Total
604 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-40103 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In multiple locations, there is a possible way to corrupt memory due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-3312 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 7.5 High |
| A vulnerability was found in drivers/cpufreq/qcom-cpufreq-hw.c in cpufreq subsystem in the Linux Kernel. This flaw, during device unbind will lead to double release problem leading to denial of service. | ||||
| CVE-2023-39975 | 2 Mit, Redhat | 2 Kerberos 5, Enterprise Linux | 2024-11-21 | 8.8 High |
| kdc/do_tgs_req.c in MIT Kerberos 5 (aka krb5) 1.21 before 1.21.2 has a double free that is reachable if an authenticated user can trigger an authorization-data handling failure. Incorrect data is copied from one ticket to another. | ||||
| CVE-2023-38434 | 2 Linux, Xhttp Project | 2 Linux Kernel, Xhttp | 2024-11-21 | 7.5 High |
| xHTTP 72f812d has a double free in close_connection in xhttp.c via a malformed HTTP request method. | ||||
| CVE-2023-33952 | 2 Linux, Redhat | 5 Linux Kernel, Enterprise Linux, Enterprise Linux For Real Time and 2 more | 2024-11-21 | 6.7 Medium |
| A double-free vulnerability was found in handling vmw_buffer_object objects in the vmwgfx driver in the Linux kernel. This issue occurs due to the lack of validating the existence of an object prior to performing further free operations on the object, which may allow a local privileged user to escalate privileges and execute code in the context of the kernel. | ||||
| CVE-2023-32824 | 2 Google, Mediatek | 31 Android, Mt6580, Mt6739 and 28 more | 2024-11-21 | 6.7 Medium |
| In rpmb , there is a possible double free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07912966; Issue ID: ALPS07912961. | ||||
| CVE-2023-28583 | 1 Qualcomm | 60 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 57 more | 2024-11-21 | 6.7 Medium |
| Memory corruption when IPv6 prefix timer object`s lifetime expires which are created while Netmgr daemon gets an IPv6 address. | ||||
| CVE-2023-28464 | 3 Linux, Netapp, Redhat | 7 Linux Kernel, H300s Firmware, H410c Firmware and 4 more | 2024-11-21 | 7.8 High |
| hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux kernel through 6.2.9 has a use-after-free (observed in hci_conn_hash_flush) because of calls to hci_dev_put and hci_conn_put. There is a double free that may lead to privilege escalation. | ||||
| CVE-2023-27537 | 4 Broadcom, Haxx, Netapp and 1 more | 13 Brocade Fabric Operating System Firmware, Libcurl, Active Iq Unified Manager and 10 more | 2024-11-21 | 5.9 Medium |
| A double free vulnerability exists in libcurl <8.0.0 when sharing HSTS data between separate "handles". This sharing was introduced without considerations for do this sharing across separate threads but there was no indication of this fact in the documentation. Due to missing mutexes or thread locks, two threads sharing the same HSTS data could end up doing a double-free or use-after-free. | ||||
| CVE-2023-25136 | 4 Fedoraproject, Netapp, Openbsd and 1 more | 10 Fedora, 500f, 500f Firmware and 7 more | 2024-11-21 | 6.5 Medium |
| OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One third-party report states "remote code execution is theoretically possible." | ||||
| CVE-2023-21629 | 1 Qualcomm | 424 205, 205 Firmware, 215 and 421 more | 2024-11-21 | 6.8 Medium |
| Memory Corruption in Modem due to double free while parsing the PKCS15 sim files. | ||||
| CVE-2023-1449 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.3 Medium |
| A vulnerability has been found in GPAC 2.3-DEV-rev35-gbbca86917-master and classified as problematic. This vulnerability affects the function gf_av1_reset_state of the file media_tools/av_parsers.c. The manipulation leads to double free. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. VDB-223294 is the identifier assigned to this vulnerability. | ||||
| CVE-2023-1032 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2024-11-21 | 4.7 Medium |
| The Linux kernel io_uring IORING_OP_SOCKET operation contained a double free in function __sys_socket_file() in file net/socket.c. This issue was introduced in da214a475f8bd1d3e9e7a19ddfeb4d1617551bab and fixed in 649c15c7691e9b13cbe9bf6c65c365350e056067. | ||||
| CVE-2022-47975 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.5 High |
| The DUBAI module has a double free vulnerability. Successful exploitation of this vulnerability may affect system availability. | ||||
| CVE-2022-42915 | 6 Apple, Fedoraproject, Haxx and 3 more | 14 Macos, Fedora, Curl and 11 more | 2024-11-21 | 8.1 High |
| curl before 7.86.0 has a double free. If curl is told to use an HTTP proxy for a transfer with a non-HTTP(S) URL, it sets up the connection to the remote server by issuing a CONNECT request to the proxy, and then tunnels the rest of the protocol through. An HTTP proxy might refuse this request (HTTP proxies often only allow outgoing connections to specific port numbers, like 443 for HTTPS) and instead return a non-200 status code to the client. Due to flaws in the error/cleanup handling, this could trigger a double free in curl if one of the following schemes were used in the URL for the transfer: dict, gopher, gophers, ldap, ldaps, rtmp, rtmps, or telnet. The earliest affected version is 7.77.0. | ||||
| CVE-2022-40683 | 1 Fortinet | 1 Fortiweb | 2024-11-21 | 7.1 High |
| A double free in Fortinet FortiWeb version 7.0.0 through 7.0.3 may allows attacker to execute unauthorized code or commands via specially crafted commands | ||||
| CVE-2022-40522 | 1 Qualcomm | 108 Csr8811, Csr8811 Firmware, Ipq6000 and 105 more | 2024-11-21 | 8.4 High |
| Memory corruption in Linux Networking due to double free while handling a hyp-assign. | ||||
| CVE-2022-40515 | 1 Qualcomm | 318 Apq8009, Apq8009 Firmware, Apq8009w and 315 more | 2024-11-21 | 7.3 High |
| Memory corruption in Video due to double free while playing 3gp clip with invalid metadata atoms. | ||||
| CVE-2022-40304 | 4 Apple, Netapp, Redhat and 1 more | 25 Ipados, Iphone Os, Macos and 22 more | 2024-11-21 | 7.8 High |
| An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked. | ||||
| CVE-2022-3806 | 1 Zephyrproject | 1 Zephyr | 2024-11-21 | 9.8 Critical |
| Inconsistent handling of error cases in bluetooth hci may lead to a double free condition of a network buffer. | ||||