CWE-415
Double Free
Description
The product calls free() twice on the same memory address.
Hierarchy (View 1000)
CVEs mapped to this weakness (275)
page 11 of 14| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-23868 | Med | 0.33 | 5.1 | 0.00 | Mar 10, 2026 | Giflib contains a double-free vulnerability that is the result of a shallow copy in GifMakeSavedImage and incorrect error handling. The conditions needed to trigger this vulnerability are difficult but may be possible. | ||
| CVE-2026-5657 | Med | 0.29 | 5.5 | 0.00 | Apr 30, 2026 | iLBC codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||
| CVE-2015-8894 | Med | 0.29 | 5.5 | 0.01 | Mar 15, 2017 | Double free vulnerability in coders/tga.c in ImageMagick 7.0.0 and later allows remote attackers to cause a denial of service (application crash) via a crafted tga file. | ||
| CVE-2016-8619 | Med | 0.28 | 5.3 | 0.05 | Aug 1, 2018 | The function `read_data()` in security.c in curl before version 7.51.0 is vulnerable to memory double free. | ||
| CVE-2016-8618 | Med | 0.28 | 5.3 | 0.05 | Jul 31, 2018 | The libcurl API function called `curl_maprintf()` before version 7.51.0 can be tricked into doing a double-free due to an unsafe `size_t` multiplication, on systems using 32 bit `size_t` variables. | ||
| CVE-2026-33995 | Med | 0.27 | 5.3 | 0.00 | Mar 30, 2026 | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, a double-free vulnerability in kerberos_AcceptSecurityContext() and kerberos_InitializeSecurityContextA() (WinPR, winpr/libwinpr/sspi/Kerberos/kerberos.c) can cause a crash in any FreeRDP… | ||
| CVE-2026-35188 | Med | 0.26 | 5.0 | 0.00 | Jun 9, 2026 | Issue summary: A malicious server can exploit TLS OCSP stapling by delivering a crafted response through the status_request extension, triggering a double-free in the client's certificate verification path. Impact summary: Successful exploitation allows an attacker to corrupt… | ||
| CVE-2026-48850 | Low | 0.24 | 3.7 | 0.00 | May 25, 2026 | PuTTY 0.72 before 0.84 has a double free in RSA KEX. | ||
| CVE-2026-32848 | Med | 0.24 | 4.7 | 0.00 | May 18, 2026 | NetBSD prior to commit ec8451e contains a race condition vulnerability in cryptodev_op() within the opencrypto subsystem that allows local attackers to trigger a double-free condition by concurrently issuing CIOCCRYPT operations on the same session identifier on SMP systems.… | ||
| CVE-2025-2925 | Low | 0.21 | 3.3 | 0.00 | Mar 28, 2025 | A vulnerability has been found in HDF5 up to 1.14.6 and classified as problematic. This vulnerability affects the function H5MM_realloc of the file src/H5MM.c. The manipulation of the argument mem leads to double free. The attack needs to be approached locally. The exploit has… | ||
| CVE-2026-45324 | Low | 0.14 | 3.3 | 0.00 | May 29, 2026 | Rizin is a UNIX-like reverse engineering framework and command-line toolset. There is a double free in librz/core/cmd/cmd_search.c:byte_pattern_search() due wrong pointer ownership declared. This vulnerability is fixed by commit 045fff363b42b8a6dda8ad5229c29ec3267e7dbe. | ||
| CVE-2025-13566 | Low | 0.14 | 3.3 | 0.00 | Nov 23, 2025 | A security vulnerability has been detected in jarun nnn up to 5.1. The impacted element is the function show_content_in_floating_window/run_cmd_as_plugin of the file nnn/src/nnn.c. The manipulation leads to double free. An attack has to be approached locally. The identifier of… | ||
| CVE-2026-44348 | Low | 0.09 | 2.5 | 0.00 | May 14, 2026 | PoDoFo is a C++17 PDF manipulation library. From 1.0.0 to before 1.0.4, a double-free vulnerability exists in compute_hash_to_sign() in src/podofo/private/OpenSSLInternal_Ripped.cpp. If EVP_DigestFinal fails after buf has already been freed, the Error label frees buf a second… | ||
| CVE-2003-0015 | 0.05 | — | 0.24 | Feb 7, 2003 | Double-free vulnerability in CVS 1.11.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed Directory request, as demonstrated by bypassing write checks to execute Update-prog and Checkin-prog commands. | |||
| CVE-2014-1767 | 0.04 | — | 0.13 | Jul 8, 2014 | Double free vulnerability in the Ancillary Function Driver (AFD) in afd.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows… | |||
| CVE-2015-0058 | 0.03 | — | 0.03 | Feb 11, 2015 | Double free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 allows local users to gain privileges via a crafted application, aka "Windows Cursor Object Double Free Vulnerability." | |||
| CVE-2015-0312 | 0.01 | — | 0.07 | Jan 28, 2015 | Double free vulnerability in Adobe Flash Player before 13.0.0.264 and 14.x through 16.x before 16.0.0.296 on Windows and OS X and before 11.2.202.440 on Linux allows attackers to execute arbitrary code via unspecified vectors. | |||
| CVE-2014-0301 | 0.01 | — | 0.14 | Mar 12, 2014 | Double free vulnerability in qedit.dll in DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute… | |||
| CVE-2010-4494 | 0.01 | — | 0.08 | Dec 7, 2010 | Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling. | |||
| CVE-2007-1216 | 0.01 | — | 0.10 | Apr 6, 2007 | Double free vulnerability in the GSS-API library (lib/gssapi/krb5/k5unseal.c), as used by the Kerberos administration daemon (kadmind) in MIT krb5 before 1.6.1, when used with the authentication method provided by the RPCSEC_GSS RPC library, allows remote authenticated users to… |
- risk 0.33cvss 5.1epss 0.00
Giflib contains a double-free vulnerability that is the result of a shallow copy in GifMakeSavedImage and incorrect error handling. The conditions needed to trigger this vulnerability are difficult but may be possible.
- risk 0.29cvss 5.5epss 0.00
iLBC codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
- risk 0.29cvss 5.5epss 0.01
Double free vulnerability in coders/tga.c in ImageMagick 7.0.0 and later allows remote attackers to cause a denial of service (application crash) via a crafted tga file.
- risk 0.28cvss 5.3epss 0.05
The function `read_data()` in security.c in curl before version 7.51.0 is vulnerable to memory double free.
- risk 0.28cvss 5.3epss 0.05
The libcurl API function called `curl_maprintf()` before version 7.51.0 can be tricked into doing a double-free due to an unsafe `size_t` multiplication, on systems using 32 bit `size_t` variables.
- risk 0.27cvss 5.3epss 0.00
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, a double-free vulnerability in kerberos_AcceptSecurityContext() and kerberos_InitializeSecurityContextA() (WinPR, winpr/libwinpr/sspi/Kerberos/kerberos.c) can cause a crash in any FreeRDP…
- risk 0.26cvss 5.0epss 0.00
Issue summary: A malicious server can exploit TLS OCSP stapling by delivering a crafted response through the status_request extension, triggering a double-free in the client's certificate verification path. Impact summary: Successful exploitation allows an attacker to corrupt…
- risk 0.24cvss 3.7epss 0.00
PuTTY 0.72 before 0.84 has a double free in RSA KEX.
- risk 0.24cvss 4.7epss 0.00
NetBSD prior to commit ec8451e contains a race condition vulnerability in cryptodev_op() within the opencrypto subsystem that allows local attackers to trigger a double-free condition by concurrently issuing CIOCCRYPT operations on the same session identifier on SMP systems.…
- risk 0.21cvss 3.3epss 0.00
A vulnerability has been found in HDF5 up to 1.14.6 and classified as problematic. This vulnerability affects the function H5MM_realloc of the file src/H5MM.c. The manipulation of the argument mem leads to double free. The attack needs to be approached locally. The exploit has…
- risk 0.14cvss 3.3epss 0.00
Rizin is a UNIX-like reverse engineering framework and command-line toolset. There is a double free in librz/core/cmd/cmd_search.c:byte_pattern_search() due wrong pointer ownership declared. This vulnerability is fixed by commit 045fff363b42b8a6dda8ad5229c29ec3267e7dbe.
- risk 0.14cvss 3.3epss 0.00
A security vulnerability has been detected in jarun nnn up to 5.1. The impacted element is the function show_content_in_floating_window/run_cmd_as_plugin of the file nnn/src/nnn.c. The manipulation leads to double free. An attack has to be approached locally. The identifier of…
- risk 0.09cvss 2.5epss 0.00
PoDoFo is a C++17 PDF manipulation library. From 1.0.0 to before 1.0.4, a double-free vulnerability exists in compute_hash_to_sign() in src/podofo/private/OpenSSLInternal_Ripped.cpp. If EVP_DigestFinal fails after buf has already been freed, the Error label frees buf a second…
- CVE-2003-0015Feb 7, 2003risk 0.05cvss —epss 0.24
Double-free vulnerability in CVS 1.11.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed Directory request, as demonstrated by bypassing write checks to execute Update-prog and Checkin-prog commands.
- CVE-2014-1767Jul 8, 2014risk 0.04cvss —epss 0.13
Double free vulnerability in the Ancillary Function Driver (AFD) in afd.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows…
- CVE-2015-0058Feb 11, 2015risk 0.03cvss —epss 0.03
Double free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 allows local users to gain privileges via a crafted application, aka "Windows Cursor Object Double Free Vulnerability."
- CVE-2015-0312Jan 28, 2015risk 0.01cvss —epss 0.07
Double free vulnerability in Adobe Flash Player before 13.0.0.264 and 14.x through 16.x before 16.0.0.296 on Windows and OS X and before 11.2.202.440 on Linux allows attackers to execute arbitrary code via unspecified vectors.
- CVE-2014-0301Mar 12, 2014risk 0.01cvss —epss 0.14
Double free vulnerability in qedit.dll in DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute…
- CVE-2010-4494Dec 7, 2010risk 0.01cvss —epss 0.08
Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.
- CVE-2007-1216Apr 6, 2007risk 0.01cvss —epss 0.10
Double free vulnerability in the GSS-API library (lib/gssapi/krb5/k5unseal.c), as used by the Kerberos administration daemon (kadmind) in MIT krb5 before 1.6.1, when used with the authentication method provided by the RPCSEC_GSS RPC library, allows remote authenticated users to…