Double Free

The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

CVEs (781)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-12858 1Libzip 1Libzip May 13, 2026 Aug 23, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Double free vulnerability in the _zip_dirent_read function in zip_dirent.c in libzip allows attackers to have unspecified impact via unknown vectors.
CVE-2017-8265 1Google 1Android May 13, 2026 Aug 18, 2017 N/A· v4 7.0 HIGH· v3 5.1 MEDIUM· v2 In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a video driver which can lead to a double free.
CVE-2015-5203 4Fedoraproject Jasper ProjectOpensuse+1 more 5Fedora JasperLeap+2 more May 13, 2026 Aug 2, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 Double free vulnerability in the jasper_image_stop_load function in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted JPEG 2000 image file.
CVE-2017-1000072 1Creolabs 1Gravity May 13, 2026 Jul 17, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Creolabs Gravity version 1.0 is vulnerable to a Double Free in gravity_value resulting potentially leading to modification of unexpected memory locations
CVE-2017-11139 2Debian Graphicsmagick 2Debian Linux Graphicsmagick May 13, 2026 Jul 10, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 GraphicsMagick 1.3.26 has double free vulnerabilities in the ReadOneJNGImage() function in coders/png.c.
CVE-2017-10914 1Xen 1Xen May 13, 2026 Jul 5, 2017 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 The grant-table feature in Xen through 4.8.x has a race condition leading to a double free, which allows guest OS users to cause a denial of service (memory consumption), or possibly obtain sensitive information or gain...Show more The grant-table feature in Xen through 4.8.x has a race condition leading to a double free, which allows guest OS users to cause a denial of service (memory consumption), or possibly obtain sensitive information or gain privileges, aka XSA-218 bug 2.Show less
CVE-2017-7521 1Openvpn 1Openvpn May 13, 2026 Jun 27, 2017 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service due to memory exhaustion caused by memory leaks and double-free issue in extract_x509_extension().
CVE-2017-7373 1Google 1Android May 13, 2026 Jun 13, 2017 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 In all Android releases from CAF using the Linux kernel, a double free vulnerability exists in a display driver.
CVE-2015-1207 2Debian Google 2Chrome Debian Linux May 13, 2026 Jun 6, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Double-free vulnerability in libavformat/mov.c in FFMPEG in Google Chrome 41.0.2251.0 allows remote attackers to cause a denial of service (memory corruption and crash) via a crafted .m4a file.
CVE-2015-9007 1Google 1Android May 13, 2026 Jun 6, 2017 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 In TrustZone in all Android releases from CAF using the Linux kernel, a Double Free vulnerability could potentially exist.
CVE-2017-9287 5Debian McafeeOpenldap+2 more 10Blockchain Platform Debian LinuxEnterprise Linux Desktop+7 more May 13, 2026 May 29, 2017 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. A user with access to search the directory can crash slapd by issuing a search including the Paged Results control with...Show more servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. A user with access to search the directory can crash slapd by issuing a search including the Paged Results control with a page size of 0.Show less
CVE-2017-9078 3Debian Dropbear Ssh ProjectNetapp 3Debian Linux Dropbear SshH410c Firmware May 13, 2026 May 19, 2017 N/A· v4 8.8 HIGH· v3 8.5 HIGH· v2 The server in Dropbear before 2017.75 might allow post-authentication root remote code execution because of a double free in cleanup of TCP listeners when the -a option is enabled.
CVE-2017-8890 2Debian Linux 2Debian Linux Linux Kernel May 13, 2026 May 10, 2017 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging...Show more The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.Show less
CVE-2016-1516 2Debian Opencv 2Debian Linux Opencv May 13, 2026 Apr 10, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 OpenCV 3.0.0 has a double free issue that allows attackers to execute arbitrary code.
CVE-2017-2425 1Apple 1Mac Os X May 13, 2026 Apr 2, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "SecurityFoundation" component. A double free vulnerability allows remote attackers to execute arbitrary code vi...Show more An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "SecurityFoundation" component. A double free vulnerability allows remote attackers to execute arbitrary code via a crafted certificate.Show less
CVE-2017-7393 1Tigervnc 1Tigervnc May 13, 2026 Apr 1, 2017 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 In TigerVNC 1.7.1 (VNCSConnectionST.cxx VNCSConnectionST::fence), an authenticated client can cause a double free, leading to denial of service or potentially code execution.
CVE-2014-9807 1Imagemagick 1Imagemagick May 13, 2026 Mar 30, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The pdb coder in ImageMagick allows remote attackers to cause a denial of service (double free) via unspecified vectors.
CVE-2017-5506 2Debian Imagemagick 2Debian Linux Imagemagick May 13, 2026 Mar 24, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspecified impact via a crafted file.
CVE-2017-5334 2Gnu Opensuse 2Gnutls Leap May 13, 2026 Mar 24, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via crafted policy language information in an X.509...Show more Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via crafted policy language information in an X.509 certificate with a Proxy Certificate Information extension.Show less
CVE-2015-8894 1Imagemagick 1Imagemagick May 13, 2026 Mar 15, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 Double free vulnerability in coders/tga.c in ImageMagick 7.0.0 and later allows remote attackers to cause a denial of service (application crash) via a crafted tga file.

Previous 1...363738 39 40 Next