2} double drop can be performed.
CVE-2020-36225 3Apple DebianOpenldap 3Debian Linux MacosOpenldap Nov 21, 2024 Jan 26, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A flaw was discovered in OpenLDAP before 2.4.57 leading to a double free and slapd crash in the saslAuthzTo processing, resulting in denial of service.
CVE-2020-36223 3Apple DebianOpenldap 4Debian Linux Mac Os XMacos+1 more Nov 21, 2024 Jan 26, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read).
CVE-2020-36205 1Xcb Project 1Xcb Nov 21, 2024 Jan 26, 2021 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 An issue was discovered in the xcb crate through 2020-12-10 for Rust. base::Error does not have soundness. Because of the public ptr field, a use-after-free or double-free can occur.
CVE-2020-3685 1Qualcomm 506Apq8009 Apq8009wApq8017+503 more Nov 21, 2024 Jan 21, 2021 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 Pointer variable which is freed is not cleared can result in memory corruption and leads to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industria...Show more Pointer variable which is freed is not cleared can result in memory corruption and leads to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and NetworkingShow less
CVE-2020-11217 1Qualcomm 193Pm3003a Pm4125Pm6125+190 more Nov 21, 2024 Jan 21, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 A possible double free or invalid memory access in audio driver while reading Speaker Protection parameters in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CVE-2020-35891 1Ordnung Project 1Ordnung Nov 21, 2024 Dec 31, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue was discovered in the ordnung crate through 2020-09-03 for Rust. compact::Vec violates memory safety via a remove() double free.
CVE-2020-35885 1Alpm Rs Project 1Alpm Rs Nov 21, 2024 Dec 31, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in the alpm-rs crate through 2020-08-20 for Rust. StrcCtx performs improper memory deallocation.
CVE-2020-35862 1Bitvec Project 1Bitvec Nov 21, 2024 Dec 31, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in the bitvec crate before 0.17.4 for Rust. BitVec to BitBox conversion leads to a use-after-free or double free.
CVE-2019-25009 1Hyper 1Http Nov 21, 2024 Dec 31, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in the http crate before 0.1.20 for Rust. The HeaderMap::Drain API can use a raw pointer, defeating soundness.
CVE-2020-16590 2Gnu Netapp 2Binutils Ontap Select Deploy Administration Utility Nov 21, 2024 Dec 9, 2020 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 A double free vulnerability exists in the Binary File Descriptor (BFD) (aka libbrd) in GNU Binutils 2.35 in the process_symbol_table, as demonstrated in readelf, via a crafted file.
CVE-2020-15710 1Pulseaudio Project 1Pulseaudio Nov 21, 2024 Nov 19, 2020 N/A· v4 6.1 MEDIUM· v3 3.6 LOW· v2 Potential double free in Bluez 5 module of PulseAudio could allow a local attacker to leak memory or crash the program. The modargs variable may be freed twice in the fail condition in src/modules/bluetooth/module-bluez5...Show more Potential double free in Bluez 5 module of PulseAudio could allow a local attacker to leak memory or crash the program. The modargs variable may be freed twice in the fail condition in src/modules/bluetooth/module-bluez5-device.c and src/modules/bluetooth/module-bluez5-device.c. Fixed in 1:8.0-0ubuntu3.14.Show less
CVE-2020-17019 1Microsoft 1Office Nov 21, 2024 Nov 11, 2020 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Microsoft Excel Remote Code Execution Vulnerability
CVE-2020-16970 1Microsoft 1Azure Sphere Nov 21, 2024 Nov 11, 2020 N/A· v4 8.8 HIGH· v3 7.2 HIGH· v2 Azure Sphere Unsigned Code Execution Vulnerability
CVE-2020-9747 1Adobe 1Animate Nov 21, 2024 Oct 21, 2020 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 Adobe Animate version 20.5 (and earlier) is affected by a double free vulnerability when parsing a crafted .fla file, which could result in arbitrary code execution in the context of the current user. This vulnerability...Show more Adobe Animate version 20.5 (and earlier) is affected by a double free vulnerability when parsing a crafted .fla file, which could result in arbitrary code execution in the context of the current user. This vulnerability requires user interaction to exploit.Show less
CVE-2020-1686 1Juniper 1Junos Nov 21, 2024 Oct 16, 2020 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 On Juniper Networks Junos OS devices, receipt of a malformed IPv6 packet may cause the system to crash and restart (vmcore). This issue can be trigged by a malformed IPv6 packet destined to the Routing Engine. An attacke...Show more On Juniper Networks Junos OS devices, receipt of a malformed IPv6 packet may cause the system to crash and restart (vmcore). This issue can be trigged by a malformed IPv6 packet destined to the Routing Engine. An attacker can repeatedly send the offending packet resulting in an extended Denial of Service condition. Only IPv6 packets can trigger this issue. IPv4 packets cannot trigger this issue. This issue affects Juniper Networks Junos OS 18.4 versions prior to 18.4R2-S4, 18.4R3-S1; 19.1 versions prior to 19.1R2-S1, 19.1R3; 19.2 versions prior to 19.2R1-S5, 19.2R2; 19.3 versions prior to 19.3R2-S4, 19.3R3; 19.4 versions prior to 19.4R1-S3, 19.4R2. This issue does not affect Juniper Networks Junos OS prior to 18.4R1.Show less
CVE-2020-27153 3Bluez DebianOpensuse 3Bluez Debian LinuxLeap Apr 15, 2026 Oct 15, 2020 N/A· v4 8.6 HIGH· v3 7.5 HIGH· v2 In BlueZ before 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c. A remote attacker could potentially cause a denial of service or code execution, during service discovery, due to a...Show more In BlueZ before 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c. A remote attacker could potentially cause a denial of service or code execution, during service discovery, due to a redundant disconnect MGMT event.Show less
CVE-2020-25637 2Opensuse Redhat 2Leap Libvirt Nov 21, 2024 Oct 6, 2020 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access co...Show more A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or potentially escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.Show less
CVE-2020-5988 1Nvidia 1Virtual Gpu Manager Nov 21, 2024 Oct 2, 2020 N/A· v4 7.1 HIGH· v3 3.6 LOW· v2 NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which allocated memory can be freed twice, which may lead to information disclosure or denial of service. This affects vGPU version 8.x (prior to...Show more NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which allocated memory can be freed twice, which may lead to information disclosure or denial of service. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0.Show less
CVE-2020-24698 1Powerdns 1Authoritative Nov 21, 2024 Oct 2, 2020 N/A· v4 9.8 CRITICAL· v3 6.8 MEDIUM· v2 An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker might be able to cause a double-free, leading to a crash or possibly arbitra...Show more An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker might be able to cause a double-free, leading to a crash or possibly arbitrary code execution. by sending crafted queries with a GSS-TSIG signature.Show less

Previous 1...262728...40 Next