Medium
CVSS: 6.2
A double free vulnerability exists in librz/bin/format/le/le.c in the function le_load_fixup_record(). When processing malformed or circular LE fixup chains, relocation entries may be freed multiple times during error handling. A specially…
Medium
CVSS: 5.3
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, a double-free vulnerability in kerberos_AcceptSecurityContext() and kerberos_InitializeSecurityContextA() (WinPR, winpr/libwinpr/sspi/Kerberos/kerbero…
Medium
CVSS: 6.1
A specially crafted aggregation query with $lookup by an authenticated user with write privileges can cause a double-free or use-after-free memory issue in the slot-based execution (SBE) engine when an in-memory hash table is spilled to dis…
Medium
CVSS: 5.1
Giflib contains a double-free vulnerability that is the result of a shallow copy in GifMakeSavedImage and incorrect error handling. The conditions needed to trigger this vulnerability are difficult but may be possible.
High
CVSS: 7.5
GNU Binutils thru 2.46 readelf contains a double free vulnerability when processing a crafted ELF binary with malformed relocation data. During GOT relocation handling, dump_relocations may return early without initializing the all_relocati…
Medium
CVSS: 5.1
Double free vulnerability in the window module. Impact: Successful exploitation of this vulnerability may affect availability.
High
CVSS: 7.8
In the Linux kernel, the following vulnerability has been resolved:
scsi: qla2xxx: Fix bsg_done() causing double free
Kernel panic observed on system,
[5353358.825191] BUG: unable to handle page fault for address: ff5f5e897b024000
[53533…
Medium
CVSS: 5.0
libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c.
Low
CVSS: 3.3
A flaw was found in FFmpeg’s TensorFlow backend within the libavfilter/dnn_backend_tf.c source file. The issue occurs in the dnn_execute_model_tf() function, where a task object is freed multiple times in certain error-handling paths. This…
High
CVSS: 7.8
In the Linux kernel, the following vulnerability has been resolved:
drm/xe/nvm: Fix double-free on aux add failure
After a successful auxiliary_device_init(), aux_dev->dev.release
(xe_nvm_release_dev()) is responsible for the kfree(nvm).…
Medium
CVSS: 5.9
MuPDF versions 1.23.0 through 1.27.0 contain a double-free vulnerability in fz_fill_pixmap_from_display_list() when an exception occurs during display list rendering. The function accepts a caller-owned fz_pixmap pointer but incorrectly dro…
High
CVSS: 8.8
In the Linux kernel, the following vulnerability has been resolved:
netrom: fix double-free in nr_route_frame()
In nr_route_frame(), old_skb is immediately freed without checking if
nr_neigh->ax25 pointer is NULL. Therefore, if nr_neigh->…
High
CVSS: 7.8
In the Linux kernel, the following vulnerability has been resolved:
spi: spi-sprd-adi: Fix double free in probe error path
The driver currently uses spi_alloc_host() to allocate the controller
but registers it using devm_spi_register_cont…
Medium
CVSS: 5.5
In imgsys, there is a possible memory corruption due to improper locking. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID:…
Medium
CVSS: 6.5
A Double Free in XSLT `show_index` has been identified in Hiawatha webserver version 11.7 which allows an unauthenticated attacker to corrupt data which may lead to arbitrary code execution.
High
CVSS: 8.7
A Double Free vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX and MX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). On all SRX and MX Series platforms, wh…
High
CVSS: 8.4
CWE-415: Double Free vulnerability exists that could cause heap memory corruption when the end user imports a malicious project file (SSD file) shared by the attacker into Rapsody.
High
CVSS: 7.8
Double free vulnerability in the multi-mode input module.
Impact: Successful exploitation of this vulnerability may affect the input function.
High
CVSS: 7.0
Double free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
High
CVSS: 7.8
Windows Remote Procedure Call Interface Definition Language (IDL) Elevation of Privilege Vulnerability