VYPR

CWE-415

Double Free

VariantDraftLikelihood: High

Description

The product calls free() twice on the same memory address.

Hierarchy (View 1000)

Children

none

CVEs mapped to this weakness (275)

page 3 of 14
  • CVE-2026-12043HigJun 12, 2026
    risk 0.57cvss 8.8epss 0.00

    Improper handling of HPACK dynamic table size updates in the AWS Common Runtime aws-c-http library might allow a remote threat actor operating a server to cause memory corruption on a connecting client application, potentially leading to arbitrary code execution, via a crafted…

  • CVE-2026-43011CriMay 1, 2026
    risk 0.57cvss 9.8epss 0.01

    In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix potential double free of skb When alloc_skb fails in x25_queue_rx_frame it calls kfree_skb(skb) at line 48 and returns 1 (error). This error propagates back through the call chain: …

  • CVE-2026-31609CriApr 24, 2026
    risk 0.57cvss 9.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: smb: client: avoid double-free in smbd_free_send_io() after smbd_send_batch_flush() smbd_send_batch_flush() already calls smbd_free_send_io(), so we should not call it again after smbd_post_send() moved it to…

  • CVE-2026-31608CriApr 24, 2026
    risk 0.57cvss 9.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: smb: server: avoid double-free in smb_direct_free_sendmsg after smb_direct_flush_send_list() smb_direct_flush_send_list() already calls smb_direct_free_sendmsg(), so we should not call it again after…

  • CVE-2026-23098HigFeb 4, 2026
    risk 0.57cvss 8.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: netrom: fix double-free in nr_route_frame() In nr_route_frame(), old_skb is immediately freed without checking if nr_neigh->ax25 pointer is NULL. Therefore, if nr_neigh->ax25 is NULL, the caller function will…

  • CVE-2018-11982HigSep 20, 2018
    risk 0.57cvss 8.8epss 0.00

    In Snapdragon (Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 835,…

  • CVE-2018-17097HigSep 16, 2018
    risk 0.57cvss 8.8epss 0.03

    The WavFileBase class in WavFile.cpp in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (double free) or possibly have unspecified other impact, as demonstrated by SoundStretch.

  • CVE-2018-1000216HigAug 20, 2018
    risk 0.57cvss 8.8epss 0.01

    Dave Gamble cJSON version 1.7.2 and earlier contains a CWE-415: Double Free vulnerability in cJSON library that can result in Possible crash or RCE. This attack appear to be exploitable via Attacker must be able to force victim to print JSON data, depending on how cJSON library…

  • CVE-2018-14054CriJul 13, 2018
    risk 0.57cvss 9.8epss 0.03

    A double free exists in the MP4StringProperty class in mp4property.cpp in MP4v2 2.0.0. A dangling pointer is freed again in the destructor once an exception is triggered.

  • CVE-2018-11416HigMay 24, 2018
    risk 0.57cvss 8.8epss 0.02

    jpegoptim.c in jpegoptim 1.4.5 (fixed in 1.4.6) has an invalid use of realloc() and free(), which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

  • CVE-2018-3845HigApr 26, 2018
    risk 0.57cvss 8.8epss 0.03

    In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, a crafted OpenDocument document can lead to a SkCanvas object double free resulting in direct code execution.

  • CVE-2017-7393HigApr 1, 2017
    risk 0.57cvss 8.8epss 0.02

    In TigerVNC 1.7.1 (VNCSConnectionST.cxx VNCSConnectionST::fence), an authenticated client can cause a double free, leading to denial of service or potentially code execution.

  • CVE-2025-20134HigAug 14, 2025
    risk 0.56cvss 8.6epss 0.00

    A vulnerability in the certificate processing of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a…

  • CVE-2017-6074HigFeb 18, 2017
    risk 0.54cvss 7.8epss 0.06

    The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application…

  • CVE-2024-3446HigApr 9, 2024
    risk 0.53cvss 8.2epss 0.00

    A double free vulnerability was found in QEMU virtio devices (virtio-gpu, virtio-serial-bus, virtio-crypto), where the mem_reentrancy_guard flag insufficiently protects against DMA reentrancy issues. This issue could allow a malicious privileged guest user to crash the QEMU…

  • CVE-2017-10914HigJul 5, 2017
    risk 0.53cvss 8.1epss 0.02

    The grant-table feature in Xen through 4.8.x has a race condition leading to a double free, which allows guest OS users to cause a denial of service (memory consumption), or possibly obtain sensitive information or gain privileges, aka XSA-218 bug 2.

  • CVE-2016-8360HigFeb 13, 2017
    risk 0.53cvss 8.1epss 0.02

    An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. A specially crafted URL request sent to the SoftCMS ASP Webserver can cause a double free condition on the server allowing an attacker to modify memory locations and possibly cause a denial of service or the…

  • CVE-2003-1048HigJul 27, 2004
    risk 0.53cvss 7.8epss 0.27

    Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image.

  • CVE-2018-5379HigFeb 19, 2018
    risk 0.52cvss 7.5epss 0.39

    The Quagga BGP daemon (bgpd) prior to version 1.2.3 can double-free memory when processing certain forms of UPDATE message, containing cluster-list and/or unknown attributes. A successful attack could cause a denial of service or potentially allow an attacker to execute…

  • CVE-2026-33838HigMay 12, 2026
    risk 0.51cvss 7.8epss 0.00

    Double free in Windows Message Queuing allows an authorized attacker to elevate privileges locally.