Double Free

The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

CVEs (781)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-25773 1Trendmicro 1Apex One Nov 21, 2024 Sep 29, 2020 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A vulnerability in the Trend Micro Apex One ServerMigrationTool component could allow an attacker to execute arbitrary code on affected products. User interaction is required to exploit this vulnerability in that the tar...Show more A vulnerability in the Trend Micro Apex One ServerMigrationTool component could allow an attacker to execute arbitrary code on affected products. User interaction is required to exploit this vulnerability in that the target must import a corrupted configuration file.Show less
CVE-2020-0392 1Google 1Android Nov 21, 2024 Sep 17, 2020 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 In getLayerDebugInfo of SurfaceFlinger.cpp, there is a possible code execution due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is no...Show more In getLayerDebugInfo of SurfaceFlinger.cpp, there is a possible code execution due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11Android ID: A-150226608Show less
CVE-2020-25559 1Gnuplot 1Gnuplot Aug 14, 2025 Sep 16, 2020 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 gnuplot 5.5 is affected by double free when executing print_set_output. This may result in context-dependent arbitrary code execution.
CVE-2019-14065 1Qualcomm 37Apq8009 Firmware Apq8098 FirmwareKamorta Firmware+34 more Nov 21, 2024 Sep 8, 2020 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 u'Pointer double free in HavenSvc due to not setting the pointer to NULL after freeing it' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &...Show more u'Pointer double free in HavenSvc due to not setting the pointer to NULL after freeing it' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8909, MSM8998, Nicobar, QCS404, QCS405, QCS605, QCS610, Rennell, SA515M, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130Show less
CVE-2020-24978 1Nasm 1Netwide Assembler Nov 21, 2024 Sep 4, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In NASM 2.15.04rc3, there is a double-free vulnerability in pp_tokline asm/preproc.c. This is fixed in commit 8806c3ca007b84accac21dd88b900fb03614ceb7.
CVE-2020-17498 4Fedoraproject OpensuseOracle+1 more 4Fedora LeapWireshark+1 more Nov 21, 2024 Aug 13, 2020 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. This was addressed in epan/dissectors/packet-kafka.c by avoiding a double free during LZ4 decompression.
CVE-2020-0241 1Google 1Android Nov 21, 2024 Aug 11, 2020 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 In NuPlayerStreamListener of NuPlayerStreamListener.cpp, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User int...Show more In NuPlayerStreamListener of NuPlayerStreamListener.cpp, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-151456667Show less
CVE-2020-16217 1Advantech 1Webaccess/hmi Designer Nov 21, 2024 Aug 6, 2020 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. A double free vulnerability caused by processing specially crafted project files may allow remote code execution, disclosure/modification of information, or...Show more Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. A double free vulnerability caused by processing specially crafted project files may allow remote code execution, disclosure/modification of information, or cause the application to crash.Show less
CVE-2020-1647 1Juniper 1Junos Nov 21, 2024 Jul 17, 2020 N/A· v4 9.8 CRITICAL· v3 6.8 MEDIUM· v2 On Juniper Networks SRX Series with ICAP (Internet Content Adaptation Protocol) redirect service enabled, a double free vulnerability can lead to a Denial of Service (DoS) or Remote Code Execution (RCE) due to processing...Show more On Juniper Networks SRX Series with ICAP (Internet Content Adaptation Protocol) redirect service enabled, a double free vulnerability can lead to a Denial of Service (DoS) or Remote Code Execution (RCE) due to processing of a specific HTTP message. Continued processing of this specific HTTP message may result in an extended Denial of Service (DoS). The offending HTTP message that causes this issue may originate both from the HTTP server or the client. This issue affects Juniper Networks Junos OS on SRX Series: 18.1 versions prior to 18.1R3-S9; 18.2 versions prior to 18.2R3-S3; 18.3 versions prior to 18.3R2-S4, 18.3R3-S1; 18.4 versions prior to 18.4R2-S5, 18.4R3; 19.1 versions prior to 19.1R2; 19.2 versions prior to 19.2R1-S2, 19.2R2; 19.3 versions prior to 19.3R2. This issue does not affect Juniper Networks Junos OS prior to 18.1R1.Show less
CVE-2019-20892 2Net Snmp Oracle 2Net Snmp Zfs Storage Appliance Kit Nov 21, 2024 Jun 25, 2020 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 net-snmp before 5.8.1.pre1 has a double free in usm_free_usmStateReference in snmplib/snmpusm.c via an SNMPv3 GetBulk request. NOTE: this affects net-snmp packages shipped to end users by multiple Linux distributions, bu...Show more net-snmp before 5.8.1.pre1 has a double free in usm_free_usmStateReference in snmplib/snmpusm.c via an SNMPv3 GetBulk request. NOTE: this affects net-snmp packages shipped to end users by multiple Linux distributions, but might not affect an upstream release.Show less
CVE-2020-3613 1Qualcomm 1Sm8150 Firmware Nov 21, 2024 Jun 22, 2020 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Double free issue in kernel memory mapping due to lack of memory protection mechanism in Snapdragon Compute, Snapdragon Mobile, Snapdragon Voice & Music in SM8150
CVE-2019-14091 1Qualcomm 9Mdm9607 Firmware Qcs405 FirmwareRennell Firmware+6 more Nov 21, 2024 Jun 22, 2020 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Double free issue in NPU due to lack of resource locking mechanism to avoid race condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &...Show more Double free issue in NPU due to lack of resource locking mechanism to avoid race condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, QCS405, Rennell, Saipan, SC8180X, SDX55, SM8150, SM8250, SXR2130Show less
CVE-2020-11900 1Treck 1Tcp/ip Nov 21, 2024 Jun 17, 2020 N/A· v4 8.2 HIGH· v3 6.4 MEDIUM· v2 The Treck TCP/IP stack before 6.0.1.41 has an IPv4 tunneling Double Free.
CVE-2020-9844 1Apple 3Ipados Iphone OsMac Os X Nov 21, 2024 Jun 9, 2020 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 A double free issue was addressed with improved memory management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5. A remote attacker may be able to cause unexpected system termination or corrupt...Show more A double free issue was addressed with improved memory management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory.Show less
CVE-2020-9859 1Apple 5Ipados Iphone OsMac Os X+2 more Oct 23, 2025 Jun 5, 2020 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.5.1 and iPadOS 13.5.1, macOS Catalina 10.15.5 Supplemental Update, tvOS 13.4.6, watchOS 6.2.6. An application may be a...Show more A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.5.1 and iPadOS 13.5.1, macOS Catalina 10.15.5 Supplemental Update, tvOS 13.4.6, watchOS 6.2.6. An application may be able to execute arbitrary code with kernel privileges.Show less
CVE-2020-3610 1Qualcomm 37Apq8009 Firmware Apq8053 FirmwareApq8096au Firmware+34 more Nov 21, 2024 Jun 2, 2020 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Possibility of double free of the drawobj that is added to the drawqueue array of the context during IOCTL commands as there is no refcount taken for this object in Snapdragon Auto, Snapdragon Compute, Snapdragon Consume...Show more Possibility of double free of the drawobj that is added to the drawqueue array of the context during IOCTL commands as there is no refcount taken for this object in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, APQ8098, MSM8909W, MSM8917, MSM8953, MSM8996AU, Nicobar, QCS405, QCS605, QM215, Rennell, SA415M, Saipan, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130Show less
CVE-2020-11017 3Debian FreerdpOpensuse 3Debian Linux FreerdpLeap Nov 21, 2024 May 29, 2020 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 In FreeRDP less than or equal to 2.0.0, by providing manipulated input a malicious client can create a double free condition and crash the server. This is fixed in version 2.1.0.
CVE-2020-11044 3Canonical DebianFreerdp 3Debian Linux FreerdpUbuntu Linux Nov 21, 2024 May 7, 2020 N/A· v4 2.2 LOW· v3 3.5 LOW· v2 In FreeRDP greater than 1.2 and before 2.0.0, a double free in update_read_cache_bitmap_v3_order crashes the client application if corrupted data from a manipulated server is parsed. This has been patched in 2.0.0.
CVE-2020-3179 1Cisco 13Asa 5505 Firmware Asa 5510 FirmwareAsa 5512 X Firmware+10 more Nov 21, 2024 May 6, 2020 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 A vulnerability in the generic routing encapsulation (GRE) tunnel decapsulation feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS)...Show more A vulnerability in the generic routing encapsulation (GRE) tunnel decapsulation feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory handling error when GRE over IPv6 traffic is processed. An attacker could exploit this vulnerability by sending crafted GRE over IPv6 packets with either IPv4 or IPv6 payload through an affected device. A successful exploit could allow the attacker to cause the device to crash, resulting in a DoS condition.Show less
CVE-2019-20792 1Opensc Project 1Opensc Nov 21, 2024 Apr 29, 2020 N/A· v4 6.8 MEDIUM· v3 4.6 MEDIUM· v2 OpenSC before 0.20.0 has a double free in coolkey_free_private_data because coolkey_add_object in libopensc/card-coolkey.c lacks a uniqueness check.

Previous 1...272829...40 Next