Total
619 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-28583 | 1 Qualcomm | 60 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 57 more | 2024-11-21 | 6.7 Medium |
| Memory corruption when IPv6 prefix timer object`s lifetime expires which are created while Netmgr daemon gets an IPv6 address. | ||||
| CVE-2023-28464 | 3 Linux, Netapp, Redhat | 7 Linux Kernel, H300s Firmware, H410c Firmware and 4 more | 2024-11-21 | 7.8 High |
| hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux kernel through 6.2.9 has a use-after-free (observed in hci_conn_hash_flush) because of calls to hci_dev_put and hci_conn_put. There is a double free that may lead to privilege escalation. | ||||
| CVE-2023-27537 | 4 Broadcom, Haxx, Netapp and 1 more | 13 Brocade Fabric Operating System Firmware, Libcurl, Active Iq Unified Manager and 10 more | 2024-11-21 | 5.9 Medium |
| A double free vulnerability exists in libcurl <8.0.0 when sharing HSTS data between separate "handles". This sharing was introduced without considerations for do this sharing across separate threads but there was no indication of this fact in the documentation. Due to missing mutexes or thread locks, two threads sharing the same HSTS data could end up doing a double-free or use-after-free. | ||||
| CVE-2023-25136 | 4 Fedoraproject, Netapp, Openbsd and 1 more | 10 Fedora, 500f, 500f Firmware and 7 more | 2024-11-21 | 6.5 Medium |
| OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One third-party report states "remote code execution is theoretically possible." | ||||
| CVE-2023-21629 | 1 Qualcomm | 424 205, 205 Firmware, 215 and 421 more | 2024-11-21 | 6.8 Medium |
| Memory Corruption in Modem due to double free while parsing the PKCS15 sim files. | ||||
| CVE-2023-1449 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.3 Medium |
| A vulnerability has been found in GPAC 2.3-DEV-rev35-gbbca86917-master and classified as problematic. This vulnerability affects the function gf_av1_reset_state of the file media_tools/av_parsers.c. The manipulation leads to double free. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. VDB-223294 is the identifier assigned to this vulnerability. | ||||
| CVE-2023-1032 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2024-11-21 | 4.7 Medium |
| The Linux kernel io_uring IORING_OP_SOCKET operation contained a double free in function __sys_socket_file() in file net/socket.c. This issue was introduced in da214a475f8bd1d3e9e7a19ddfeb4d1617551bab and fixed in 649c15c7691e9b13cbe9bf6c65c365350e056067. | ||||
| CVE-2022-40683 | 1 Fortinet | 1 Fortiweb | 2024-11-21 | 7.1 High |
| A double free in Fortinet FortiWeb version 7.0.0 through 7.0.3 may allows attacker to execute unauthorized code or commands via specially crafted commands | ||||
| CVE-2022-40522 | 1 Qualcomm | 108 Csr8811, Csr8811 Firmware, Ipq6000 and 105 more | 2024-11-21 | 8.4 High |
| Memory corruption in Linux Networking due to double free while handling a hyp-assign. | ||||
| CVE-2022-40515 | 1 Qualcomm | 318 Apq8009, Apq8009 Firmware, Apq8009w and 315 more | 2024-11-21 | 7.3 High |
| Memory corruption in Video due to double free while playing 3gp clip with invalid metadata atoms. | ||||
| CVE-2022-39170 | 2 Fedoraproject, Libdwarf Project | 2 Fedora, Libdwarf | 2024-11-21 | 8.8 High |
| libdwarf 0.4.1 has a double free in _dwarf_exec_frame_instr in dwarf_frame.c. | ||||
| CVE-2022-39002 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 9.8 Critical |
| Double free vulnerability in the storage module. Successful exploitation of this vulnerability will cause the memory to be freed twice. | ||||
| CVE-2022-36234 | 1 Simplenetwork Project | 1 Simplenetwork | 2024-11-21 | 7.5 High |
| SimpleNetwork TCP Server commit 29bc615f0d9910eb2f59aa8dff1f54f0e3af4496 was discovered to contain a double free vulnerability which is exploited via crafted TCP packets. | ||||
| CVE-2022-34495 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 5.5 Medium |
| rpmsg_probe in drivers/rpmsg/virtio_rpmsg_bus.c in the Linux kernel before 5.18.4 has a double free. | ||||
| CVE-2022-34494 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 5.5 Medium |
| rpmsg_virtio_add_ctrl_dev in drivers/rpmsg/virtio_rpmsg_bus.c in the Linux kernel before 5.18.4 has a double free. | ||||
| CVE-2022-33307 | 1 Qualcomm | 220 Aqt1000, Aqt1000 Firmware, Qam8255p and 217 more | 2024-11-21 | 8.4 High |
| Memory Corruption due to double free in automotive when a bad HLOS address for one of the lists to be mapped is passed. | ||||
| CVE-2022-33231 | 1 Qualcomm | 438 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8098 and 435 more | 2024-11-21 | 9.3 Critical |
| Memory corruption due to double free in core while initializing the encryption key. | ||||
| CVE-2022-33227 | 1 Qualcomm | 142 Aqt1000, Aqt1000 Firmware, Csrb31024 and 139 more | 2024-11-21 | 6.7 Medium |
| Memory corruption in Linux android due to double free while calling unregister provider after register call. | ||||
| CVE-2022-33033 | 1 Gnu | 1 Libredwg | 2024-11-21 | 7.8 High |
| LibreDWG v0.12.4.4608 was discovered to contain a double-free via the function dwg_read_file at dwg.c. | ||||
| CVE-2022-32962 | 1 Hinet | 1 Hicos Natural Person Credential Component Client | 2024-11-21 | 6.8 Medium |
| HiCOS’ client-side citizen certificate component has a double free vulnerability. An unauthenticated physical attacker can exploit this vulnerability to corrupt memory and execute arbitrary code, manipulate system data or terminate service. | ||||