Double Free

The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

CVEs (781)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-7784 1Adobe 2Acrobat Dc Acrobat Reader Dc Nov 21, 2024 May 22, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a double f...Show more Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a double free vulnerability. Successful exploitation could lead to arbitrary code execution.Show less
CVE-2019-12219 1Libsdl 2Sdl2 Image Simple Directmedia Layer Nov 21, 2024 May 20, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is an invalid free error in the SDL function SDL_SetError_REAL at SDL_...Show more An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is an invalid free error in the SDL function SDL_SetError_REAL at SDL_error.c.Show less
CVE-2019-11490 1Nmap 1Npcap Nov 21, 2024 Apr 24, 2019 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 An issue was discovered in Npcap 0.992. Sending a malformed .pcap file with the loopback adapter using either pcap_sendqueue_queue() or pcap_sendqueue_transmit() results in kernel pool corruption. This could lead to arbi...Show more An issue was discovered in Npcap 0.992. Sending a malformed .pcap file with the loopback adapter using either pcap_sendqueue_queue() or pcap_sendqueue_transmit() results in kernel pool corruption. This could lead to arbitrary code executing inside the Windows kernel and allow escalation of privileges.Show less
CVE-2019-3829 2Fedoraproject Gnu 2Fedora Gnutls Nov 21, 2024 Mar 27, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. A memory corruption (double free) vulnerability in the certificate verification API. Any client or server application that verifies X.509 certificates...Show more A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. A memory corruption (double free) vulnerability in the certificate verification API. Any client or server application that verifies X.509 certificates with GnuTLS 3.5.8 or later is affected.Show less
CVE-2018-3985 1Getcujo 1Smart Firewall Nov 21, 2024 Mar 21, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An exploitable double free vulnerability exists in the mdnscap binary of the CUJO Smart Firewall. When parsing mDNS packets, a memory space is freed twice if an invalid query name is encountered, leading to arbitrary cod...Show more An exploitable double free vulnerability exists in the mdnscap binary of the CUJO Smart Firewall. When parsing mDNS packets, a memory space is freed twice if an invalid query name is encountered, leading to arbitrary code execution in the context of the mdnscap process. An unauthenticated attacker can send an mDNS message to trigger this vulnerability.Show less
CVE-2019-0122 1Intel 1Software Guard Extensions Sdk Nov 21, 2024 Mar 14, 2019 N/A· v4 7.1 HIGH· v3 3.6 LOW· v2 Double free in Intel(R) SGX SDK for Linux before version 2.2 and Intel(R) SGX SDK for Windows before version 2.1 may allow an authenticated user to potentially enable information disclosure or denial of service via local...Show more Double free in Intel(R) SGX SDK for Linux before version 2.2 and Intel(R) SGX SDK for Windows before version 2.1 may allow an authenticated user to potentially enable information disclosure or denial of service via local access.Show less
CVE-2019-1999 3Canonical DebianGoogle 3Android Debian LinuxUbuntu Linux Nov 21, 2024 Feb 28, 2019 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 In binder_alloc_free_page of binder_alloc.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User in...Show more In binder_alloc_free_page of binder_alloc.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-120025196.Show less
CVE-2019-6978 3Canonical DebianLibgd 3Debian Linux LibgdUbuntu Linux Nov 21, 2024 Jan 28, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c. NOTE: PHP is unaffected.
CVE-2019-6455 1Gnu 1Recutils Nov 21, 2024 Jan 16, 2019 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in GNU Recutils 1.8. There is a double-free problem in the function rec_mset_elem_destroy() in the file rec-mset.c.
CVE-2018-15518 3Debian OpensuseQt 3Debian Linux LeapQt Nov 21, 2024 Dec 26, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document.
CVE-2018-20450 1Libxls Project 1Libxls Nov 21, 2024 Dec 25, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 The read_MSAT function in ole.c in libxls 1.4.0 has a double free that allows attackers to cause a denial of service (application crash) via a crafted file, a different vulnerability than CVE-2017-2897.
CVE-2018-1000877 5Canonical DebianFedoraproject+2 more 7Debian Linux Enterprise Linux DesktopEnterprise Linux Server+4 more Nov 21, 2024 Dec 20, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-415: Double Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c, parse_codes...Show more libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-415: Double Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c, parse_codes(), realloc(rar->lzss.window, new_size) with new_size = 0 that can result in Crash/DoS. This attack appear to be exploitable via the victim must open a specially crafted RAR archive.Show less
CVE-2018-11987 1Google 1Android Nov 21, 2024 Dec 20, 2018 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, if there is an unlikely memory alloc failure for the secure pool in boot, it can result in wrong pointer access c...Show more In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, if there is an unlikely memory alloc failure for the secure pool in boot, it can result in wrong pointer access causing kernel panic.Show less
CVE-2018-9553 1Google 1Android Nov 21, 2024 Dec 6, 2018 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 In MasteringMetadata::Parse of mkvparser.cc there is a possible double free due to an insecure default value. This could lead to remote code execution with no additional execution privileges needed. User interaction is n...Show more In MasteringMetadata::Parse of mkvparser.cc there is a possible double free due to an insecure default value. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-116615297.Show less
CVE-2018-16841 3Canonical DebianSamba 3Debian Linux SambaUbuntu Linux Nov 21, 2024 Nov 28, 2018 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Samba from version 4.3.0 and before versions 4.7.12, 4.8.7 and 4.9.3 are vulnerable to a denial of service. When configured to accept smart-card authentication, Samba's KDC will call talloc_free() twice on the same memor...Show more Samba from version 4.3.0 and before versions 4.7.12, 4.8.7 and 4.9.3 are vulnerable to a denial of service. When configured to accept smart-card authentication, Samba's KDC will call talloc_free() twice on the same memory if the principal in a validly signed certificate does not match the principal in the AS-REQ. This is only possible after authentication with a trusted certificate. talloc is robust against further corruption from a double-free with talloc_free() and directly calls abort(), terminating the KDC process.Show less
CVE-2018-11918 1Google 1Android Nov 21, 2024 Nov 27, 2018 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, memory allocated is automatically released by the kernel if the 'probe' function fails with an error code.
CVE-2018-11823 1Google 1Android Nov 21, 2024 Nov 27, 2018 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, freeing device memory in driver probe failure will result in double free issue in power module.
CVE-2018-9415 2Canonical Google 2Android Ubuntu Linux Nov 21, 2024 Nov 6, 2018 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 In driver_override_store and driver_override_show of bus.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interact...Show more In driver_override_store and driver_override_show of bus.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-69129004 References: Upstream kernel.Show less
CVE-2018-9356 1Google 1Android Nov 21, 2024 Nov 6, 2018 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 In bnep_data_ind of bnep_main.c, there is a possible remote code execution due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for...Show more In bnep_data_ind of bnep_main.c, there is a possible remote code execution due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-74950468.Show less
CVE-2018-18751 3Canonical GnuRedhat 3Enterprise Linux GettextUbuntu Linux Nov 21, 2024 Oct 29, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in GNU gettext 0.19.8. There is a double free in default_add_message in read-catalog.c, related to an invalid free in po_gram_parse in po-gram-gen.y, as demonstrated by lt-msgfmt.

Previous 1...313233...40 Next