Total
646 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-21432 | 1 Qualcomm | 493 Aqt1000, Aqt1000 Firmware, Ar8035 and 490 more | 2025-08-11 | 7.8 High |
| Memory corruption while retrieving the CBOR data from TA. | ||||
| CVE-2024-23809 | 3 Fedoraproject, Libbiosig Project, The Biosig Project | 3 Fedora, Libbiosig, Libbiosig | 2025-08-10 | 9.8 Critical |
| A double-free vulnerability exists in the BrainVision ASCII Header Parsing functionality of The Biosig Project libbiosig 2.5.0 and Master Branch (ab0ee111). A specially crafted .vdhr file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2024-22097 | 3 Fedoraproject, Libbiosig Project, The Biosig Project | 3 Fedora, Libbiosig, Libbiosig | 2025-08-10 | 9.8 Critical |
| A double-free vulnerability exists in the BrainVision Header Parsing functionality of The Biosig Project libbiosig Master Branch (ab0ee111) and 2.5.0. A specially crafted .vdhr file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2024-12107 | 1 D3tn | 1 Ud3tn | 2025-08-05 | 7.5 High |
| Double-Free Vulnerability in uD3TN BPv7 Caused by Malformed Endpoint Identifier allows remote attacker to reliably cause DoS | ||||
| CVE-2025-4574 | 1 Redhat | 7 Directory Server, Enterprise Linux, Openshift and 4 more | 2025-08-03 | 6.5 Medium |
| In crossbeam-channel rust crate, the internal `Channel` type's `Drop` method has a race condition which could, in some circumstances, lead to a double-free that could result in memory corruption. | ||||
| CVE-2023-5178 | 3 Linux, Netapp, Redhat | 10 Linux Kernel, Active Iq Unified Manager, Solidfire \& Hci Management Node and 7 more | 2025-08-01 | 8.8 High |
| A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel. This issue may allow a malicious user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation. | ||||
| CVE-2014-0502 | 8 Adobe, Apple, Google and 5 more | 15 Adobe Air, Adobe Air Sdk, Flash Player and 12 more | 2025-07-30 | 8.8 High |
| Double free vulnerability in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in February 2014. | ||||
| CVE-2018-4990 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2025-07-30 | 8.8 High |
| Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Double Free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | ||||
| CVE-2020-9859 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2025-07-30 | 7.8 High |
| A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.5.1 and iPadOS 13.5.1, macOS Catalina 10.15.5 Supplemental Update, tvOS 13.4.6, watchOS 6.2.6. An application may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2021-22600 | 3 Debian, Linux, Netapp | 12 Debian Linux, Linux Kernel, H300s and 9 more | 2025-07-30 | 6.6 Medium |
| A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755 | ||||
| CVE-2025-32988 | 1 Redhat | 2 Enterprise Linux, Openshift | 2025-07-25 | 6.5 Medium |
| A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name (SAN) entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1_delete_structure() on an ASN.1 node it does not own, leading to a double-free condition when the parent function or caller later attempts to free the same structure. This vulnerability can be triggered using only public GnuTLS APIs and may result in denial of service or memory corruption, depending on allocator behavior. | ||||
| CVE-2025-8058 | 1 Gnu | 1 Glibc | 2025-07-25 | 4.2 Medium |
| The regcomp function in the GNU C library version from 2.4 to 2.41 is subject to a double free if some previous allocation fails. It can be accomplished either by a malloc failure or by using an interposed malloc that injects random malloc failures. The double free can allow buffer manipulation depending of how the regex is constructed. This issue affects all architectures and ABIs supported by the GNU C library. | ||||
| CVE-2024-44098 | 1 Google | 2 Android, Pixel | 2025-07-24 | 7.4 High |
| In lwis_device_event_states_clear_locked of lwis_event.c, there is a possible privilege escalation due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-2925 | 1 Hdfgroup | 1 Hdf5 | 2025-07-24 | 3.3 Low |
| A vulnerability has been found in HDF5 up to 1.14.6 and classified as problematic. This vulnerability affects the function H5MM_realloc of the file src/H5MM.c. The manipulation of the argument mem leads to double free. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2023-33952 | 2 Linux, Redhat | 5 Linux Kernel, Enterprise Linux, Enterprise Linux For Real Time and 2 more | 2025-07-23 | 6.7 Medium |
| A double-free vulnerability was found in handling vmw_buffer_object objects in the vmwgfx driver in the Linux kernel. This issue occurs due to the lack of validating the existence of an object prior to performing further free operations on the object, which may allow a local privileged user to escalate privileges and execute code in the context of the kernel. | ||||
| CVE-2018-1000216 | 1 Davegamble | 1 Cjson | 2025-07-22 | N/A |
| Dave Gamble cJSON version 1.7.2 and earlier contains a CWE-415: Double Free vulnerability in cJSON library that can result in Possible crash or RCE. This attack appear to be exploitable via Attacker must be able to force victim to print JSON data, depending on how cJSON library is used this could be either local or over a network. This vulnerability appears to have been fixed in 1.7.3. | ||||
| CVE-2025-27051 | 2 Microsoft, Qualcomm | 21 Windows, Fastconnect 6900, Fastconnect 6900 Firmware and 18 more | 2025-07-21 | 7.8 High |
| Memory corruption while processing command message in WLAN Host. | ||||
| CVE-2024-30097 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-07-16 | 8.8 High |
| Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability | ||||
| CVE-2024-3187 | 1 Embedthis | 1 Goahead | 2025-07-13 | 5.9 Medium |
| This issue tracks two CWE-416 Use After Free (UAF) and one CWE-415 Double Free vulnerabilities in Goahead versions <= 6.0.0. These are caused by JST values not being nulled when freed during parsing of JST templates. If the ME_GOAHEAD_JAVASCRIPT flag is enabled, a remote attacker with the privileges to modify JavaScript template (JST) files could exploit this by providing malicious templates. This may lead to memory corruption, potentially causing a Denial of Service (DoS) or, in rare cases, code execution, though the latter is highly context-dependent. | ||||
| CVE-2024-56775 | 1 Linux | 1 Linux Kernel | 2025-07-11 | 7.8 High |
| In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix handling of plane refcount [Why] The mechanism to backup and restore plane states doesn't maintain refcount, which can cause issues if the refcount of the plane changes in between backup and restore operations, such as memory leaks if the refcount was supposed to go down, or double frees / invalid memory accesses if the refcount was supposed to go up. [How] Cache and re-apply current refcount when restoring plane states. | ||||